Results 1 to 4 of 4

Thread: local network Anonymity

  1. #1
    Just burned his ISO
    Join Date
    May 2010

    Question local network Anonymity

    ok what i am trying to do is boot from usb inside windows <easy:done> next i want to leave no tracks on the host <easy:done:sandbox> then i want to connect to my home pc while hiding all traffic from host and local ap's while i use it in some cases depending on were i use it i will be going thru a firewall <ie:school firewall proxy> i dont want anyone except me to know what I'm doing <network monitor:wire shark> <not that its illegal i just like privacy> so my idea is portable vbox with 2 vdi's on usb >> bt4 with local proxy >> ssh to second vbox >> second vbox is a linux firewall <ie:zeroshell> >> forward all ports to 56 <xerox> or something <to hide protocol <ie:https> from ids for encryption> >> vpn to my home pc and browse the web and access my media? not sure if i'm way off or not I am still a noob to advanced networking
    any ideas would help cause i think i'm way off i overthink everything

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010

    Default Re: local network Anonymity

    Its likely that you have given up all rights to private use of your schools network as part of its conditions of use. This certainly applies in most privately owned networks, including the one where I work. In my position as the IT Security Advisor at my office Id be... upset... if I found someone trying to secretly tunnel data out of my network. "Get a person fired" upset. Just so you know that what you're doing may bite you in the ass.

    Some comments:

    If the network administrators know what they are doing, you will never be able to hide completely. Decent encryption may hide the details of what you are doing, but it wont hide the fact that you are doing something - the encrypted channel can still be noticed, even if the contents of the transmission cannot, and this may be enough on its own to arouse suspicion.

    Changing port numbers wont actually change the details of how a protocol communicates, though it may fool some analysis tools that attempt to match protocols based on port number. Depending on how monitoring is done, this may actually make traffic more visible (seeing significant outbound traffic on port 56 would make me really suspicious, traffic on port 22 less so - dependant on whats normal for the network of course). In addition, if proper outbound packet filtering is done the question of changing ports may be moot anyhow.

    You're definitely overcomplicating things. There is one really obvious and simple means of establishing an encrypted outbound tunnel which is very likely to be working in your chosen environment, and which would result in your traffic getting lost in the noise of many other similar types of connection.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010

    Default Re: local network Anonymity

    Seems like it would probably be easier for you to try a low & slow approach and hide in plain sight.

    As lupin suggested what you're proposing likely violates acceptable use policy(ies) for the network(s) in question. Aside from that using a single port doesn't really help you much, the vast majority of modern protocols use a handshake or packet header/wrapper that can be identified by an IDS or FW so it's irrelevant what port you choose to put the traffic on.

    For the record anonymity != privacy. You can be or have either one or maybe even both but they are not the same thing.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010

    Default Re: local network Anonymity

    If you want privacy on a corporate network, start your own business. If I ever find someone trying to do what you're trying to do, they would be on the sidewalk faster than you can spit. We'd mail their personal belongings to them.

Similar Threads

  1. METASPLIT -- can i attack win7 ? work only on local network?
    By btbeginer in forum Beginners Forum
    Replies: 6
    Last Post: 05-10-2010, 04:23 PM
  2. Sniffing msn in local network
    By imported_ASTRAPI in forum OLD Newbie Area
    Replies: 12
    Last Post: 10-26-2009, 04:15 AM
  3. Setting up network on local network with bt3 over VMware
    By JibberingJ in forum OLD Newbie Area
    Replies: 3
    Last Post: 02-12-2008, 11:21 PM
  4. for newbie. how can I launch local server into Wide network?
    By vsotolkanachinaietsa in forum OLD Newbie Area
    Replies: 11
    Last Post: 07-05-2007, 10:37 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts