Answer the question
In order to leave comments, you need to log in
"Big Brother" in the office, Internet traffic is monitored. How can this system be bypassed?
I ask in advance to respond to users who have at least some idea of \u200b\u200bsystem administration, worked in this area. Answers from users who simply inflate this bike without any substantiated facts - I do not welcome))
Recently I was able to get a job in a small office. I won’t say what the work is connected with, but it consists in filling out some papers and writing on a computer. The first two days I came to work almost empty-handed, they didn’t give me a working computer, and when I asked when they would issue it, they said that it would not be soon. So I decided to bring my laptop with me. I found a free ethernet cable from the switch, connected it to my computer, and then discovered that this office had 100-megabit Internet (as it turned out later, on optics).
I did my job, but an hour and a half before the end of the working day I finished all the assigned writings, so I went to the Internet, climbed FB, VK, YouTube ...
Recently, an unpleasant event occurred: the cable was damaged at home, the Internet began to work badly. There was no time to find out where the cliff went and restore the whole thing. And I just had to download one file via a torrent (more precisely, I already downloaded it, but it hung at 30 percent). What did I decide to do? Naturally decided to complete this business at work. I know for someone I did not act in the most honest way. But since there is optics, why not take the line?)
I put it on the download, it went pretty quickly. But after an hour and a half, it all again hung at 75 percent. I started to find out what was the matter ... It turned out that the distributing peers were unavailable, the tracker site too (the rest of the Internet worked). I understood what was the matter, apparently the system administrator cleared me and decided to interfere with my impudence. But that didn't stop me... I decided to look for various open proxies on the Internet, but alas, they give out little speed. Then I decided to put the whole thing through Thor. I opened the browser, and in the proxy connection settings I entered localhost: 9050. And everything worked!
A little later, a manager approached me with some kind of request regarding work, I started showing him some document on my computer, but accidentally burned the mTorrent window. Having burned this case, he didn’t scold, but strictly asked to be cut down and warned in his ear that “you shouldn’t download anything here. This Internet is for the needs of the company. All actions on the Internet are monitored by the system administrator, he knows who is on which sites, who reads what, he can also shrug the complaint against the user to the director."
I stopped using the Internet, just sat on my mobile phone through a 3G connection. And I downloaded the torrent at home. And literally today, during a break, a colleague tells me the same bike saying "the system administrator is a big brother, I don’t even advise you to go to social networks, because he monitors everything."
That's actually from this bombed and I'm writing here. I know that they have some kind of VPN "Cyberoam" on their network, with a firewall. I understand that with the help of it you can calculate from which host to which server they are accessing. But is it possible to find out what a person writes, with whom he communicates? Can the system administrator view all the details of my online behavior? If so, how is the HTTPS protocol bypassed? Maybe they somehow carry out fraud with certificates? Or are these all stories that were started up among the lamers so that everyone minds their own business?
And another question: I want to use Tor to hide my actions. They are not to the detriment of anyone, but I love privacy. In theory, it encrypts all content. But can he somehow fire inside the network? (Through some ports there or xs).
Answer the question
In order to leave comments, you need to log in
If you were able to bring your laptop from home, plug it into an arbitrary socket and get access to network resources and access the Internet, then you can not be afraid of such an "admin" - this is not an admin.
Guys, let's go to the other side!
The author of the question is interested in how to quietly suck the Internet from the employer - he will not lose it, right?
With full responsibility I declare: it is not necessary to do so.
And it's not that the Internet office will decrease.
Let it not disappear, of course!
This is a matter of personal hygiene.
Sticking your personal laptop into who knows what network is the same as sleeping with who knows who without a condom. For both participants, by the way.
The network admin is also good, of course: either he is lazy, or not far off, because the left laptop turned on without authorization should not have entered the network. By the way, he has the means to control the traffic of employees, but he, apparently, does not use them.
My advice to the questioner:
- buy a 3G/LTE whistle for torrents
- buy a tablet/smartphone for social networks, and at work (we're all our own, we understand everything) ) keep it in a desk drawer
- wait for a _working_ computer to be issued at the workplace, and only do work from it
As an administrator, I can only give such advice. Either work according to the established rules, or don't work there at all. If you bypass the system, you will attract attention to yourself, and if there are any questions and problems, you will be one of the first suspects. If you encrypt everything - similarly. At work - work.
Why are you so afraid that they will read the correspondence? Do you send company secrets? :)
About 10 years ago, we had a case when Naska, known as the "killer of networks", was massively installed at work, used mainly to discuss management, appoint a place for drinking, etc. The speed of the network because of it fell several times. So our admins downloaded the logs of the conversations and gave them to the authorities who appeared in the correspondence to read, after that no one else set up Naska.
The moral of this is this. Do not do garbage at work, you got a good admin who warned you, and did not run to the management with a report on information security violations.
Maybe. I don’t know how your network is built there, how user monitoring is organized, but I can say for sure that it is possible to monitor everything that happens on a working computer - up to keystrokes (so you shouldn’t go to personal boxes from it) and screenshots. And no https will save you, no tori will close it - you will only draw attention to yourself. Google "Stakhanovite" at your leisure :)
The fact that you plugged your laptop into a free socket and after ten or fifteen minutes no one came running and asked - what was it that was drawn on the network, this, of course, negatively characterizes the local admin. But do not flatter yourself too much - for example, any wheelbarrow that suddenly appears on the network will automaticallySMP agent installed. Which will regularly merge everything to the server - well, as soon as it gets through :) Bypass
- well, probably you can. If you know more about the network. But by taking any such actions, you only help the local admin :) find unclosed holes, and don’t expect gratitude for this (although I always thank such “initiative” ones - I may not have time to check - is it possible to dodge like this)
PS: It is curious that idlers are the most worried about privacy and the labor code. People who go to work to work - usually work at it.
ZZY: Especially for the TC, so that he suddenly doesn’t consider me a “user blowing up a bike” - I worked as an admin from 1990 to 2013 :) and now I’m “almost an admin”, with a difference of one letter :)
But is it possible to find out what a person writes, with whom he communicates?It is impossible - now all important information passes through https, so such content is closed to admins.
Easily. Google in the side of transparent proxy and substitution of the root ssl certificate, in a corporate environment this is very simple. It’s still you haven’t been put on thin clients like vdi / rdp, it’s generally stupid to take screenshots of user activity at random times.
if it’s really scary, then you can sit in your laptop via the Internet on your phone
The content is closed, but if the connection goes to https://vk.com , then it’s clear what is in this content.
Install a VPN, with encryption - the admin sees "left traffic" it is not clear from whom in LAN and blocks it.
The first thing that surprised me, however, not only me but also many above, is that you just came with your device and got access to the office network, including the Internet.
Second, I categorically do not advise you to do anything differently than everyone else.
Maybe the admin personally will not tell you anything. But at the slightest problem, they will blame everything on you. They say a smart guy appeared, he probably ruined everything.
But if you really want to, then setting up a VPN through encryption. But the admin, if not stupid, will be able to catch the "left" traffic and simply block it.
First, carefully read and understand the meaning of the information, then - apply as needed: https://www.torproject.org/docs/pluggable-transports
IMHO - everything is easier. On all computers of the company, software is installed that monitors the actions of the user, for example, Stakhanovets. And then it doesn’t matter what you go through and where you go - everything you do, write or read is available to the employer. The fact that they were initially able to connect their laptop is, of course, an omission of the IT service, but believe me, they also receive money for a reason
Worked as an administrator in the office. The head of the department organized the security of the network in a loser way. Protect your network from strangers with a DCHP server! ))))
Our objections that this is nonsense did not want to hear. But it didn’t bother us, we just laughed silently and that’s it
. On all computers, a scanner from a staffkop was remotely installed, which collected statistics on user work. That's it for them and there was a collection of reports. Later, they hired a girl (after we failed to persuade us to be engaged in "security"), who sat and watched who corresponded with whom, who sent suspicious messages in the mail or transferred files, who watched porn or pictures or read erotic stories during working hours , passwords from personal mail, social networks, etc. And sent all the data to the CEO.
There was no given BB only on admin computers.
At the same time, I did not want to set a proxy.
PS I fled from that car about two years ago.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question