- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
At least it's not like in the latest Die Hard movie, where IP addresses apparently also resolve to the full name of the person currently logged in, and their current street address.
Admin
clbuttic
Admin
I don't get it! Why those movie phone numbers have 555 exchanges? They never work!
And what's with all of the people in police reports named John Doe? That name must be cursed!
Admin
"wares", you twit.
Admin
Sometimes it can work. I run a Citrix Farm with several published apps. We had an office (remote) where users would constantly miss deadlines and blame the equipment. Finally I had enough. One particular user that ALWAYS blamed the equipment fell behind on a very important deadline. When my boss (the director of IT) inquired as to the status, she told him (and copied his boss) that she was unable to access the system for 3 days and that was why it was incomplete.
Of course, she did not know that Citrix keeps track of the logins, and you can get info about printing from the windows logs. So, if you log in and print, we can show you were in the system.
So, I sent her an official "Network Outage Form" and had her fill out and sign that she couldn't access the system on these days. Then, I attached the logs that clearly showed her logging into the farm and printing stuff (complete with the names of the reports she printed) on those same days and gave it to my boss.
Apparently she got burnt and word got around that office because it NEVER happened again.
Admin
Admin
WAR-ezz, 'cause it's l33t. :-P
Admin
Ever play Uplink? Every IP address in that game is intentionally impossible. At least one octet is > 255 in each address. Granted it's set in 2010 (only 2 years away, now), but they still seem to be using and impossiblified IPv4 rather than IPv6.
Admin
I tried some of the IP:s in Wargames 2, most of them didn't do anything, but one was for some kind of router/telecompany thingie, with syslogs and everything... needed a daily password for configuration and the good stuff though...
Admin
I would have told Brad that bestiality porn is absolutely required for penetration testing to make sure it works on all platforms.
Admin
It's funny if you understand the root of the word, but I imagine anyone who read it as "Juarez" was like me, and just saw a new word that meant "pirated software", not a word directly descended from "wares".
Admin
That network admin is dumb! Bestiality isn't the form of penetration testing security professionals normally do, though it is an all together different type of penetration testing... And requires a non network related tool or socket...
I'd think most security professionals leave it to the bestiality professional horndogs and drug using hookers!
Admin
Hah. I was tasked with setting up a proxy to log and block access to 'bad' sites at a catholic high school. Myspace was the biggest fight. I had exactly zero budget to do it, so I cobbled together something from squid and dansguardian. Pretty soon, kids were looking for ways around it, and the arms race began. If we caught a kid trying to bypass it, they would get sent to the office for a detention. I had the loathsome job of grepping the logs for infractions. I found one kid that was searching Google for ways around the filter, so he got called into the office. He argued, saying that a 'bypass filter' was a type of guitar pedal he was researching. I pulled up his history:
Me: See, here you searched for 'bypass filter'. Him: That's a pedal for my guitar for band, you know, a bypass-filter? Me: Well, next you searched for 'bypass school web filter'... Him: incredulous look Me: (noticing that the next search included the querystring variable that indicates Google corrected your spelling) ...Which you misspelled... Him: head drops slight giggle Me: Next was 'bypass dansguardian', which you managed to spell correctly. Him: stifled laugh Me: Go serve your detention.
Which he did happily. Word got around pretty quick after that.
Admin
"quoting", you twit!
Admin
You don't recall which university you went to?
I don't remember much of what I learned at university, but at least I remember which one it is. They're still sending me bills. I wish I could forget.
Admin
Ever since the Department of Education here set up their whitelist people have been asking me left, right and center how to bypass it.
P.S. I'm still a student, which is why they're asking me. :P
Admin
"GAY-mez" is that like a gay latino guy or something? :-P
CATPCHA: ENIM - its like an enum.... but better :-P
Admin
This story sounds so familiar. At my last job I worked for a company that performed medical billing. The office had about 200 people and about 60 servers in it. Our parent company only had about 50 people and 1/10th of the technology. Our office was in a fairly metropolitan area whereas the parent company was in the middle of nowhere with approximately 0 large carriers in their area.
Our office had 2 T1 lines to the home office that served as our only communication lines to them, including running their VOIP phones off of our phone system. Ever since the day I started I always wondered why our local computers used a proxy server in the home office instead of having a local ISP pass our traffic. After all, in our city internet bandwidth was cheap and the WAN links to our home office were VERY expensive. The strange thing is that we did have 4.5mbps of internet traffic for some public web/ftp servers and some specialty APPS that we wrote to communicate to hospitals, but we did not use it for the 200 people who were constantly online, using streaming video and internet radio. It was so bad that many of our calls to our home office were garbled and it was about impossible to get anything transferred from their office to ours. (the other way worked great!)
My boss finally said that I could start researching what it would take but he did not think that management would approve. Apparently at some point in the past it was setup that way and the admin who was there at the time left the proxy server open. Something happened which my boss was either unable to or unwilling to clarify. All I gathered was that they shut our server down when they realized that people on the net were using it. The only thing he could/would tell me is that it had something to do with gay porn. The whole problem embarrassed management of our company so much that they decided to leave it up to our parent company to handle from then on.
Admin
Ok, it's 207.46.197.32.
Admin
Why use a very, very specific ip address when the intention is "just some ip address".
"Hello officer, I saw the thief and his accomplice get into their new, deep red 2008 Ford Taurus, license plate 00 A123B and drive away"
Officer: "are you sure that is the car they got into and how sure are you of the license plate?"
"oh, they just got in some car I don't know which, I just meant to say that they drove away"
Admin
Admin
------------------------------------ CAPTCHA: tristique
Sure...such as "velvet underwear" is softwear. Or better yet, "rabbit fur-lined underwear".
Admin
Admin
See the thing is that anyone that deals with network issues during their week is just going to read "127.0.0.1" as "localhost", totally breaking the story. Next time use "192.x.y.z", "10.x.y.z" or something like that. Doesn't take much to realise that's just an arbitrary unimportant IP.
Admin
Choose something else besides 127.0.0.1 It makes who ever uses it in their story look like an idiot.
Admin
I also read "127.0.0.1==localhost", which really didn't make any sense for the story.
"x.x.x.x" would have been easier to understand. Or, as somebody pointed out, something in 192.0.2/24.
Or maybe somebody was downloading stuff from warez.dot.no?
Admin
The did something similar in the movie "The Net" (1995), where IP addresses like 23.75.345.200 occured.
Possibly. But frankly, after seeing computer hacker sequences like the terrible 3D virtuality scene used in "Disclosure" being pulled off by film makers I kind of doubt it.
On the other hand, I was pleasently surprised to see sober use of realistic command line hacks used in the high budget special FX showoff-movie "Matrix Reloaded".
Admin
it's wear-z like in Zen
Admin
Let the Schwartz be with you.
Reminds me of Kevin Schwantz. Wouldn't want to have "Cock" as a family name.
Admin
Admin
Damn it... now i know where all those mails from Bill Gates and Steve Jobs came from...
</sic>Admin
Forgot the qoutes!! Damn it... Now i know where all those emails from Bill Gates and Steve Jobs came from...
</transverbero - weird CAPTCHA>
Admin
Admin
Thus my former landlords last name: Putz
Admin
Well, I bet at least half of the people who've read the article pasted barnyardfapping.net in their browser to check it out...
Captcha: damnum (oh well)
Admin
Smallville did it too. I'll have to upload that pic.
Admin
Slightly related(*), my university had the mail servers set up so that it would quietly add a header line showing the actual user on the other end of the socket connection. It might take a little work, e.g., having to check who's logged into a system in the lab, or who's pc has received the DHCP assignment, but doable.
They never told the students.
The results were predictable. Student figures out how to talk to the server directly, or at least how to set up a mail server, and decides to impersonate somebody else. Only the professor or TA knows who the real sender was. Oops!
(It's not a truly open relay, but it's close if you're in an ecosystem and one user can impersonate another user.)
Admin
(just for clarity -- this was inbound mail so you normally don't require authentication. It just has to be going to a local account. That doesn't mean there aren't ways to figure out who you are... :-) )
Admin
That's easy to deal with. Use it to print a message saying "Attention: this printer is visible to the internet and any bozo can print to it. Like ME!" Then include that picture that keep appearing on slashdot a few years ago.
Okay, maybe not the last bit.
But with the google query that lead you to it.
Admin
Hey dumbass! Everyone else here seems to understand the use of 127.0.0.1 in this post except you. Does that tell you something?
And yes, "dumbass" also has a specific, defined meaning. In this case, it means "posters making idiotic posts to TDWTF using the pseudonym 'Zylon'".
Thanks for playing.
Admin
For someone posting as "PhysicsPhil", you're apparently not too smart. You think that "making up" 127.0.0.1 was complicated, and got confused by it?
I think you and Zylon should get together. You could amuse yourselves for hours with some really complicated activity like thumb wrestling or rock-paper-scissors.
Oh, wait. I see you two were joined by "tin", Casey, and Morten. Great! Enough for you guys to form a league!
Admin
Absolutely gold article.
Admin
Hehe. I was the student getting around the blocking at my catholic high school (obviously a different one, as ours used Websense, had a huge budget, and I never served a detention). We had the same arms race, but without anyone being sent to the administration until I was caught long after all the public workarounds were stopped, it lasted a lot longer. I had a setup where a copy of PortableFirefox on the network share was configured to use my house's router as a proxy for blocked sites that worked pretty well. If anything, the whole event was a good way to teach students about networking (evil smile)
Admin
Heh, reminds me of a time at University when our poor old Linux server suddenly started getting pounded. It got so bad that the syslog started consuming huge disk space (it was a single-task machine we set up for a project, so it was an ancient 486 (this was 8 years ago), with probably 32MB of RAM and some random hard drive (probably 2GB or so). Turned out the entire department network was being bombarded with this. The little server helped the admins hunt down the offenders - it was more or less the only thing on the network set to log such acrivity. They actually brought down the network when it happened before the firewall was installed. Luckily, this was during exams, so no one really cared.
Another time, it was briefly scanned, and we caught it in the logs. Did a quick back scan, and found a printer... HP JetDirect based, open on the Internet. We quickly printed out tons of messages to the effect... white on black.
The first thing I did was set up the printer queue for that printer, then open up MS Paint, click the fill tool... and click black. My friend was watching me do this, not really expecting anything other than a friendly message. "Whoa!" as I clicked Print multiple copies.
He then took over and wrote a message in the field of black, and printed a few more times about that fact. (White text on black)...
Went to check the printer status, and it stayed at "Busy" for a long time...
Admin
Admin
I remember reading a story about an electron microscope that was running an open mail relay. Apparently the scientists who ordered a networkable microscope had no clue that it was funning a full linux distro.
Admin
Did you have time to partake of some mongerin'?
Admin
Except that, in all of the similar situations I've been in, it turns out the only reason why the person was looking at the logs was because of the security audit - he wanted to see how the pros do it. The malicious activity had, in fact, been going on for months, possibly years.
Since the individual who discovered the 'new' activity during the security audit was always someone who should have been checking for that sort of thing (for example, the network admin or the security admin), it's a clear case of incompetence that they did not notice it earlier. That they claim it's 'new' activity before even considering to check to see how long it's been happening also smacks of incompetence.
Oh, and, for what it's worth, the reason they didn't find it before wasn't a lack of skills, but because they were lazy, or unmotivated, or sure they already knew what was on their network, or just were not interested.
Admin
I've seen other people use 127.0.2.10 and such for this. Sad to say, I did encounter one "secure" network, upon which 127.0.100.0/24 was not localhost. I don't know how much of the 127.0.0.0/8 block they were using, but I had to do a brief bit of administration on 127.0.100.115, which had a default gateway of 127.0.100.1. This was, for what it's worth, their DMZ network - which was apparently entirely within the 127.0.0.0/8 block for "security purposes".
Of course, this wasn't quite as difficult to work with as the one company that had approximately 3000 machines in 192.168.0.0/24. (How did they do that, you ask? Subnetting, masquerading, and just enough knowledge to be exceedingly dangerous.) Now, normally, that worked ok. But they were trying to push network updates to these boxes.
Admin
Hey, moron, he's right. I was a bit confused too when I've read "localhost": I've thinked that the person who spoke the sentence was so ignorant that he doesn't know what "localhost" is (this is a WTF site, remember). If you want a fake address, well... use a fake address. Don't use an address with a well-defined meaning.