Guide To Surviving IT Lockdown (Downloads + Links)

26 09 2006

I friggin hate IT lockdown. Most large companies are going this way in order to “protect” their PC’s. Which is bullllllloney. So they restrict your user rights on YOUR workstation, great. If they really wanted to protect their computers they’d hire some real IT guys who know their shit instead of brand new University of Phoenix grads.

Now that that’s out of the way, Let the guide begin.

Surviving corporate IT Lockdown by therealdonquixote

Things you will need:

1. A Thumbdrive or some removable storage device. Even email will do (as long as you have the ability to get on the web and save files to somewhere on your PC).

2. TORPark – you will need to run the self extracting “.exe” (ie self extracting7zip archive) at home or on a computer that you can run executable files on. Put it on a thumb drive or save it to a folder buried in a folder full of reports.

**UPDATE** Thanks to a comment from SCRIPT (see the comments below) WE HAVE JAP

Java Anon Proxy

Download here –

http://jap.en.softonic.com/ie/40314

**End Update**

3. From here on its up to you. I will give you a list of sites that have apps that require “No Install”. Some may require that you install the app to your thumb drive at home and then just pull the exe’s out and put them in your work PC. I don’t like those. I like fully portable apps. Here’s the list:

For the PenPack you will need to install it to your thumb drive or even an iPod (less conspicuous).

And that’s all she wrote. You now have all the tools at your disposal to survive IT lockdown.

This little guide was written in its entirety by therealdonquixote!!


Actions

Information

12 responses

27 09 2006
Guide to Surviving IT Lockdown « Through My Words…

[…] Check this article out. […]

27 09 2006
balut

“If they really wanted to protect their computers they’d hire some real IT guys who know their shit instead of brand new University of Phoenix grads.”

What about ITT and DeVry? I hear that they’re very reputable schools… =P

27 09 2006
sledgehbk

Can’t IT detect tor? Seems pretty risky.

27 09 2006
therealdonquixote

@ Sledgehbk
I highly doubt that your IT dept could detect TOR (even with regular port scans and application requests), especially if you run it from a thumb drive (or ipod) with a portable firewall that blocks those scans. However, I DO NOT reccommend that one uses TOR so you can look at porn at work! It is merely a tool that allows you to get to websites that you might not be able to see with IT filters being so broad. These sites might offer you the ability to do your job better, or sites that can give you information that you need. I have been running TOR for almost 2 years now and never had a problem, and I work for a LARGE corporation. Still, everything is “use at your own risk”.

There is another app called JAP that encrypts your traffic before it even goes out. Its a Java app that I have been searching for for months. Free link to anyone who finds it!!

@ Balut
Any school that you actually attend is useful (I’ve done the online course thing and its just too easy to get by with a minimum of work). The education is useful especially if you take the time to learn from your courses (as opposed to just collecting a degree for time served). Education is there for the taking, but many refuse to take it even when they have it at their disposal. If your planned occupation is IT or IS then learn your field, every inch of it. Explore every avenue. I’ve met IT people that don’t know what Gmail is?!?!!?! I’ve met IT people that don’t know what the “at” command can do!! Those are the people that companies should not hire. Hire people who know what linux is, and how to run ALL the commands in the Windows command prompt. I’m not criticizing the people who get educations from ITT or DeVry, far from it, they are getting an education to better their life. I am pointing out that many companies hire cheep labor, and not real IT enthusiasts.

27 09 2006
sledgehbk

Thanks for the input. It’s a difficult subject, not knowing truly what is going on in the IT side of things (security and surveillance).

I never intended on using my connection at work for nefarious purposes (porn or anything else that clearly would break my code of conduct), I just don’t want to get busted for leaving 30boxes and gmail open, you know? IE is super-super locked down, so I’m not even sure if torpark would work. Risk, risk, risk.

Thanks again!

28 09 2006
therealdonquixote

@ SLEDGE
Torpark is a no install version of FireFox with Tor already integrated into the browser’s proxy server connection. Which means that you do not even have to use IE (internet explorer).

However, if your IT dept is really a bunch of assholes, you may want to save you’re private browsing and personal email for when you get home.

Remember, legally anything you send through your company’s servers is PROPERTY OF THE COMPANY. That means that you’re personal emails via gmail or any webmail client are fair game for them to look through and use against you.

But on the other hand, if you’re just sending regular emails with no company information, you’re PROBABLY fine.

All this stuff is still ‘use at you’re own risk’. So if it’s you’re job vs email, go with you’re job. Unless you hate you’re job, then fuck it, hack the hell out of you’re worstation. Cause who want to stay at a job they hate really? note; you WILL get fired for hacking the hell out of your workstation.

The decision is up to you.

Free Will can be a real bitch sometimes.

28 09 2006
Alexander W. Janssen

@sledgehbk:
Detecting a TOR-client on your LAN is a bit tricky; However, there’s a website[1] which offers a list of most of the known TOR-nodes out in the wild. Someone could set up her/his Intrusion Detection in a way that it alerts the administrator if one of those machines is being accessed. However, if you tunnel your TOR-connection to the outside world[2], that remains completly unnoticed.
Detecting TOR-traffic just by traffic-analysis using snoop or tcpdump is not possible [3] since TOR encrypts all it’s traffic.
If you like to learn more about it you might want to join the or-talk mailinglist[4].

Hope that helps,
Alex.

[1] http://serifos.eecs.harvard.edu/cgi-bin/exit.pl
[2] http://itnomad.wordpress.com/2006/09/28/tor-howto-using-tor-through-a-ssh-tunnel/
[3] “not possible” – let’s say “really really difficult”. I’m not aware of a mechanism which differentiates TOR- from other usual SSL-encrypted traffic
[4] http://archives.seul.org/or/talk/

28 09 2006
script

Try the following link for a free version download of JAP. I haven’t used it but you mentioned that you were looking for it. Maybe this will help.
http://jap.en.softonic.com/ie/40314

28 09 2006
therealdonquixote

@ Script
You rock so much I can’t even explain in words how much you so fucking ROCK!!!

Tell me you URL and give me a logo cause you just earned a free big ass link.

28 09 2006
therealdonquixote

[…] Recent Rants therealdonquixote on Guide To Surviving IT Lockdown (Downloads + Links)script on Guide To Surviving IT Lockdown (Downloads + Links)Kahla on A Pregnant Man Gives Birth To Bones (Video?)therealdonquixote on Pope ‘meant no offence’ to Islam = Bullshit!!arjun on Pope ‘meant no offence’ to Islam = Bullshit!! […]

28 09 2006
therealdonquixote

@ ITnomad
THanks. Thats really awesome info. You rock. And you have been blog rolled under hacktastick.

15 06 2012
Ronaldinho

Great amazing things here. I am very happy to peer your post. Thanks a lot and i’m having a look forward to contact you. Will you please drop me a mail?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: