A discovery re authentication on a Windows Network using Ubuntu

[neio]

Our network has got a lot of restrictions on it, i.e. website's that blocked for example yahoo mail ect. I'm running a Windows XP laptop with VMWARE installed on it.
Using the Ubuntu live load cd I've been able to boot into VMware and browse any site that I choose without any authentication being asked for, even download mp3 if I choose to do so.

(be carefull what you do if you try this, the network administrators can trace the stuff that you do using ur hardcoded MAC adress on your network card)


I can check the network traffic going into and out of my XP but say for example when I'm downloading a file using Ubuntu I can see no traffic from the Ubuntu side.
Any *nix experts out there that can tell me what is happing? As I understand it from one of the guys that I work with the no-authentication thing is cause the traffic from Ubuntu is seen a pure packet traffic and therefore the proxy authenticators dont register it to my name.

[kilps]

- they can still strace it - Well I know that they are very lazy over here

[ic]

neio, is that VMware ACE that's loaded on your laptop?

[DFantom]

(be carefull what you do if you try this, the network administrators can trace the stuff that you do using ur hardcoded MAC adress on your network card)

Um...so spoof your mac address then.

Any *nix experts out there that can tell me what is happing? As I understand it from one of the guys that I work with the no-authentication thing is cause the traffic from Ubuntu is seen a pure packet traffic and therefore the proxy authenticators dont register it to my name.

My guess would be the Windows boxes are on a DC, which controls the rules. One of the rules is to force clients through a proxy and viola they control it. When you use a different OS not on the DC it gets around the requirement. Maybe try load up firefox on your pc and see what that does, can it get direct access out?

[brooko]

mmm, it would be interesting...

[peered95]

heheh...gotta try that - they block miniclip.com at school

[DFantom]

I generally find when I need to run a browser on an enviroment which is locked down, this works great
http://johnhaller.com/jh/mozilla/portable_firefox/

[ScrnScrm]

Our network has got a lot of restrictions on it, i.e. website's that blocked for example yahoo mail ect. I'm running a Windows XP laptop with VMWARE installed on it.
Using the Ubuntu live load cd I've been able to boot into VMware and browse any site that I choose without any authentication being asked for, even download mp3 if I choose to do so.

(be carefull what you do if you try this, the network administrators can trace the stuff that you do using ur hardcoded MAC adress on your network card)


I can check the network traffic going into and out of my XP but say for example when I'm downloading a file using Ubuntu I can see no traffic from the Ubuntu side.
Any *nix experts out there that can tell me what is happing? As I understand it from one of the guys that I work with the no-authentication thing is cause the traffic from Ubuntu is seen a pure packet traffic and therefore the proxy authenticators dont register it to my name.

The proxy is most probably not your network default gateway onto the net. Your IP traffic is taking a different route, and this route doesnt have ACLs.
The browser in XP is configured to force the proxy setting? It is greyed out?
Try override the GPO to test this : registry key is :

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings]

Delete the proxy and autoconfig settings.

If I am correct, without the proxy forced, your traffic will follow the same route as your *nix installation and you will be able to browse the net...

Global Policy is insanely easy to overide, if you know how...

[neio]

neio, is that VMware ACE that's loaded on your laptop?

No, VMware 4.5.2

[neio]

Um...so spoof your mac address then.



My guess would be the Windows boxes are on a DC, which controls the rules. One of the rules is to force clients through a proxy and viola they control it. When you use a different OS not on the DC it gets around the requirement. Maybe try load up firefox on your pc and see what that does, can it get direct access out?

What is a quick and easy way to spoof the MAC address?

They have application scanning on the network, so the checksum of the firefox .exe does not compare to the IE piece of crap that we are forced to use.

[neio]

The browser in XP is configured to force the proxy setting? It is greyed out?

No, we enter it manually but the network policies force on boot certain things like Anti virus network maps and browser restrictions.

Anywho, I got past all the crap with Ubuntu, I must say I'm getting more and more inpressed with the little OS, it kiks @ss.

[DFantom]

What is a quick and easy way to spoof the MAC address?

Go to Start->Settings->Control Panel and double click on Network and Dial-up Connections.
Right click on the NIC you want to change the MAC address and click on properties.
Under “General” tab, click on the “Configure” button
Click on “Advanced” tab
Under “Property section”, you should see an item called “Network Address” or "Locally Administered Address", click on it.
On the right side, under “Value”, type in the New MAC address you want to assign to your NIC. Usually this value is entered without the “-“ between the MAC address numbers.
Goto command prompt and type in “ipconfig /all” or “net config rdr” to verify the changes.