Jump to content

Spoofing End-User Policy Enforcement program?


icetigaurus

Recommended Posts

Hello, long time fan of Hak 5 here with a decent amount of computer skills.

My university requires Windows users to install Bradford Networks "Client Security Agent" in order to ensure that individual users have Symantec anti-virus, windows defender, and windows patches installed and up to date. If something isnt right, the computer gets quarantined until everything is installed and running. Requiring the anti-virus and windows defender to be on all the time significantly impacts the performance (and sometimes stability) of my computer, and being a gamer that just isn't acceptable.

I think that I would have no trouble taking care of my own computer as I have been doing it for years now and know what I am doing. Interestingly, my friend was able to access the network with no trouble at all after reformatting his computer (with windows xp 64-bit) even without the client security program running.

Any help on how I could either fake the traffic of the program or otherwise not have to keep all of the anti-virus and whatnot running when I want to game would be very helpful.

Link to comment
Share on other sites

Even though doing so will probably violate the TOS. Wireshark the traffic and see what it actually does (if any thing) over the network. It may just do some thing simple like auth your computer with a SOCKS server.

Yeah I was thinking of doing that but I am on break now and won't be back until mid january. :?

Link to comment
Share on other sites

Could you run the program in a MS virtual PC client and use a router? Router and a second machine for the client? Or use a 2nd with pc 2 nics, internet connection sharing and running all the programs they require? Each one of these means that they will see a happy computer that doesn't break there rules, with a suspicions amount of unregulated traffic.

Link to comment
Share on other sites

Should work VaKo, additionally: If you are connected using like a LAN, you could just probably buy a Ethernet NAT router and stick like a well shit windows 2000 computer with auto updates turned on and just leave it. As long as it stays turned on you should be able to access the network.

Additional, if you turn on the firewall on the NAT router (if it has one, most of them have basic firewall functionality now) you put your computer(s) at much lower risk of been attacked by other people on the LAN, and for all intents and purposses they will have a much harder time knowing that you are actually connected to the LAN (assuming the firewall stealths ports).

BTW. This NAT stuff will only work if it does per-IP authentication. If it uses SOCKS authentication (for example) you can probably still use a NAT router (if it's featur-full enough, neither of mine are), if your NAT router doesn't support SOCKS proxy authentication (continuing the example), then you will have to do it per computer any way.

Link to comment
Share on other sites

Easy way to sort this is a WinXP box running ICS and the crapware they require, they would see one PC happily reporting that all is kosher, and you have a fast stable PC sans crapware. Cheaper than a router & dual PC setup, as all you really need is a low end desktop with 2 nics.

Link to comment
Share on other sites

Easy way to sort this is a WinXP box running ICS and the crapware they require, they would see one PC happily reporting that all is kosher, and you have a fast stable PC sans crapware. Cheaper than a router & dual PC setup, as all you really need is a low end desktop with 2 nics.

Or, as a long shot boot linux or *bsd, then go ask the network people about installing the client on a non-windows OS. If they complain, ask them what problem they have with a OS that avoids the crap in the first place.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...