|
His wife probably talked to him about it.
|
#
?
Mar 22, 2018 19:57
|
|
|
|
| # ? May 28, 2024 01:01 |
|
|
https://twitter.com/joeyalison/status/977036744754323456
|
|
#
?
Mar 23, 2018 05:40
|
|
|
I occasionally work offshore and on this one rig the company provided a wired network but there wasn't any WiFi. So to get around this the crew brought these little TP-Link Ethernet-to-WiFi bridges on-board and hooked them up in their cabins (There wasn't any 802.1x configured because the company didn't deploy an ACS appliance on-board and the latency over the VSAT link to onshore was too high). It was really bad but we had no way of stopping them. One time when I was out there I was troubleshooting an intermittent connectivity issue with the CSR's personal laptop and I discovered another DHCP server on the network (Snooping was never configured on the switch). After further digging I found the source: one of the TP-Link bridge dongles. Turns out one of the more savvy crew members (The logistics supervisor iirc) realised that everyone using these dongles never changed the login creds for their web interface. So before he boarded the helicopter to go home at the end of his swing he logged onto the CSR's bridge dongle and hosed with the settings, including enabling the device's DHCP server and changing the SSID to "I EAT DICKS". When I pointed this out to the CSR all he said was "Oh so that's why I can't connect to the wireless in my cabin." That's my WiFi story.
|
|
#
?
Mar 23, 2018 14:45
|
|
|
That’s a great prank, until someone figures out they can follow the signal and beat you up.
|
|
#
?
Mar 23, 2018 15:34
|
|
|
I spotted this at work once, years ago:
|
|
#
?
Mar 23, 2018 16:07
|
|
|
Double Punctuation posted:That’s a great prank, until someone figures out they can follow the signal and beat you up. The person who thinks that's legit would never be able to follow the signal. Come on.
|
|
#
?
Mar 23, 2018 16:15
|
|
|
Darchangel posted:I spotted this at work once, years ago: And? What's the password?
|
|
#
?
Mar 23, 2018 16:20
|
|
|
Spoiler Alert: It's PENIS!
|
|
#
?
Mar 23, 2018 16:21
|
|
|
Can passwords have spaces? If so I’m going to guess it’s Shout ‘Penis!’ You know, Speak friend and enter. Why would someone who got the FBI Surveillance Van joke care enough to track you down?
|
|
#
?
Mar 23, 2018 16:42
|
|
|
22 Eargesplitten posted:Why would someone who got the FBI Surveillance Van joke care enough to track you down? Yeah I was also confused by that comment. Like it's normal to track down and assault the operators of wireless networks that you don't agree with? I'm imagining one of those YT prank videos where some scrawny dude is about to be pulverised and he's screaming "IT'S A PRANK IT'S A PRANK" whilst frantically pointing at a WAP.
|
|
#
?
Mar 23, 2018 16:48
|
|
|
I just call my network "Evil spirit" Though when taking the bus to college I remember at one intersection my phone would always detect these two networks: "I can hear you loving" and "Criminal structure"
|
|
#
?
Mar 23, 2018 17:03
|
|
|
22 Eargesplitten posted:Can passwords have spaces? If so I’m going to guess it’s Shout ‘Penis!’ Yes. Not well known bit of the authentication standard for wifi is that space is a valid character. So if a WiFi hotspot disallows you from entering a space as the password, it is actually breaking standard. But then again, I'm still talking about WiFi and laugh manufacturers care about standards
|
|
#
?
Mar 23, 2018 17:42
|
|
|
cheese-cube posted:That's my WiFi story. This was about once a month for me in college. It was before there was official wireless in the dorms, so people would just hook up their own stuff and inevitably a bunch of them got hooked up with the LAN side connected to the campus network. They had nice switches but apparently hadn't enabled snooping and were really slow about actually doing anything about it. After the second time I came to the same conclusion about default passwords and would change the SSID to something obvious, disable DHCP, and then go out hunting. Locate the signal, knock on the door, and give them a bit of poo poo about it. If they were nice I'd help them get it set up properly, if they were lovely about it I'd play on their ignorance and tell them I was with IT (technically true) to threaten them with consequences. I couldn't actually enforce those things and didn't even work in the right department, but it usually worked. Repeat offenders may have had their device reflashed to OpenWRT.
|
|
#
?
Mar 23, 2018 17:49
|
|
|
Wow that's a pretty funny story about you lying to people and breaking their personal property. Good job mate you sure policed that network.
|
|
#
?
Mar 23, 2018 17:56
|
|
|
wolrah posted:This was about once a month for me in college. It was before there was official wireless in the dorms, so people would just hook up their own stuff and inevitably a bunch of them got hooked up with the LAN side connected to the campus network. They had nice switches but apparently hadn't enabled snooping and were really slow about actually doing anything about it. What an incredible chud you are. Like does anyone hear that story from you and think "wow, so cool!"?
|
|
#
?
Mar 23, 2018 17:59
|
|
|
It seems pretty harmless to me?
|
|
#
?
Mar 23, 2018 18:17
|
|
|
Cup Runneth Over posted:It seems pretty harmless to me? did you miss the part about reflashing the firmware?
|
|
#
?
Mar 23, 2018 18:28
|
|
|
Cup Runneth Over posted:It seems pretty harmless to me? Really? wolrah posted:If they were nice I'd help them get it set up properly, if they were lovely about it I'd play on their ignorance and tell them I was with IT (technically true) to threaten them with consequences. I couldn't actually enforce those things and didn't even work in the right department, but it usually worked. Repeat offenders may have had their device reflashed to OpenWRT. Whether or not what they did was illegal or violated some magical campus rule is really besides the point, dudes a dingus.
|
|
#
?
Mar 23, 2018 18:28
|
|
|
When I worked university support, the network department would confiscate home routers if found. It was in the residence handbook, and the network policy that you had to sign in order to get internet access. This was also in 1999-2003, so it was a relatively rare occurrence.
|
|
#
?
Mar 23, 2018 18:35
|
|
|
wolrah posted:Locate the signal, knock on the door, and give them a bit of poo poo about it. ... tell them I was with IT (technically true) to threaten them with consequences. I'd love to be a fly on the wall, I bet the entire interaction was awkward and awful.
|
|
#
?
Mar 23, 2018 18:50
|
|
|
The Fool posted:When I worked university support, the network department would confiscate home routers if found. With wired networks these days it's far easier for campuses to either deploy 802.1x everywhere and/or deploy a transparent proxy with captive portal. Deploying campus-wide managed wireless is also easier thanks to centralised AP management. For open wired networks it's also possible to do things in a safe manner by enabling 802.1x with MAB (Students register their device MACs with campus IT for access) and/or just lock things down enough to allow devices in a safe manner (BPDU guard and DHCP snooping plus something I'm probably missing).
|
|
#
?
Mar 23, 2018 18:51
|
|
|
cheese-cube posted:With wired networks these days it's far easier for campuses to either deploy 802.1x everywhere and/or deploy a transparent proxy with captive portal. Deploying campus-wide managed wireless is also easier thanks to centralised AP management. From what I recall, (this was literally a decade and a half ago, and I was just lab support/helpdesk) All of the switch ports were labeled in the switch configuration to correspond to room numbers. When you were a new student and wanted internet access, you only needed to sign a network policy release and they would turn the switch ports for your room on. The only time you were asked to provide your MAC address was if you were requesting ports opened in the firewall. When a violation was detected, they would shut off your port, and blacklist any MAC addresses that were connected to that port. If you wanted your port turned back on you had to bring the device in. I remember an incident where a student had his port shut off for excessive file sharing, and moved his computer to his friends room, got his port shut off, moved again, etc. The story is that he got nearly an entire floor shut off in one night. I almost forgot, all devices on the network had publicly route-able addresses. As in, if you requested port 80 opened and they granted it, you could host a website on your computer and just give out your computers actual IP address. Or register a domain and point it at your computer in your dorm room.
|
|
#
?
Mar 23, 2018 19:02
|
|
|
The LAN in my office (university research group) is for some reason stupidly restrictive and requires going through an in-house proxy server. I can’t even clone git repositories because of it. So to get around it I just plug in and don’t configure the proxy and turn on the school’s VPN and bypass it completely. It’s really dumb.
|
|
#
?
Mar 23, 2018 19:14
|
|
|
The Fool posted:I almost forgot, all devices on the network had publicly route-able addresses. As in, if you requested port 80 opened and they granted it, you could host a website on your computer and just give out your computers actual IP address. Or register a domain and point it at your computer in your dorm room. Ahaha yeah I've read about this, campuses being given a /8 of public address space and then not bothering with NAT. I'd lose my mind trying to deal with that kind of poo poo, glad you made it out alive (Or did you?)
|
|
#
?
Mar 23, 2018 19:23
|
|
|
They were affecting network access for the entire building because their DHCP was faster to respond than the official one, and in previous times this had happened the official IT department took multiple days to resolve the problem. I bent the truth a bit to resolve the problem faster for myself and the rest of the people in the building. Like The Fool, official policy was confiscation and most of the people I dealt with in this way were nice so I helped them out instead. They got a properly configured WiFi network and the rest of us got our internet back. The shittier people got told the actual policy and got a meaningless warning while the rest of us got our internet back. Where's the actual harm in those cases? Everyone came out better than the official way. As far as the reflashing, I'll agree that it wasn't the best thing to have done but when the same person's broken your internet access for the fifth time that weekend and knows enough to work the reset button you start to consider more permanent measures. The device still worked and would even operate as a wireless access point and switch, I just disabled the DHCP server in the default config so their factory resets would stop breaking everything. Inept posted:I'd love to be a fly on the wall, I bet the entire interaction was awkward and awful.
|
|
#
?
Mar 23, 2018 19:41
|
|
|
as much as I think reflashing someones gear is pretty lovely, I have to admit that high school me thought pulling that poo poo was pretty awesome, and I didn't see a problem with pulling it into my mid 20s. Old man me thinks that its lovely mostly because it voids the warranty on someone elses gear, which sucks if something goes wrong on it for them(and with OpenWRT something is gonna go wrong)
|
|
#
?
Mar 23, 2018 19:47
|
|
|
cheese-cube posted:Ahaha yeah I've read about this, campuses being given a /8 of public address space and then not bothering with NAT. I'd lose my mind trying to deal with that kind of poo poo, glad you made it out alive (Or did you?) As a student in the early 00's it was pretty awesome. Host TFC and CS servers on university internet? Run a MUD on a linux box? Start a web business in your dorm room?  I'm sure it was a nightmare to manage, in hindsight, there were so many things that were just hacked together and barely worked day to day.
|
|
#
?
Mar 23, 2018 19:57
|
|
|
RFC2324 posted:as much as I think reflashing someones gear is pretty lovely, I have to admit that high school me thought pulling that poo poo was pretty awesome, and I didn't see a problem with pulling it into my mid 20s. Old man me thinks that its lovely mostly because it voids the warranty on someone elses gear, which sucks if something goes wrong on it for them(and with OpenWRT something is gonna go wrong) https://www.youtube.com/watch?v=UhDcXCVFrvM
|
|
#
?
Mar 23, 2018 20:00
|
|
|
wolrah posted:They were affecting network access for the entire building because their DHCP was faster to respond than the official one, and in previous times this had happened the official IT department took multiple days to resolve the problem. I bent the truth a bit to resolve the problem faster for myself and the rest of the people in the building. Nah, those are shite excuses. It's called DHCP snooping and has been around for ages, that would have handled your rogue DHCP server issue. Sounds like you ignored using technical solutions in favour of throwing your weight around to be the big network boy. Unacceptable behaviour and the fact that you don't seem to realise this makes me fear for your current employer, assuming you're still in the industry.. The Fool posted:As a student in the early 00's it was pretty awesome. Host TFC and CS servers on university internet? Run a MUD on a linux box? Start a web business in your dorm room? That rules. Exceptionally hosed from a network standpoint but to be there 
|
|
#
?
Mar 23, 2018 21:09
|
|
|
Being on a campus network with 100Mb ports when Direct Connect hubs were a thing was certainly interesting
|
|
#
?
Mar 23, 2018 22:09
|
|
|
10mb because there were two ports in every dorm room and only one cat-5 cable was run.
|
|
#
?
Mar 23, 2018 22:13
|
|
|
cheese-cube posted:Nah, those are shite excuses. It's called DHCP snooping and has been around for ages, that would have handled your rogue DHCP server issue. wolrah posted:They had nice switches but apparently hadn't enabled snooping and were really slow about actually doing anything about it. quote:Sounds like you ignored using technical solutions in favour of throwing your weight around to be the big network boy. quote:Unacceptable behaviour and the fact that you don't seem to realise this makes me fear for your current employer, assuming you're still in the industry.. As far as my employer goes, funny thing, at one point we deployed customized OpenWRT builds in smaller environments where we couldn't justify a commercial router that did what we wanted it to. This situation actually taught me a skill I've put to use at work.
|
|
#
?
Mar 23, 2018 22:14
|
|
|
The Fool posted:When I worked university support, the network department would confiscate home routers if found. This is when you turn your computer into a router  Campus networks around the early 2000's,I could agree, had the ultimate poo poo controls. Napster was coming down but direct connect was being popularized though private FTP servers were our thing in the compsci dorms. Nothing solved the issue the entire dorms shared a few t1s. Ultimate lag trying to get to the outside but nice and speedy inside. Matrix was released and there was a cam found and posted outside the network. It was a massive 600megs so it would have taken all day. Everyone wanted to see it and the seniors came and showed us the secret, but don't do this during the day when the system admins were online, technique. It took advantage that the mainframe we had had it's very own t1 line. Not used for anything. Disk space was a priority so you only had 50 Meg's available as a student. They showed us Linux witchery to create an ssh tunnel into the VAX/VMS through Kermit 95 to the outside. Linux was in a rough spot around this time where deciding a distro meant huge differences in how you worked with it but see windows go out over Linux into the outside and then back again without storing a drop on the server was amazing (when all it is is basically a proxy)
|
|
#
?
Mar 23, 2018 23:47
|
|
|
EVIL Gibson posted:Campus networks around the early 2000's,I could agree, had the ultimate poo poo controls. Napster was coming down but direct connect was being popularized though private FTP servers were our thing in the compsci dorms. I was a freshman CS student in fall 2001, in the dorm where Napster was invented, and life must have been hell for the network and system admins of the day lol. I distinctly remember Napster and Direct Connect crushing ResNet for our first week or so on campus to the point where you couldn't check email or log into AOL Instant Messenger (which was THE ONLY THING THAT MATTERED at that time). The network was just totally destroyed by P2P clients. They finally got it under control within a week or so and I'd love to know what was done, as a professional looking back on it. You could still do dumb poo poo like print horrible things to your friend's printer with no credentials, which was helpfully shared by default. Or click on Network Neighborhood and find files literally named "bank accounts.doc" Because the dorm was a giant layer 2 domain and there was no security on anything in those days. Windows 98 / XP security settings sure were something. Docjowles fucked around with this message at 05:09 on Mar 24, 2018 |
|
#
?
Mar 24, 2018 05:05
|
|
|
The Fool posted:10mb because there were two ports in every dorm room and only one cat-5 cable was run. lol Iowa dorms or did some other school make that same mistake?
|
|
#
?
Mar 24, 2018 06:23
|
|
|
My late 90's Comp Sci dorm story: Back in those days, we all had our own public IP addresses issued from the school's class B (/16). Right before leaving for Thanksgiving break, I was installing the FTP server on, I think it was NT4 or perhaps an early copy of Win2K, and I forgot to lock down anon access (which was on by default.) When I came back from break, I found that my network access to the Internet (the local network was open) was blocked. I also found a ton of folders in the FTP root directory with names that Explorer wasn't able to list/delete. I had to write a program in C++ to recurse through the drive and delete all the folders/files. I didn't look at the files, but I hate to even think what kind of poo poo I was hosting for the world. The school let me know that my bandwidth usage of 100s of gigabytes (big whoop today) was completely unacceptable, and that I would have to take a "responsible network course/quiz" before I could have my access back. Not that we have the IPv4 space to support it, but it would be a fun day if everyone connected to the web without NAT again.
|
|
#
?
Mar 24, 2018 21:03
|
|
|
B-Nasty posted:but it would be a fun day if everyone connected to the web without NAT again. IPv6 says hello
|
|
#
?
Mar 24, 2018 21:37
|
|
|
Real deployable IPv6 has been saying hello ever since Itojun (RIP) concluded the KAME project (a 3-clause BSD-licensed IPv6 stack) back in 2006 - although it's arguably been available since a lot earlier since the first imports to the BSDs started happening around 1999, so it's been usable for almost 20 years at this point. Just let that sink in: There are people who will consider themselves senior devops (nope, couldn't type that with a straight face), who have yet to deploy IPv6, despite the fact that a implementation is older than them.
|
|
#
?
Mar 24, 2018 23:17
|
|
|
I did work on the Linux IPv6 stack in 1996 and there were other implementations to do interop testing with at the IETF in Montreal that year.
|
|
#
?
Mar 24, 2018 23:31
|
|
|
|
| # ? May 28, 2024 01:01 |
|
|
D. Ebdrup posted:Real deployable IPv6 has been saying hello ever since Itojun (RIP) concluded the KAME project (a 3-clause BSD-licensed IPv6 stack) back in 2006 - although it's arguably been available since a lot earlier since the first imports to the BSDs started happening around 1999, so it's been usable for almost 20 years at this point. poo poo, I even have it deployed at home.
|
|
#
?
Mar 24, 2018 23:41
|
|
