Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Network analyzing question

  1. #1
    Junior Member pipboy's Avatar
    Join Date
    Apr 2007
    Posts
    30

    Default Network analyzing question

    I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a diffrent department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

    Thank you for your time.
    - Pipboy

  2. #2
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    I just shut down the whole network. They can use books and Pencils and Paper again. Teach them not to fill up inturwebs with garbage.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by pipboy View Post
    I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a diffrent department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

    Thank you for your time.
    - Pipboy
    I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.

    On a serious note. You could research QoS, and assign all things that you don't want to be used, a low QoS. If they're continually using YouTube or such sites, you could setup a dummy DNS resolution so that those sites cannot be resolved internally.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by streaker69 View Post
    I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.
    I need a secure wifi policy like this. Maybe I could create a captive portal with a log in page saying you agree that if you are caught using my network I can legaly beat you within a inch of your life and repo your laptop.

  5. #5
    Junior Member pipboy's Avatar
    Join Date
    Apr 2007
    Posts
    30

    Default

    Thanks for the impute. QoS will solve some problems and is an interesting read. They have something along the lines of a firewall that acts for a censor for downloads, thats where I got the idea of blocking .FLV and .SWF from. Blocking certain file extensions may solve the problem but the real question is will the average firewall filter will stop a streaming video or audio. Leaves me wondering if their Censor program would recognize a streamed video, I mean technically buffering something is the same as downloading it. No? I know its an easy task to block certain sites such as youtube or google video, but in my opinion is seems like only a temporary fix.

  6. #6
    Member Primey's Avatar
    Join Date
    Sep 2007
    Posts
    126

    Default

    Quote Originally Posted by streaker69 View Post
    I use the "Network Adjustment Tool". Which happens to be a very large heavy stick. Anyone that doesn't care to abide by company policy of not doing that sh!t, gets 'adjusted'.
    i'd go with "Stop Using YouTube or You Will Get Bitch Slapped By Me" kind of thing

    Pipboy, depends on the firewall you're using, some come with the filters for streaming audio and video by default, but still you'd have to configure it, the best way is to block the most used streaming pages (Yahoo Radio, YouTube, DailyMotion, etc), i'd go with a Linux Firewall along the lines of Mandriva or something like that, easy to configure, easy to administrate,

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by pipboy View Post
    I was talking to a local college and they are having problems with students streaming music and video, and the pipes are very full because of this. The senior administrator is on vacation and has not gotten around to fixing this problem. The Jr Administrator who is a teacher at the school in a different department and does not know how to remedy the problem. This gives me the opportunity to get myself in good favour before I apply in a few months. Right from the beginning I figured blocking .FLV and .SWF at the proxy server/firewall should fix this problem, but it got me wondering how I would determine if someone was viewing streamed files via a program like wireshark. I know you can simply filter HTTP trafic but sifting through each packet to look for certain file extensions seem kinda meticulous. I'm sure anyone who has been an administrator has run into a problem like this, feel free to post which actions you took and possibly any deterrents you used.

    Thank you for your time.
    - Pipboy
    1) If the Jr. Admin gives you access to any of their infrastructure components to "help" with this he should be fired.
    2) Lots of modern firewalls do packet inspection, so it should be irrelevant what tool the person is using to get/watch the content.
    3) Something like Web Sense would make this very easy.
    4) If you're going to start blocking things then make sure there is a process for people to have things un-blocked or exceptions created. Though streaming media can put a strain on resources you will find out that there are a number of valid academic requirements for streaming media. (i.e.: Listening to lectures after the fact, streaming feeds from telescope/microscope cameras at other facilities, webinars, etc...)
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Be very careful with this blocking idea of yours. In my College, (Eastfield Community College of Dallas), even the Network admins cannot block access to any site you surf or want to surf. Why? I don't know the whole story, but it had to do with invasion of privacy lawsuits. Today, anyone can go on our Colleges network and look at porn if they so wish too, and theres nothing anyone can do about it. Do I agree with this? Of course not. College is not for looking at porn, its for learning.

    But seriously...check into the laws of your state and with the Network admin about this. The last thing you want is to have someone slap an invasion of privacy lawsuit on you over you trying to be helpful. Leave it to the Network admin to deal with.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  9. #9
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Are you sure!? That's outrageous!

    I would have thought that any "internal" agreement of usage would be sufficient to provide/block whatever the owner sees fit.........

    Are you sure that this isn't a misunderstanding or confusion pertaining to laws prohibiting actually sniffing the traffic to *see* what people are up to, as opposed to not being able to subject users to your own tailored "reasonable use policy"??

  10. #10
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by Re@lity View Post
    Are you sure!? That's outrageous!

    I would have thought that any "internal" agreement of usage would be sufficient to provide/block whatever the owner sees fit.........

    Are you sure that this isn't a misunderstanding or confusion pertaining to laws prohibiting actually sniffing the traffic to *see* what people are up to, as opposed to not being able to subject users to your own tailored "reasonable use policy"??
    I'm as serious as a hart attack Re@lity.

    When I go to school tomorrow, I'll ask the Network admins or whoever is available and credible about it to make 100% sure...but this is what one of my instructors told our class one day. And sure enough...they have NO websites banned. Whether it be a porn site, hacking site, anything goes. But I distinctly remember her telling the class that it would be considered an invasion of privacy or a freedom of expression...or something like that, that would be violated by the College if they blocked access to any web site.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •