Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

General security question about internet, IP, wifi


  • Please log in to reply
15 replies to this topic

#1 cornflakes2

cornflakes2

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 20 April 2017 - 12:17 AM

I work at public school in a very rural area.  There's not much around us.

The school's internet is set up I assume by the education office and they

have blocked certain websites (even sites like gmail).  Of course, I use a VPN

to overcome this, but it may be against policy but nobody cares, and nobody ever

notices, and nobody is ever going to get hurt from this (like, it's not going to detonate

a nuclear bomb somewhere in the world).

 

My question is, can the school or even edu. office IT people somehow snoop 

into my assigned IP (given to the computer) to see what I'm doing on the computer

or what websites I've visited, or even see visuals?

 

I'm aware of software programs that can be installed in computers that allows them to remotely

access and view / monitor other computers.  So you can actually see what the user is seeing on their computer.

But if no such program is secretly installed, can they still see what you are doing based solely on your IP address?

 

So if I'm watching hockey games during school hours (break times), can someone at school or Edu. office

IT look up my IP and see that I've been watching hockey games?

 

I bring my own notebook computer to school just in case, because sometimes school computers have

software installed that may snoop or collect info/data on what you are doing.  So my personal notebook computer is only connected via the school's LAN to access the internet.  Can they still detect or know what I'm doing on my own personal notebook?  My guess is NO.  Not the average school teacher or even the school IT.  I'd imagine only someone who is really high-up in the industry could be able to find that information.

 

Another question is, would setting up my own wifi-network router in my room pose as a security threat to the school's internet?  It's just a b/g/n connection not ac (so not powerful).  I can't even pick up the signal when I leave the room.  It's only good if I'm in the room.  So it's not likely that some hacker would come to this rural area, sit in his car outside the school and try to hack into the school's internet via my wifi network setup?

 

It doesn't sound plausible or likely that is a security threat.  Please advise.



BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Malware Study Hall Senior
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:07:17 PM

Posted 20 April 2017 - 01:42 AM

Your VPN connection is secure, no one on the same network can snoop on that.

 

Setting up your own wifi access point is probably enough to get you fired in most institutions, but not a security risk as long as you set a secure WPA2 password on it.



#3 cornflakes2

cornflakes2
  • Topic Starter

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 20 April 2017 - 08:17 AM

Yes, my wifi router had a wpa2 password on it so I don't see how it could pose as a security threat to the entire school's internet security.  The bottomline is just policy and nobody will ever enforce it or check it and nothing bad would ever happen, but because it's written as policy everyone has to follow orders and just tell me 'no, you can't do that'.

 

Sometimes as a reward, I will cook the students some food (like sausages, grilled cheese sandwiches, or make slushies or popcorn for them).  I suppose that could technically be against school policy too because if they ever got sick from food I served them, the school would be responsible and my food is not on the menu of the foods the school provides.  But that's never been an issue and nobody has ever told me that I can't do that.  All I'm saying is that I can also see them making that a policy issue, too.

 

It's a simple ethernet cable in my classroom.  All I did was plug it into a wifi router so that more devices in the classroom could connect to the net.  I'm still not sure how that is a bad thing or a dangerous thing except that it's against 'policy' that is never enforced anyways....nobody has ever or ever will enforce it from edu. office or higher ups.  It's just up to the school's discretion whether they want to be anal about it or not.   



#4 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:17 PM

Posted 20 April 2017 - 08:32 AM

Sometimes as a reward, I will cook the students some food (like sausages, grilled cheese sandwiches, or make slushies or popcorn for them).

I'm sorry what!!? That's it! I am calling the authorities. The president needs to be informed about this problem right now. There are pressing issues and then there is this!
The_Real_Story_Behind_Black_Guy_On_The_P
:lmao:

#5 Ankykile

Ankykile

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 20 April 2017 - 09:06 AM

So let me see if I understand:

 

- you work at a job where you have enough free time (or long breaks) to watch a hockey game, or you disregard your duties to watch a hockey game;

- "But if no such program is secretly installed, can they still see what you are doing based solely on your IP address?" - How would you know if a program was installed secretly, that is the purpose. But yes, even though the VPN traffic is secure (depending on the VPN) your IP address can be monitored for activity as can your browser history file on your school-issued computer;

- In your scenario, and I am no legal scholar, if you cook for the students the school is liable may be correct - but then if the students are exposed to 'objectionable' material via your actions the school (and you) may also be liable;

- you feel that using bandwidth, the purchase of which is for educational purposes, is ok to use for your personal activities. You stated this is a rural setting so my guess is that bandwidth is limited to begin with but this is not a concern of yours. Streaming protocols/apps, such as is used in live sports events on the web can take a fair amount of bandwidth, bandwidth that may be needed in another classroom to show a documentary or other learning material. In many places 'stealing' bandwidth is also enough to get a person fired;

- with regard to attaching your personal computer to the 'business' network (another reason to be fired in some places) let's suppose your computer is infected with a virus, trojan horse, etc. You could be infecting the school network.

 

Sorry, but I have several ethical and cyber security issues with your scenario.

 



#6 cornflakes2

cornflakes2
  • Topic Starter

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 20 April 2017 - 09:15 PM

That's why I'm asking.

I think you are assuming a lot of things.  I've been at my same school for over 6 years.  I've always surfed the net in my free time to watch news, read up on emails, shop, and other misc. things which is nothing unusual than any other employee in any company. If you are telling me that you've never surfed the net for non-job related things, you are a liar.   I'm not abusing it.  I've never posed any security threats.  If anything, I actually enhance security here because I've cleaned and removed a lot of viruses and malware on school computers that I have found.  It's not really well taken care of here.   There is no bandwidth limit.  I'm not sure how setting up a router to connect more devices in my classroom (which are used sparingly anyways) is even remotely a concern for bandwidth.  That's the last thing to worry about.

 

In the end, no matter what I want to say, I know that a policy is a policy but I wanted to just gauge some answers to see because there's been no problems for years, ever, and now suddenly it's a problem?   Suddenly our school is worried about being hacked because I'm using a router?

 

Even bringing your own notebook seems to be a grey area.  I brought 4 computers to my classroom (not connected to the internet, just used for programs, games, software for the kids).  They haven't told me that I should get rid of them, but they mentioned something about my computers should be registered with the Edu. Office?  Too much bureaucracy and politics if you ask me.  

 

Let's see what else I have done that may be a breach in policies(?).  I have brought my own fish tank and set it up with guppies.  

I brought my own mini-oven, kettle (to boil hot water), blow dryer (for activities), fan, my own cameras with green screen, my own shoes,

my own wii gaming system, nerf guns, rechargeable batteries....and there's more.  I suppose everything that I do could have a policy issue.  Hell, why even have fun? Why bother to live life and be daring or adventurous anymore?  Everything could have policy implications and we ought to just be robots and live strictly under house arrest.  

 

There's never even been a problem. My school and I actually have a good relationship, they always want me to stay, Kids enjoy everything I do for them and all the creative activities I come up with.  I'm really just frustrated with policies that on paper may be written down, but in real-life/real-world applications, have no relevance.   I still don't see where the security risk is?  But I do appreciate your answers.  Please just try to stick with the technical issues and not attack me personally about my choice of teaching style and personality.



#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,513 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:17 AM

Posted 23 April 2017 - 06:01 AM

Do you use VPN on the school computer?

 

Your Wifi access point, how is it connected to the Internet? The school's ethernet network?


Edited by Didier Stevens, 23 April 2017 - 06:01 AM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 JohnnyJammer

JohnnyJammer

  • Members
  • 1,098 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:07:17 PM

Posted 23 April 2017 - 06:58 PM

Well to be honest, did you mean VPN or a http proxy?

Big difference and running a VPN on a PC would normally require administrator rights to make changes to the network adapter.

 

Now even if you ran a VPN i could still see exactly what sites you have been on because your DNS lookups would still be coming from the DNS servers locally, unless you have admin rights on the PC and have privileges to flush and or change the DNS server settings.

Even still i could still know what sites you have been using by a few ways of which i wont all list but using the IE title bar etc can assist in this and injecting a process to monitor firefox.exe and or iexplorer.exe would bypass a VPN session.

 

If this PC is managed properly, not much is going to be private mate, no one at my work can bypass the measuers i have in place unless you are a local admin of which no one is but me.

 

Also remember you can promiscuously sniff a network adapter as well!!!



#9 JohnnyJammer

JohnnyJammer

  • Members
  • 1,098 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:07:17 PM

Posted 23 April 2017 - 07:06 PM

That's why I'm asking.

I think you are assuming a lot of things.  I've been at my same school for over 6 years.  I've always surfed the net in my free time to watch news, read up on emails, shop, and other misc. things which is nothing unusual than any other employee in any company. If you are telling me that you've never surfed the net for non-job related things, you are a liar.   I'm not abusing it.  I've never posed any security threats.  If anything, I actually enhance security here because I've cleaned and removed a lot of viruses and malware on school computers that I have found.  It's not really well taken care of here.   There is no bandwidth limit.  I'm not sure how setting up a router to connect more devices in my classroom (which are used sparingly anyways) is even remotely a concern for bandwidth.  That's the last thing to worry about.

 

In the end, no matter what I want to say, I know that a policy is a policy but I wanted to just gauge some answers to see because there's been no problems for years, ever, and now suddenly it's a problem?   Suddenly our school is worried about being hacked because I'm using a router?

 

Even bringing your own notebook seems to be a grey area.  I brought 4 computers to my classroom (not connected to the internet, just used for programs, games, software for the kids).  They haven't told me that I should get rid of them, but they mentioned something about my computers should be registered with the Edu. Office?  Too much bureaucracy and politics if you ask me.  

 

Let's see what else I have done that may be a breach in policies(?).  I have brought my own fish tank and set it up with guppies.  

I brought my own mini-oven, kettle (to boil hot water), blow dryer (for activities), fan, my own cameras with green screen, my own shoes,

my own wii gaming system, nerf guns, rechargeable batteries....and there's more.  I suppose everything that I do could have a policy issue.  Hell, why even have fun? Why bother to live life and be daring or adventurous anymore?  Everything could have policy implications and we ought to just be robots and live strictly under house arrest.  

 

There's never even been a problem. My school and I actually have a good relationship, they always want me to stay, Kids enjoy everything I do for them and all the creative activities I come up with.  I'm really just frustrated with policies that on paper may be written down, but in real-life/real-world applications, have no relevance.   I still don't see where the security risk is?  But I do appreciate your answers.  Please just try to stick with the technical issues and not attack me personally about my choice of teaching style and personality.

Sorry mate but policys are there for a reason.

What you think is safe by bringing your device into a network to me isnt safe at all because it wont have any of the GPO's applied to stop crypt0 etc.

 

Some of the biggest hacks and breaches have been from the average employee bringing USB and DVD's into a work computer and clicking on that "Hot_sexy_Milf.jpeg.Chr(09)Chr(09)Chr(09)Chr(09)Chr(09)Chr(09)exe" file.

Chr(09) = blank space.

 

As a SysAdmin i coudlnt care about all the rest of the stuff but you bring something into my network which hasn't had any trojan/virus since i started then i will get cranky real quick.



#10 cornflakes2

cornflakes2
  • Topic Starter

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 25 April 2017 - 09:30 PM

Thanks for that JohnnyJammer.  



#11 cornflakes2

cornflakes2
  • Topic Starter

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 25 April 2017 - 09:36 PM

One more question, please.  So, you would be able to see what websites I visit, but would you be able to see exactly what I see on my screen?  For example, if I was opening up my facebook account and started chatting with people or visiting groups etc., would you only be able to see that I visited facebook or would you be able to somehow pull up and open the exact pages that I was viewing?

 

Once again, I know if a software is installed in a machine, someone could see exactly what I see on my monitor.  But if I'm using my own notebook (so I know that there is no software installed on my notebook), but I'm using the internet connection at work, can they see only the sites I've visited or can they do more?

 

Thanks.



#12 JohnnyJammer

JohnnyJammer

  • Members
  • 1,098 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:07:17 PM

Posted 26 April 2017 - 05:26 PM

One more question, please.  So, you would be able to see what websites I visit, but would you be able to see exactly what I see on my screen?  For example, if I was opening up my facebook account and started chatting with people or visiting groups etc., would you only be able to see that I visited facebook or would you be able to somehow pull up and open the exact pages that I was viewing?

 

Once again, I know if a software is installed in a machine, someone could see exactly what I see on my monitor.  But if I'm using my own notebook (so I know that there is no software installed on my notebook), but I'm using the internet connection at work, can they see only the sites I've visited or can they do more?

 

Thanks.

Yeah mate i could watch your screen and you wouldn't even know, the most common software is called NetSchool.

Its used ins chools etc and has a large range of utilies like making the screen black, watching what you do, logs, remote control, warning message on screen etc etc.

It also logs all traffic.

 

As far as your own device, unless they brute forced the \\%hostname%\ipc$ share and then could remotely install software then no they could only monitor packets of data.


Edited by JohnnyJammer, 26 April 2017 - 05:27 PM.


#13 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 4,621 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:05:17 AM

Posted 26 April 2017 - 06:32 PM

I really have never understood why anyone could, would, or should think that their use of communications resources supplied directly by others are not subject to monitoring.

 

I've worked for telecomm companies, schools, and public agencies.   I have used the phones, e-mail systems, and internet access of all of them, and for some limited personal use (e.g., browsing at lunch or when terminally bored and I'd done what already needed to be done - making calls to set up doctor's appointments, check in with friends, and the like) but I have never been under the impression that it was a violation of my privacy were the monitoring policies that were clearly in place and which I signed acknowledgements regarding actually employed.

 

You have these things, in those venues, "at the pleasure of" the providing entity.  You have no reasonable right to expect absolute privacy.  Bringing in private equipment to set up private internet access is also generally forbidden, though generally doesn't mean always.  That would be well-nigh impossible to police these days since most smartphones now at least can support tethering and many wireless ISPs make that feature easily accessible.  It's rather like how cameras were forbidden in many venues where they are now not because it became impossible to enforce with the ubiquity of smartphones.   Heaven knows if I were the person policing the use of internet resources and actually saw the degree to which you're trying to mask your activities that would set off alarm bells for me.  Otherwise I'd probably pay you little to no attention.


Edited by britechguy, 26 April 2017 - 06:34 PM.

Brian  AKA  Bri the Tech Guy (website address in my profile) Windows 10 Home, 64-bit, Version 1703, Build 15063

       

    A man's worst difficulties begin when he is able to do as he likes.
              ~ Thomas H. Huxley (1876)

 


#14 cornflakes2

cornflakes2
  • Topic Starter

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 27 April 2017 - 08:50 AM

No, there is and was never any document signed in any contract that mentions anyone snooping or spying on my internet activities.  

I don't really have an issue IF that was part of the gig.   

 

I don't mind also if they want to see the links of the websites I've visited.  That's not hard to find.  I don't erase my browsing history so anyone is welcome to check where I've been.  But what I do have an issue with is how much detail they can see.  If they can actually see my private messages, my emails, my conversations, all my personal photos, albums, etc., that's something I'd like to know or at least be told that they are doing (which I'm about 99% sure they are not and can't).

 

If they want to see what sites/links I've been visiting, that's not a problem.  For example, if they want to see that I've been visiting facebook, that's fine by me.  But I don't want them to be able to see my inbox messages and all my conversations.  

 

It's the same reason why CCTV is not allowed in bathrooms.  I don't have a problem with them knowing that I'm going to the bathroom and CCTV record me going into the bathroom.  But once I'm in there, I don't think there should be any monitoring of what you are doing on toilet and watch you undress.  And if they are doing that, then it should clearly be stated or mentioned openly so that we can all know about it (which even still would be absolutely wrong to have cameras filming us in the bathroom).


Edited by cornflakes2, 27 April 2017 - 08:55 AM.


#15 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 4,621 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:05:17 AM

Posted 27 April 2017 - 08:54 AM

I strongly suggest you contact HR and/or your IT department to get a copy of what you've consented to.

 

I have worked in schools in two different states and know lots of teachers and other school staff who work in others.  I do not know of a single one that does not have a written internet use policy (which includes information about what monitoring may be done) and that policy must be signed as a part of one's contract.


Brian  AKA  Bri the Tech Guy (website address in my profile) Windows 10 Home, 64-bit, Version 1703, Build 15063

       

    A man's worst difficulties begin when he is able to do as he likes.
              ~ Thomas H. Huxley (1876)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users