|
10 Feb 2004, 18:56
|
#1
|
m u p p e t
Join Date: May 2001
Location: Whenever Wherever
Posts: 477
|
Net Send Question
Ok,
At work we have a fairly large (17000 Workstation) windows 2000 network with fairly decent security/monitoring etc. What I want to know is, do you think they can/do monitor all messages sent with "net send ......" over the network?
If so, I'm in shit
__________________
|
|
|
10 Feb 2004, 20:25
|
#2
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
Re: Net Send Question
They can, certainly they can. The net send packet contains info about the currently logged in user too.
But why would you be in trouble? Did you do a net send * ? That prolly gets blocked at the very first router of the network.
And even then, what are they gonna do? fire you for doing a net send?
Pfft
__________________
"Yay"
|
|
|
11 Feb 2004, 00:00
|
#3
|
-=Murderous Plush Toy=-
Join Date: Nov 2001
Posts: 971
|
Re: Net Send Question
probably been sending rude messages to some fit bird
__________________
-Lucky #plush
__________________
Does anyone actually play this anymore?
|
|
|
11 Feb 2004, 00:11
|
#4
|
Registered User
Join Date: Aug 2000
Posts: 1,967
|
Re: Net Send Question
Quote:
Originally Posted by Supernova9
Ok,
At work we have a fairly large (17000 Workstation) windows 2000 network with fairly decent security/monitoring etc. What I want to know is, do you think they can/do monitor all messages sent with "net send ......" over the network?
If so, I'm in shit
|
Start>Programs>Administration Tools>Event Log == Your screwed.
|
|
|
11 Feb 2004, 00:12
|
#5
|
Weeeeee
Join Date: Oct 2003
Location: leeds
Posts: 586
|
Re: Net Send Question
or rude msgs to a ugly bird
__________________
:gollum: :gollum: :gollum: :gollum:
One load of gollums is enough for anyone.Ta
DM.
|
|
|
11 Feb 2004, 01:54
|
#6
|
Howling Rain
Join Date: Jul 2003
Location: England
Posts: 32
|
Re: Net Send Question
You *can* use netsend without gettign caught by simply masking your machine id. Using netsend you can mask your ip and spoof the pc and username. Quiet funny really when you've been told not to netsend and you spoof another guys machine and netsend to the teacher
__________________
To live in Freedom we must dwell in War.
|
|
|
11 Feb 2004, 18:50
|
#7
|
m u p p e t
Join Date: May 2001
Location: Whenever Wherever
Posts: 477
|
Re: Net Send Question
Quote:
Originally Posted by Structural Integrity
They can, certainly they can. The net send packet contains info about the currently logged in user too.
But why would you be in trouble? Did you do a net send * ? That prolly gets blocked at the very first router of the network.
And even then, what are they gonna do? fire you for doing a net send?
Pfft
|
Well, more accurately, I had a net send "conversation" with someone, questioning my bosses' competence.
Now, the network I work on is a government one, and the company I work for is contracted to provide Information Services to said government agency. Thus, it's not "our" network, and is "theirs". If they, in their routine monitoring, search through this event log, find them, they could complain to our company. My company then, to save face, would fire me and other worker. They have done before, over 'misuse' of email services (two people sitting across an office from each other sent emails to ask when to go to lunch, caught and fired). Bummer
__________________
|
|
|
11 Feb 2004, 19:21
|
#8
|
Registered User
Join Date: Aug 2000
Posts: 1,967
|
Re: Net Send Question
Quote:
Originally Posted by Supernova9
Well, more accurately, I had a net send "conversation" with someone, questioning my bosses' competence.
Now, the network I work on is a government one, and the company I work for is contracted to provide Information Services to said government agency. Thus, it's not "our" network, and is "theirs". If they, in their routine monitoring, search through this event log, find them, they could complain to our company. My company then, to save face, would fire me and other worker. They have done before, over 'misuse' of email services (two people sitting across an office from each other sent emails to ask when to go to lunch, caught and fired). Bummer
|
How many net sends? I doubt they are going to notice it. If you don't do it again your proably going to be safe. Whats the worst that happens, you get fired.
|
|
|
11 Feb 2004, 19:33
|
#9
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
Re: Net Send Question
Yeh... you get fired from a bureau running a nazi-ICT policy. Big deal
__________________
"Yay"
|
|
|
11 Feb 2004, 19:45
|
#10
|
Get Stuffed
Join Date: Jun 2000
Location: Cheltenham, England
Posts: 647
|
Re: Net Send Question
Working in a government network myself
I can tell you they audit pretty much everything, all network traffic
however due to the sheer amount of traffic, it only flags up on certain conditions - net send isn't normally one of these
__________________
___________________________________
I used to work for PA.. and all i got was this shit avatar
___________________________________
|
|
|
11 Feb 2004, 19:59
|
#11
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
Re: Net Send Question
Would it flag on a netsend with the text "Osama bin Laden rocks" ?
__________________
"Yay"
|
|
|
11 Feb 2004, 20:38
|
#12
|
-=Murderous Plush Toy=-
Join Date: Nov 2001
Posts: 971
|
Re: Net Send Question
Quote:
Originally Posted by Structural Integrity
Would it flag on a netsend with the text "Osama bin Laden rocks" ?
|
__________________
-Lucky #plush
__________________
Does anyone actually play this anymore?
|
|
|
11 Feb 2004, 21:42
|
#13
|
Get Stuffed
Join Date: Jun 2000
Location: Cheltenham, England
Posts: 647
|
Re: Net Send Question
absolutely no idea, dunno what the flags are
the only net commands i have seen monitored tend to be net sends that have a file attachment
__________________
___________________________________
I used to work for PA.. and all i got was this shit avatar
___________________________________
|
|
|
13 Feb 2004, 02:34
|
#14
|
Registered User
Join Date: Feb 2004
Posts: 2
|
Re: Net Send Question
lol, funny you should mention this....
At college i tought some of my mates how to do netsend....i didnt use it myself. However, i did teach them how to create batch files and create loops of netsends - i dont personally find tht fun, lol - but they did.
They were constantly sending 100s of netsends via these looped batch files, with abusive words at each other jsut for a laugh.
Two of the students got an official warning. Kinda funyn considering if it wasnt for me they wouldnt have known how to do it....
Ah well, you live n ya learn
|
|
|
13 Feb 2004, 09:01
|
#15
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
Re: Net Send Question
I remember when I started computer engineering nearly four years ago... we thought we were l33t hax0rz when we knew how to ping and tracert a computer and do netsends in loops. We really through we were da bomb back then.
Good thing we grew up a bit. We don't loop-net-send anymore (most of the time). Instead, we jump on chairs, make funny noises and collate our pub adventures against the ceiling (printed photo's stuck against the ceiling).
__________________
"Yay"
|
|
|
13 Feb 2004, 15:32
|
#16
|
Street Tramp
Join Date: Apr 2000
Location: Street Gutter
Posts: 341
|
Re: Net Send Question
My student labs consisted of 30 player Quake2. If some snotty gimp asked you to stop playing so they could work ... you just said "Sorry, this is my timetabled lab".
__________________
Chimney Pots.
|
|
|
14 Feb 2004, 17:27
|
#17
|
Join Date: Jan 2002
Posts: 421
|
Re: Net Send Question
Quote:
Originally Posted by Freedom
You *can* use netsend without gettign caught by simply masking your machine id. Using netsend you can mask your ip and spoof the pc and username. Quiet funny really when you've been told not to netsend and you spoof another guys machine and netsend to the teacher
|
please teach me this
Quote:
Originally Posted by Karmulian
the only net commands i have seen monitored tend to be net sends that have a file attachment
|
and how to send file attachments using net send
|
|
|
14 Feb 2004, 18:42
|
#18
|
Forever Delayed
Join Date: Sep 2000
Location: www.netgamers.org
Posts: 1,475
|
Re: Net Send Question
Anybody who's ever worked for uk government bodies knows that the staff are largely lazy, incompetent, and stupid. However, there's a high level of "Jobsworthism", so watch out if one of these losers does find out.
M.
__________________
Firefly Oper and General l4m3r - "I Do Stuff"
O2 Rip-off campaign
<vampy> plus i hate people ... i despise humanity as a whole
pablissimo "I'm still geting over the fact you just posted a pic of your own vomit"
|
|
|
18 Feb 2004, 15:52
|
#19
|
m u p p e t
Join Date: May 2001
Location: Whenever Wherever
Posts: 477
|
Re: Net Send Question
Well, that's all that over with anyway. Thought I was clever enough to have avoided it, but no. As our company does Tech Support for this govt. agency, I had access to my computer's eventviewer/logger, and cleared all the net sends from it. Thought I was very clever, and had dodged the system. Phew.
No such luck. They actually got me for "tampering with auditing measures" (clearing that viewer), and gave me a formal warning (but at least my boss didn't find out what the messages said!)
Note to self : no more netsends.
__________________
|
|
|
31 Mar 2004, 02:07
|
#20
|
Guest
|
Re: Net Send Question
.......i don't use forms often....couldn't figure out how to quote, lol. Anyway....i MUST know how to mask your IP and computer name.....MAC address, etc! My purpose in life is to figure this out and ive been able to use net send programs, but id rather use command prompt. As for the goverment thing....well, i did a net send * at my school.....they got pretty pissed off, but all that happened to me was I got suspended off of the computers for a month, lol PLEASE teach me how to mask the info!
|
|
|
1 Apr 2004, 21:42
|
#21
|
crashed computer
Join Date: Jan 2001
Posts: 2,257
|
Re: Net Send Question
we've used net sends over at school to disrupt the network as well.
it's not difficult seeing as how it's a mainframe that can support around 150 to 200 computers and it has to support almost 350 computers. Just 2 people using net sends to chat crashed the mainframe, best thing was i was using a laptop that shouldn't have been able to access the network so they still haven't figured out where those net sends where coming from.
__________________
IRC quotes:
<Walrus> Let's all poke him next time he appears.
<Heiro> I think that is wise, Master Walrus
<Gryffin> ungrateful wretches
<Gryffin> they should be here!
<Gryffin> so I can grace them with my presence
|
|
|
1 Apr 2004, 21:55
|
#22
|
Registered User
Join Date: Jan 2003
Posts: 4,290
|
Re: Net Send Question
Quote:
Originally Posted by Supernova9
Well, more accurately, I had a net send "conversation" with someone, questioning my bosses' competence.
Now, the network I work on is a government one, and the company I work for is contracted to provide Information Services to said government agency. Thus, it's not "our" network, and is "theirs". If they, in their routine monitoring, search through this event log, find them, they could complain to our company. My company then, to save face, would fire me and other worker. They have done before, over 'misuse' of email services (two people sitting across an office from each other sent emails to ask when to go to lunch, caught and fired). Bummer
|
you should quit on your own. what kind of company is that? its not like emails or net send messages cost any money in a local network or generate much traffic. i mean, WTF???
(and yes, ive read the date, i just couldnt belife it)
__________________
im not tolerant, i just dont care.
|
|
|
15 Apr 2004, 02:26
|
#23
|
Registered User
Join Date: Apr 2004
Posts: 10
|
Re: Net Send Question
First of all, assuming net send isn't blocked by the switches and routers on the network, then yes, it is pretty much sent to everybody.
Second of all, and more importantly, net send uses the messenger service, which is known to have several severe bugs in it. Ones that even Microsoft can't iron out. They reccommend disabling messenger service, because it's easily exploited with a remote buffer overflow vulnerability. The "hacker" doing this would be able to execute commands on ANY computer that has the messenger service enabled.
For more info on this, check out the security reports on these huge vulnerabilities.
Heres the CERT report for a big one:
CERT Vulnerability Notice 575892
Here's the corresponding Microsoft notice:
Microsoft Security Bulletin MS03-043
And here's the corresponding CVE:
CVE CAN-2003-0717
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
|
All times are GMT +1. The time now is 13:06.
| |