How My School Works.

[Snuupy]

Hey everyone.

This is my first thread post here at Hak5.

I know that there's a lanschool thread somewhere else in this forum, but it's /really/ old, and I'm not sure if it's updated anymore.

I'm just posting results that I've found, and everything that I've done from exploring the network at my school. I'm doing this because it's interesting and I've found that it's a lot more complicated than I thought it was. This isn't to fuck stuff up for others, or screw with other people for "shits and giggles", but rather, it was interesting for me to find out about.

moving on to what I've found.

Originally, when I first started looking around computer systems, I thought that little icon in the corner (we use windows XP)was tracking our every move and blocking web sites.

I also saw that there were two school networks, one for admins, and one for students. The admin network was named "Network-A", and the student one, subsequently, was named "Network-S". Logging in with student credentials didn't work for the admin network. I'm not sure if this matters.

I found that our school uses LanSchool 7.2.0.3, and it's not updated to the latest version, 7.6.

This means that some programs created in the past /can/ exploit this program, and I've tested it on the school networks. I've been using ClassDoom (Google?) and it's just been destroying LanSchool. My school uses the program to monitor people while they're using the computer, and to keylog them.

Not only do they use LanSchool, but they also use a web filter, called M86 (which I found today, after the school server which rerouted everything crashed and showed an error message).

They've blocked all non standard ports, except when you crash LanSchool, and that opens up port 796 so you can run some sort of VNC server on it - if you really wanted to.

Now the other half of the truth was that they were using M86 Web Filtering and blocking Youtube, Facebook, and a shitload of other sites, some useful, some not. I noticed that they block all proxy sites (if they can help it), but sometimes super new ones don't get blocked. They block all VPN connections, but not FTP. They block Glype and PHProxy scripts, but I'm not sure how or what formula they use to do that. They haven't blocked Zelune yet, and I tried it on a free host today, which worked.

I'm not sure what's next for me to try and find out, but I really want to see how the network is set up so I can learn more about it.

If you guys have any more ideas about this, I'd really like to hear them.

I'm not really into the "GO HACK GRADES NAO GO GO GO", but I'd really like to see what I can do with my laptop (slow) and school computers (:

Thanks,

Snuupy

Edited July 12, 2011 by Snuupy

[The Sorrow]

1. The student/admin networks are probably separate domains

2. Don't go poking around your school's network. I graduated from school as a student technician and messing around on our network in any way was strictly forbidden and eligible for suspension/expulsion depending on what the kid thought he could "do" on the network.

In summation, school is for school. Unless your school has a separate lab/network/subnet for a networking/computer studies class, stick to doing school stuff.

[Snuupy]

1. The student/admin networks are probably separate domains

2. Don't go poking around your school's network. I graduated from school as a student technician and messing around on our network in any way was strictly forbidden and eligible for suspension/expulsion depending on what the kid thought he could "do" on the network.

In summation, school is for school. Unless your school has a separate lab/network/subnet for a networking/computer studies class, stick to doing school stuff.

1. I think they are.

2. :o I didn't know that. The thing is, if we want to improve the school network to make it more secure, why aren't we allowed to poke around?

I thought school was a place to learn and explore, so that you could learn more from it. Yes, we do have a "tech" class where you do almost nothing for half the time :S

I hope my position about this is clear - I'm not trying to fuck stuff up, I just want to learn more about this, but if it's still suggested to not mess around with school networks, then I'll take that advice.

[The Sorrow]

I understand entirely. Thats how i landed a tech position as a student sophomore through senior year.

However, unless you express your interest to the school principle or whoever you need to go through in order to attain that position. And if you dont have that position, its not your job to address the network security issues.

School is a place to learn, with full guidance and permission of your teachers.

[Snuupy]

I understand entirely. Thats how i landed a tech position as a student sophomore through senior year.

However, unless you express your interest to the school principle or whoever you need to go through in order to attain that position. And if you dont have that position, its not your job to address the network security issues.

School is a place to learn, with full guidance and permission of your teachers.

Were you looking at their network with their permission the whole time? That's pretty awesome, how did you convince them to let you do that?

It's not my job, but I'd like to learn more about it if I can, and if it helps others on the way, all the better for me, and my school.

Could you clarify on why you think that poking around the network - and not harming, touching, or breaking anything wouldn't be a good idea? It's like looking at someone else's car on the street while walking on the road, no police officer arrests you for that, unless you start vandalizing the car.

[The Sorrow]

I was a student with written permission of the school board to act as a Junior Network Technician\Admin. I was screened by the IT Director and signed a contract stating i would do no harm to the integrity of the network upon expulsion and full punishment of the law. Your dealing with private information and very sensitive data. They're gonna be very picky about it.

I learned for the most part on my own systems. VMWare player is free after all.

Looking at a car is the incorrect example. Think of the network as, well, a hotel. You can walk around the building halls all you want. As soon as you find an open door however, if you enter its trespassing. Same thing as traversing the network. As soon as you access another machines files your guilty. Especially as a student that may get to a teachers machine even by accident. If i accidentally walk onto someones land they have full right to sue (or shoot where im from) because of trespassing.

[Infiltrator]

Whilst experimenting these techniques are good for learning purposes, I would not encourage doing that on a network other than yours. If you really want to get into the realm of pen-testing, I would suggest practicing on your own or at least seeking approval.

Besides poking around on other people's network without their consent and permission, is just asking for trouble and I say this from my own experience too. I used to be just like you, curious and always exploring new things until one day at my high school, I got caught and warned for what I was doing.

Anyway, they gave a warning and advised me not to do again, or else I would face expulsion.

[The Sorrow]

Whilst experimenting these techniques are good for learning purposes, I would not encourage doing that on a network other than yours. If you really want to get into the realm of pen-testing, I would suggest practicing on your own or at least seeking approval.

Besides poking around on other people's network without their consent and permission, is just asking for trouble and I say this from my own experience too. I used to be just like you, curious and always exploring new things until one day at my high school, I got caught and warned for what I was doing.

Anyway, they gave a warning and advised me not to do again, or else I would face expulsion.

You sound very much like me Infiltrator. I got warned for similar issues at my middle school, went to high school, transfered to another school sophmore year. I saw their network was... sad at best. So i asked the head tech if i could be an admin. We got talking and he liked the idea. (Oregon is very under-funded). They cleared it and the rest has either been stated or is history.

[Snuupy]

I was a student with written permission of the school board to act as a Junior Network Technician\Admin. I was screened by the IT Director and signed a contract stating i would do no harm to the integrity of the network upon expulsion and full punishment of the law. Your dealing with private information and very sensitive data. They're gonna be very picky about it.

I learned for the most part on my own systems. VMWare player is free after all.

Looking at a car is the incorrect example. Think of the network as, well, a hotel. You can walk around the building halls all you want. As soon as you find an open door however, if you enter its trespassing. Same thing as traversing the network. As soon as you access another machines files your guilty. Especially as a student that may get to a teachers machine even by accident. If i accidentally walk onto someones land they have full right to sue (or shoot where im from) because of trespassing.

Wait, why would they ask you to "do no harm to the integrity of the network upon expulsion and full punishment of the law" if you weren't going to mess up their networks? Also, how is the information about the software private when the network names are listed out right in the open of the school and area, with their software and versions posted?

VMWare and other virtualization tools are free, but nothing's going to be the same as the school software and its combination of restrictions.

Okay, well using the Hotel example - Guests /are/ allowed to look around their rooms and find out everything they have in that room. If they go into specific rooms, they would be charged, just like if you went on admin accounts, you would be charged as well. I wasn't going on files on another machine, I was looking around at the network and its policies and software. I haven't modified anything, copied, or "hacked" anything, except testing the LanSchool program that I found, where my teacher saw what I was doing.

[Infiltrator]

Wait, why would they ask you to "do no harm to the integrity of the network upon expulsion and full punishment of the law" if you weren't going to mess up their networks? Also, how is the information about the software private when the network names are listed out right in the open of the school and area, with their software and versions posted?

The reason is very simple, you already know what the ins and outs of your school network are, you also know where the weakness are. You've tried to warn them about these security issues, but they have been negligent you take the matter into your own hands and decide to do a bit of poking around on the network only find that you managed to break into your schools principal computer.

Now they find out it was you who did it, and they give you a warning stating that you shall not attempt to do any illegal activity ever again or face expulsion. Months passes and nothing has been done about the security breach, they haven't even patched the security hole.

Now from this we can learn that, if you were a bad student and got expelled from school you could from outside hack into the schools system and still break into the principals computer.

Moreover that's what they mean by this, there could be other reasons too but that's the only reason I can think for the moment.

Edited July 13, 2011 by Infiltrator

[Snuupy]

Whilst experimenting these techniques are good for learning purposes, I would not encourage doing that on a network other than yours. If you really want to get into the realm of pen-testing, I would suggest practicing on your own or at least seeking approval.

Besides poking around on other people's network without their consent and permission, is just asking for trouble and I say this from my own experience too. I used to be just like you, curious and always exploring new things until one day at my high school, I got caught and warned for what I was doing.

Anyway, they gave a warning and advised me not to do again, or else I would face expulsion.

But you weren't doing anything bad - so why would they be worrying?

What's wrong with exploring the network if you don't harm it? Are they scared of the knowledge that someone else knows about stuff that only admins know?

The reason is very simple, you already know what the ins and outs of your school network are, you also know where the weakness are. You've tried to warn them about these security issues, but they have been negligent you take the matter into your own hands and decide to do a bit of poking around on the network only find that you managed to break into your schools principal computer.

Now they find out it was you who did it, and they give you a warning stating that you shall not attempt to do any illegal activity ever again or face expulsion. Months passes and nothing has been done about the security breach, they haven't even patched the security hole.

Now from this we can learn that, if you were a bad student and got expelled from school you could from outside hack into the schools system and still break into the principals computer.

Moreover that's what they mean by this, there could be other reasons too but that's the only reason I can think for the moment.

Okay, I get that, but why would they warn or discourage you from finding these holes? Shouldn't they WANT holes to be found so they can be as secure as possible? What if a black hat hacker comes around and hacks the shit out of them? The part I don't get is why I'm being told that administration doesn't want me to be finding weaknesses in the system. I mean, look at Apple. They block exploits every single time a new jailbreak is posted and made public. They update and fix holes every month or two. Shouldn't schools be doing that too? They're exposed to the public too.

Edit: combined two posts to the first post

Edited July 13, 2011 by Snuupy

[Snuupy]

--Double post, sorry--

Edited July 13, 2011 by Snuupy

[Infiltrator]

But you weren't doing anything bad - so why would they be worrying?

What's wrong with exploring the network if you don't harm it? Are they scared of the knowledge that someone else knows about stuff that only admins know?

I know exactly what you mean and whether you know what you are doing or not. Its what fear them the most. School's network administrators are very protective of their network, it takes them a very a long time to get whole system set up and running. And to have someone snooping or exploring their network is what makes them concerned. You may not have intention of breaking or causing harm but sometimes, the temptation can overwhelm us.

Back in high school, i wasn't the only one but I had a college who broke into the server several times and that had the IT admin, the teachers and the school's principal extremely worried, as result they gave him a warning and booted him off the system for several months. He was also warned not to come in contact with any of the schools computers or face expulsion.

[The Sorrow]

In my case they were ok with me poking around because that became my job. In your scenario however, it is not. Being in a situation where i have access and superior knowledge than the average user, they make every legal provision they can to assure i wont do harm. Its known as security for the institution hiring me. Would you want someone accessing your child's sensitive information? I think not. Just like at bank's IT department. Everyone goes through a background check, drug test and other tests to assure they will not do anything malicious. Its all about what can and will happen, not what ifs.

In any situation coming from a network security standpoint you expect and prepare for the worst. The best way to prevent other children from hacking or damaging networks and accessing private files is to make an example of someone who DOES do such things. My junior year some smart alecs figured they'd make admin accounts on the domain. I caught this and they were carried off the grounds in handcuffs and ankle shackles. They were expelled, and when they returned to school the following year they were not allowed to work on any computer let alone be near one.

And asking an adolescent that knows mostly how to break things to find holes is like encouraging a drug cartel to rob your store. You just don't do it.

EDIT

-------------

Infiltrators example is flawless. Prevention is better than recovery.

Edited July 13, 2011 by The Sorrow

[Infiltrator]

Okay, I get that, but why would they warn or discourage you from finding these holes? Shouldn't they WANT holes to be found so they can be as secure as possible? What if a black hat hacker comes around and hacks the shit out of them? The part I don't get is why I'm being told that administration doesn't want me to be finding weaknesses in the system. I mean, look at Apple. They block exploits every single time a new jailbreak is posted and made public. They update and fix holes every month or two. Shouldn't schools be doing that too? They're exposed to the public too.

I agree with you and every school IT administrator should be doing that, but it always comes down to the resources they have (time, money, experience and the list goes).

[Snuupy]

I agree with you and every school IT administrator should be doing that, but it always comes down to the resources they have (time, money, experience and the list goes).

Even if we offer to fix it for them? (it's as simple as upgrading to a new version of LanSchool)

In my case they were ok with me poking around because that became my job. In your scenario however, it is not. Being in a situation where i have access and superior knowledge than the average user, they make every legal provision they can to assure i wont do harm. Its known as security for the institution hiring me. Would you want someone accessing your child's sensitive information? I think not. Just like at bank's IT department. Everyone goes through a background check, drug test and other tests to assure they will not do anything malicious. Its all about what can and will happen, not what ifs.

But my child isn't publicly accessible. If there was a sickness in my baby, I'd want whoever found it to tell me too, so I could bring it to a doc and let it get fixed. Same thing for what I'm thinking here. I see a sickness in the network. If it's left open, can't /anybody else/ find that hole too?

In any situation coming from a network security standpoint you expect and prepare for the worst. The best way to prevent other children from hacking or damaging networks and accessing private files is to make an example of someone who DOES do such things. My junior year some smart alecs figured they'd make admin accounts on the domain. I caught this and they were carried off the grounds in handcuffs and ankle shackles. They were expelled, and when they returned to school the following year they were not allowed to work on any computer let alone be near one.

And asking an adolescent that knows mostly how to break things to find holes is like encouraging a drug cartel to rob your store. You just don't do it.

EDIT

-------------

Infiltrators example is flawless. Prevention is better than recovery.

So by making an example of the person that tries to help them find holes, they're kinda doing what Sony did of hackers to do things the PS3 couldn't do before? Suing them so that they'd make an "example" out of them, even when they made the console better? How does that make anything better or improved?

I'm not breaking anything. At my school, they have a computers that just go back to normal EVEN if you could delete everything off of them. It's like their hard drives are frozen in one state. I'm not asking for the druggie to rob the store. It's like the druggie pointing out that the camera isn't monitoring a side of the wall, and that a simple move would fix that. No one (or me) is breaking anything or harming anything. That't not my goal.

Edited July 13, 2011 by Snuupy

[Infiltrator]

So by making an example of the person that tries to help them find holes, they're kinda doing what Sony did of hackers to do things the PS3 couldn't do before? Suing them so that they'd make an "example" out of them, even when they made the console better? How does that make anything better or improved?

I'm not breaking anything. At my school, they have a computers that just go back to normal EVEN if you could delete everything off of them. It's like their hard drives are frozen in one state. I'm not asking for the druggie to rob the store. It's like the druggie pointing out that the camera isn't monitoring a side of the wall, and that a simple move would fix that. No one (or me) is breaking anything or harming anything. That't not my goal.

Apparently that's how things in IT can work sometimes, bad things have to happen, for someone to notice and take action. For instance, Sony was only concerned with making money and obviously not concerned with the security of their network in general. Moreover, someone from the outside had to teach them a lesson about security and that's what happened.

They lost millions of dollars, their reputation was put on the line and their clients might have lost their trust in them. Moral of the story, I think any person in charge of an IT system should have some experience with network security.

Edited July 13, 2011 by Infiltrator

[The Sorrow]

I was meaning your child as in his social security number, grades, files etc. In short, it takes a lot of clearance to do what we do and few people are willing to risk giving an adolescent access to said information. There was a lot of stuff i wasn't allowed to se even in the position i got.

[Infiltrator]

I was meaning your child as in his social security number, grades, files etc. In short, it takes a lot of clearance to do what we do and few people are willing to risk giving an adolescent access to said information. There was a lot of stuff i wasn't allowed to se even in the position i got.

Another reason not to hack into the network, if you get expelled or you will go to jail.

[Snuupy]

Another reason not to hack into the network, if you get expelled or you will go to jail.

I wasn't going to hack in it, I was planning to explore the network - not to cause trouble.

I was meaning your child as in his social security number, grades, files etc. In short, it takes a lot of clearance to do what we do and few people are willing to risk giving an adolescent access to said information. There was a lot of stuff i wasn't allowed to se even in the position i got.

What stuff were you not allowed to see? I mean, grades and information about people, but computer related stuff weren't you allowed?

Apparently that's how things in IT can work sometimes, bad things have to happen, for someone to notice and take action. For instance, Sony was only concerned with making money and obviously not concerned with the security of their network in general. Moreover, someone from the outside had to teach them a lesson about security and that's what happened.

They lost millions of dollars, their reputation was put on the line and their clients might have lost their trust in them. Moral of the story, I think any person in charge of an IT system should have some experience with network security.

So I have to fuck my school network up before they'll let me fix it(or someone else)?

I don't think my school's concerned with making money. If they had someone watch my back while I fixed it, what would be the problem?

Edited July 15, 2011 by Snuupy

[The Sorrow]

Computer and network stuff is gravy. That's not so much an issue. Any security admin or acting security admin (ie the only admin in the building) is paid to be paranoid. they assume the worst.

[Infiltrator]

So I have to fuck my school network up before they'll let me fix it(or someone else)?

I don't think my school's concerned with making money. If they had someone watch my back while I fixed it, what would be the problem?

A couple of things you could do, is get certified plus get some experience and then talk to your IT manager about becoming his assistant.

Edited July 16, 2011 by Infiltrator

[Remotesh]

I understand entirely. Thats how i landed a tech position as a student sophomore through senior year.

However, unless you express your interest to the school principle or whoever you need to go through in order to attain that position. And if you dont have that position, its not your job to address the network security issues.

School is a place to learn, with full guidance and permission of your teachers.

Thats pretty cool, I got my position as a school tech sophomore year (Last year) as well. Though i got it because i left my 8gb flash drive in Digital Design

Lets just say the port apps I had on it weren't for educating purposes, my usb switchblade was on it , and I had a whole bunch of pdf's on the new exploits and such.

(Note I did not use either the port apps or the usb switchblade, Digital Design was so easy I had an hour to read during class. The Teacher new less about

photoshop / gimp then I.)

Anyway she didn't know what the stuff that was on it was so she gave it to our IT man, he pulled me out next day ask me if this was mine (At this point I was getting nervous), I answered in the affirmative.

He then asked me if I like that stuff and such. I said yes, he asked if I wanted out of Digital Design I responded with a "Hell Yes!!!!" and got to be one of the schools student IT's. ( I think it helped that his wife was my Guidance Counselour :D)

Anyway I spent the rest of the three quarters pen testing certain environments he set up to helping teachers with their computers and putting them together.

Best class ever (And its weighted as AP!!)

I aced my final exam (Which happened to be "Beat Mike Tyson at Super Punch on the Snes" which of course was on an emulator that we set up in the ICU :D )

But you weren't doing anything bad - so why would they be worrying?

What's wrong with exploring the network if you don't harm it? Are they scared of the knowledge that someone else knows about stuff that only admins know?

Okay, I get that, but why would they warn or discourage you from finding these holes? Shouldn't they WANT holes to be found so they can be as secure as possible? What if a black hat hacker comes around and hacks the shit out of them? The part I don't get is why I'm being told that administration doesn't want me to be finding weaknesses in the system. I mean, look at Apple. They block exploits every single time a new jailbreak is posted and made public. They update and fix holes every month or two. Shouldn't schools be doing that too? They're exposed to the public too.

Edit: combined two posts to the first post

You should check out a book titled

"The Art Of Intrusion"

By Kevin Mitnick

Turn to the section titled "The Robin Hood Hacker"

It tells the story on how a Guy hacked into companies and told them their security holes and flaws,some of the companies took it in stride.

The other ones sued him.

It just goes to show that you should never assume even if you mean no harm you are in the clear.

If anyone else hasn't read that book I highly recommend it, its a great read.

Stay in the clear, with some VM's

Hope I helped,

-Remotesh

[Infiltrator]

If you are so eager in learning how to hack, can I suggest you to set up some VMs and use them as a foundation for your learning.

There are a couple of great tools you could use to make the learning more exciting, Backtrack and Metasploit. I would recommend to use Metasploit as a starting point and then move onto Backtrack, as you advance and gain more knowledge but you can try either tool and get a bit of a feel for both.

To learn how to use them, there are great websites with plenty of information,

Securitytube.net

Metageek.com

http://www.backtrack-linux.org/tutorials/

http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training.

http://www.hak5.org

Edited July 16, 2011 by Infiltrator

[Snuupy]

Thats pretty cool, I got my position as a school tech sophomore year (Last year) as well. Though i got it because i left my 8gb flash drive in Digital Design

Lets just say the port apps I had on it weren't for educating purposes, my usb switchblade was on it , and I had a whole bunch of pdf's on the new exploits and such.

(Note I did not use either the port apps or the usb switchblade, Digital Design was so easy I had an hour to read during class. The Teacher new less about

photoshop / gimp then I.)

Anyway she didn't know what the stuff that was on it was so she gave it to our IT man, he pulled me out next day ask me if this was mine (At this point I was getting nervous), I answered in the affirmative.

He then asked me if I like that stuff and such. I said yes, he asked if I wanted out of Digital Design I responded with a "Hell Yes!!!!" and got to be one of the schools student IT's. ( I think it helped that his wife was my Guidance Counselour :D)

Anyway I spent the rest of the three quarters pen testing certain environments he set up to helping teachers with their computers and putting them together.

Best class ever (And its weighted as AP!!)

I aced my final exam (Which happened to be "Beat Mike Tyson at Super Punch on the Snes" which of course was on an emulator that we set up in the ICU :D )

That's just awesome xD

You should check out a book titled

"The Art Of Intrusion"

By Kevin Mitnick

I actually read that already - but I can read it again.

Turn to the section titled "The Robin Hood Hacker"

It tells the story on how a Guy hacked into companies and told them their security holes and flaws,some of the companies took it in stride.

The other ones sued him.

It just goes to show that you should never assume even if you mean no harm you are in the clear.

If anyone else hasn't read that book I highly recommend it, its a great read.

Stay in the clear, with some VM's

Hope I helped,

-Remotesh

I don't remember, but the companies that sued him - how did they win?