Results 1 to 5 of 5

Thread: Intelligent Linux OR Foolish Administrator??

  1. #1
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    2

    Smile Intelligent Linux OR Foolish Administrator??

    Hi all...

    I made an observation which I could not understand ...
    Hope someone in the forum will understand it... and help me too.

    In our college, from where i generally use internet, we are provided with Windows Xp machines for browsing internet.
    The college network contain a proxy server based on Fedora 6/SQUID...
    We need to enter the proxy server ip address and port number in the browser settings for surfing the internet... (it didn't required username/password)
    Earlier this (using proxy server) was mandatory for both WindowsXp (via default install) and BACKTRACK(via bootable usb drive).

    But recently our network administrator has made some changes to the network architecture... Now we need to enter a username/password....

    These username and passwords are supposed to be the same stored in the Windows server 2003..

    I guess he had in some way entangled the windows domain controller (windows server 2003) with the fedora6 machine for providing authentication mechanism..

    But something seems broken or incorrectly configured.. Here is what I found out..

    The proxy server's address is 172.16.200.1(internal)

    In Windows
    1) My ip address is static 172.16.200.172 (doesn't make difference even if it is dynamic)
    2) I can't ping to google (any external website)
    3) I can't traceroute to google (any external website)
    4) I need to provide proxy server/authentication settings to my browser (firefox)...
    5) I can't open sites banned by administrator (viz. orkut, youtube)

    In backtrack
    1) I get my ip address via DHCP (last time it was 172.16.61.154)
    2) I can ping google
    3) I can use traceroute
    4) I don't need to provide the proxy server settings to my browser (firefox... uses default setting)
    5) nothing banned...

    In fact i just need to boot into backtrack and start using internet right away as if I am directly connected to internet... the proxy server acts as gateway though (from routing table)

    I don't have much of technical knowledge..(Acquiring it)
    But I guess it is a case of misconfiguration....

    I would appreciate if someone can put some light on WHY this thing is happening..??

    Is it possible to use the internet from the windows machine in the same way, bypassing all restriction..???

    OR is it just that BACKTRACK just became more intelligent???

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Chances are, he's using a combination of GPO's and LDAP authentication. Eventually, he'll probably figure out that people are getting through by not using XP and configure the proxy to not allow any other OS to get through other than XP.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member aggtrfrad's Avatar
    Join Date
    Apr 2008
    Posts
    74

    Default

    to me it sounds like a /16 network, that has a dhcp server that assigns a default gateway as well, so there is also a default gateway that connects you to the outside, and then there is the proxy. The main security setup is the domain structure, so u cannot configure windows machines to use dhcp, otherwise i cannot see why you would get dhcp settings in BT but not in windows.
    -Google is watching you

    -June 1, 2001, Microsoft CEO Steve Ballmer: "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches."

  4. #4
    Senior Member DaKahuna's Avatar
    Join Date
    Jan 2010
    Posts
    103

    Default

    I agree with Streaker. If you can get your hands on the Windows XP box that you can boot without joining the domain, I believe you would get the same results as you get with the Backtrack system.

  5. #5
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    2

    Default

    Thank you all for posting some quick replies... that was fast...

    Actually the system properties shows that I am a member of WORKGROUP..
    and I can get myself an IP address via DHCP in WINDOWS XP also...

    The default gateway shown in both cases are same i.e. 172.16.200.1 (the squid proxy server)

    @streaker...
    Most of the people over here are obessed with windowsXP and seldom uses linux (and definitely not from usb drive). The administrator uses the fedoracore 6 machine for the sole purpose of "FREE as in FREEDOM" PROXY SERVER..
    Even if he finds it out I suspect his willingness to patch things up....
    (He had a difficult time putting things up and working)

    @aggtrfrad

    Yes, it is a /16 network (Broadcast address 172.16.255.255)
    and it has got a DHCP server too (for those laptops connecting to college network via Wirelesss lan)

    But the default gateway in both cases is same i.e. 172.16.200.1 (proxy server..)

    @DaKahuna
    The windows Xp system is a member of 'WORKGROUP'
    I guess the system can't be the member of WORKGROUP and DOMAIN at the same time..
    also I tried to boot using the DHCP..
    Didn't helped though...

    Any other ideas??? Enlightenment...
    [COLOR="DarkOrange"]************************************[/COLOR]
    *****[COLOR="Red"]BACHELOR[/COLOR] [B][COLOR="Black"]BLACK[/COLOR][/B]*******
    [COLOR="DarkGreen"]************************************[/COLOR]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •