View Single Post
Old March 6th, 2005, 10:12 PM  
Retired Administrator
Kiros's Forum Picture
Name: Ben
Join Date: May 22, 2004
Location: Albany, LA - USA
Age: 28
Gender: Male
Blog Entries: 17

Originally Posted by Blahages
I don't know. I'm not sure if were both on the same page. The school has one central server which is called district-proxy, replacing district with the name of the school, which is at the Admin building. Then, all of the schools in the district run back to that building, and the Internet all feeds back to that proxy, which filters out all the crap. They do have each school with filters too, but the main one is there. And, I was told they have T1 lines connected to all the schools, so, they apparently have all of the schools interconnected by T1 lines in someway. I figured most schools had all of their schools networked together. That school's definately not rich. This summer we have to move all of the computer stuff to different schools from two of the schools, because they're closing their admin building, and moving it to one of the elementries, and closing that elementry down for good, and dispursing the kids throughout the district because of money issues. So....

Is that what you were talking about?
yes lol

Originally Posted by Blahages
You mean, like using a remote console program, or whatever, like Freecon (I think) and sit at one computer, and log on to the remote server? If so, that's what they use where I work. I'm not sure what they use to authorize the access to that though.

And, I'm sure they have some type of password on it. You always seem to make it sound like (in many of the posts I've read about this here) the admin accounts are just passwordless accounts, that you can really easily log into.
Simply using any remote connector (even the one that windows comes with) will allow u to connect with the computer if u enter the proxy, domain, computer, IP, port, and user name & password correctly.

~~ O.o ummm no, usually all admins have passwords, but if its on an SQL database, then ya dont need the password or even the user name to gain full access to it and anyother server's passwords can either be guessed or brute forced.

Originally Posted by Blahages
What exactly do you mean? Are you saying terminate the program on the Server or the local computer? Because, the program is run locally, through both services and programs. And I think they have something on the servers, but that's not what they use to keep them frozen.

And, you can't terminate a lot of the processes on the computers there. Get access denied on most. And, even if I could, I could sit there all day long terminating processes, and it wouldn't remove the protection on it. That's not how it works. Believe me, I tried it the other day that I installed a trial version of it on. If I remember correctly, it doesn't allow even the admin to terminate the process without using a password to disable it.

Have you been around that program? Here's a like if you want to take a look at it. ( Try downloading the Trial version of the Standard program. That's here: if you have an extra computer you want to try it on. Once you have it installed, and the password enabled, try to disable/remove the program once it's enabled, without using the password. It's pretty difficult. Even if it looks gone, you restart, and any change will be restored to what was there before.

I mean, I know there are ways around it, but it's pretty hard. The only reason I can get around the 9x version is because I was able to get ahold of a program which removes it. But, you cant find that anywhere online.
yes, u can terminate the process. Though there are some processes that maintain the OS and there are some that run higher in the 'process tree' so therefore task manager wont be able to close it. further more, for this program, there is a decoy process running that is the same process, but it monitors the main one and restarts it if it is terminated. It usually tries to hide itself as a system process though. Oh, and once the processes are terminated, also terminate and restart explorer.exe and then delete the system (.sys) files accordingly. (and yes, i know the thing runs services and processes, but the services can be closed in 'services.msc') for the OS to be restored upon reboot, there AS TO BE A .SYS FILE! otherwise, it will be loaded as a driver, which cannot write data to a disk, or will not be loaded at all. (i know drivers are system files too, but a .drv file must only read and cannot perform anything else except make a certain setting accessible) Having the system files out of the way, u CAN reboot without it resetting all the data.[/quote]

Originally Posted by Blahages
Yeah, unless they log that too, which they probably do. Stupid school Admins. I bet you could do it easily at my school though.

Around 4-5pm? From school? It'd be kind of suspicious being there. Especially since everyone is gone after around 2:40-3PM, besides some teachers or staff.

When I go to school Tuesday (have Monday off) I'm taking a little program that allows you to end processes. I'll see what's running on the computers, since I can't access the task manager they have in the first place. But, I doubt I'd be able to end any of them, besides the ones I started. I still gotta mess with that program I have which removes that freezing program from 9x and see if it works with NT based versions. I know it wont with NTFS partitions, but it MAY with Fat32. I don't know. I would have tried messing with the stuff more so, if I knew exactly how they run their networks. I don't know anything about how they monitor anything at my school. Only where I work. So, I have browsed around on the server a few times, and you can see where their login scripts and stuff are, but I haven't done much else. I don't know how they'd respond if they caught someone doing anything. They gave me and my friend an hour after school detention once, in 10th grade, for just sending a message via "Winpopup" over the entire network. I didn't even do it. I was just talking to my friend about it, and showed him how to use it, but didn't actually do anything. I even warned him not to send anything. But, he typed like "fndsjfhs" and hit send, and it said something similar to:

"Message receieved at 2:30PM March 5, 2005 from User '<Insert Name>'"

"Message: fndsjfhs"

So, it told everyone who sent it, and everything. Then, of course, they asked him about it, and he mentioned my name, and even though they knew i didn't do anything, I still got the same punishment, because you're not supposed to even open a program that isnt either authorized to use by the school, or isn't school related.

Stupid school policy. That didn't go on my record, but still. It would have if it was something worse or a second offense.
LOL no no no, not locally restart the server, but just use a logonui.exe command to restart it

huh... i dont see why it wouldnt work on a FAT32 table. windows 9x can be ran on it so it should be able to.

Please share the logon and logoff scripts with me! They could be running the freeze before boot or shutdown. also, explore the gpedit.msc in the 'system32' folder if ya can

ooooooo wow... that sucks lol i wouldve just send a pop up message to everyone one the network through the command prompt's net send and sending it to a range of IPs running on the network. but yea... dont do it again lol

Kiros || Ben

Happiness is not about being perfect.
It is about seeing beyond the imperfections.
Kiros is offline   Reply With Quote