Jump to content

Zack Fasel

  • Posts

  • Joined

  • Last visited

Posts posted by Zack Fasel

  1. Starting Tomorrow (Friday), ChicagoCon (www.chicagocon.com), an upcoming Information Security / Hacker conference, is taking place just outside of the city (in Oakbrook, IL). Conference tickets are only $100 bucks for the 2 days - not a bad deal for the talk lineup provided. If you're in the area (or within a drive) come on by. I'll be there Friday and Saturday along with a large number of Chicago2600/DC312ers.

    Got any questions about the con? Stopping by? Ping me on twitter @zfasel or post a reply here.

  2. @hurtcake I want to make sure I follow this right - you trust an outside service for your web browsing more than you trust your university's network and you're OK with torrenting through their connection? You need to consider in addition to just them monitoring what you're doing that you're completely trusting the network on the other side with no knowledge of it - there could be rewriting of traffic or even logging of credentials / sessions.

    Your university may have in their privacy policy stating they can monitor traffic, etc. I previously worked for a University as a Network and Security Engineer that had a policy that stated such and the extent of the monitoring was logging of the TCP/UDP/IP headers only (see http://qosient.com/argus/) just for verification of takedown notices (we never trusted them without investigating it on our end) - we could see who you're talking to and how much, but not what was transmitted (similar to call records).

    Personally, I'd worry more about an untrusted network on the other side than my university's network. If you're really worried about them watching what you're doing, switch over to Tor (yes, it's slow as all heck) using Torbutton in Firefox for the time you need to use it.

  3. Joerg is right. There's 3 ways off the top of my head to initiate this from the outside:

    1) Corporate Service

    Services like GoToMyPC and LogMeIn (has a free version) were designed to handle this. But with this, comes monthly fees and it's not a full connection, just an RDP simulant.

    2) Hamachi

    Create your own hamachi network, and you'll be able to connect to it as if it's on the LAN (works excellent when you also want to host LAN parties and not worry about port forwarding / a dedicated server). Probably the easiest, and free, but you'll need to install hamachi, so if you're using public terminals that you don't have admin rights on, you're SOL.

    3) Make your own ReverseSSH/VNC Connection

    Two ways i can think of doing this:

    a ) Having a dedicated/virtual private server to forward this to (pricey, but you can do so much more with the VPS and you'll have a public IP presence) - You could always find a friend and bum a port and some bandwidth off of him.

    b ) Hack it - Setup a Cronjob or Scheduled Task to phone home to a website constantly, pull a file that gives an IP and port, and reverse tunnel to that IP/Port. Make sure you check the public keys if you do attempt to do this to prevent any kind of hijacking attempt, and this won't get you arround a firewall if you're behind one on your side.

    My personal recommendation is do number two if you're trying to do it quick, easy, free, and 3a if you're looking to have some fun and have the most felxibility - just watch your bandwidth usage over that link.

  • Create New...