Stealth home router?

[kfranc9]

Here's my situation. I live on a college campus. The network admins in are 100% against LAN routers on their network. I believe if I can use the router without advertising DHCP and keeping my MAC consistent on packets, I won't be "etected".

1) Is this possible?
2) Is there anything else that would make my router connection look different from a normal computer connection?

---

kfranc9,

DO NOT post on our forums looking for ways to circumvent your school's rules for use of their network. It is the school's network and their rules. Work it out with them legally, or forget it.

Any further posts like this may be reason to lock your account on our forums.

AnandTech Moderator

 

[JackMDS]

Wow it is starting.:evil::evil::evil:

Every year at about this time into early October, about 20% of the posts are involving the quest of how to bypass, and disobey Colleges/Universities, Internet/Networking Rules.

Whether it is legal, make sense, or just plain fair to so? Who cares?:shocked::shocked::shocked:

By the way where I come from you would get all the help including a connection to the Super Internet if it is research related.:thumbsup::thumbsup::thumbsup:

?Research? come on you are kidding, College is for Online games. :beer: S**** the Studies who needs them, our parents are paying anyway.:disgust::Q :disgust::Q :disgust::Q

:thumbsdown:

:sun:

 

[spidey07]

if they really want to find it they will

 

[kfranc9]

Well, I am not your average student. I'm not tryin to be a rebel. I'm trying to learn. I'm Cisco certified and I want to setup a mini-lab. The problem my university has is students disrupting the network: advertising DHCP and sharing multiple connections.

You may be asking, if he's CCNA, why does he need our help. Well, I just thought I could find someone who may have been in this situation before and could advise me about any vendor-specific protocols or something similar that may get me caught.

Btw...my school encourages online gaming. They support Xbox Live and host team challenges. Anyone who has prior experience, don't be afraid to comment.

 

[spidey07]

well all of the SOHO routers do the same thing - they do port address translation. Its hard to detect, but its doable.

As an aside they can do basic router like stuff like basic routing protocols, etc.

 

[wiin]

well all of the SOHO routers do the same thing - they do port address translation. Its hard to detect, but its doable.

This is true. I don't know how but someone i talked to in a chat room found out my my private ip address. I didn't tell this person. This person told me.

 

[VirtualLarry]

Originally posted by: kfranc9
Btw...my school encourages online gaming. They support Xbox Live and host team challenges. Anyone who has prior experience, don't be afraid to comment.

Seems odd to me that they would support things like XBox live on their dorm networks, but not SOHO NAT routers. It's a lot more likely that someone would want to connect their PC to the network than their XBox, and if they own both, then they probably want to connect both.

This isn't just some sort of thinly-veiled plan to generate more student fees by charging for extra IPs, is it?

How do they normally allow you to connect multiple devices to the ethernet, if they don't allow NAT routers? Via a regular switch or hub? Will they supply additional IPs?

If nothing else, and they don't support routers, you could always set up your "primary" PC, and throw another NIC in, and run ICS on it.

 

[Nothinman]

Why don't you try talking to the school's network admins, if you're a CCNA and can convince them that you know enough not to break their setup they might make an exception for you.

 

[kfranc9]

VirtualLarry: They probably expect you to disconnect your computer and connect your Xbox. An internal IT person in my dorm stated they actually walk peeps through the setup process.

Nothinman: Everyone wants to be a hacker. They'll probably monitor me even closer if I start bragging about how good I am. I'm new, but I've done that once before and already have IT people keeping their eyes open for me. :frown:

If push comes to shove, I'll give them a diagram of my network and change it up where I'm only using a single connection with no LAN equipment. But, that's a pain and a last resort. I really dont want to limit my network to make it "campus-compatible"

 

[Mir96TA]

What if you get a router
WHich clone your Mac Address
unable Ping option......

 

[scoreadeal]

Get a Linksys router, use MAC address spoofing... turn off DHCP server, etc... and if they ask any questions, tell them you just installed Windows XP SP2 and the firewall feature took over your computer, LOL... I'm sure those computer network admins will be really busy this year fixing all the idiots computers on the network that can't connect anymore due to SP2 anyway.

 

[Goosemaster]

TTL will be the death of you

 

[kfranc9]

well, if i am able to set the "unable to ping" option....how will TTL be the death of me goosemaster?

 

[spidey07]

Originally posted by: kfranc9
well, if i am able to set the "unable to ping" option....how will TTL be the death of me goosemaster?

because it reveals the presence of a router.

 

[kfranc9]

well, in that case...i'd just leave it on...but right now, I'm using zone alarm...and as far as i know...any ICMP request is blocked automatically...havent received any knocks on my door yet.

 

[WobbleWobble]

DHCP only works on the LAN ports of SOHO routers, not the WAN port which is where you'll be connecting to your college. You should be able to get away with it no problem.

 

[Mir96TA]

Leave PING on
DCHP server thing they can't see
They stripp the packet; which still
didn't them any thing

 

[ScottMac]

Oh Yeah !! You bet!! You are gonna be THE ONE! Noone in the previous years has thought of doing anything like this ..... a SOHO router!!! Golly! I think you're on to something there.....

Stop for a moment and think.

I'll betcha a shiney new nickle that they're ready for you. You put that SOHO router on the network, and they'll nail you. You won't know if you're "Stealthy enough" until it's too late and you've lost your network privileges (or whatever the punishment is for being smarter than the current network admins (or, so you think).

There are a number of ways for detecting nat'd / firewalled traffic, TTL being one of the more obvious. For you new guys, TTL = "Time to Live:" It's a counter in the packet that (usually) starts at 255 and counts down by one every hop. If your PC is directly connected, you put out packets with a TTL of 255 ... you put a router in-line, you now have packets with a TTL starting at 254. You can't set the TTL = 256, because TTL of 256 would be zero.

There are other signatures in the packet that give away nat'd / FW'd / routed traffic.

There ain't nuthin' you can do that hasn't been tried before.

If you need alternate access, get a dial-up account (or DSL, or Cable Modem, whatever they'll let you have).

Chances are the security people you'll come up against eat CCNAs for breakfast. Don't risk your access (Talk the next door neighbor into risking his, see what happens).

All the people that are encouraging you to "go for it" have nothing to lose. You have enough to lose that you should take a shot at playing by the rules (and wait for some other "smart" person to get caught and see what happens).

Your best bet is to talk to your network folks. See what solution they suggest for wireless access or multiple devices. If they say "no," mutter loud enough for them to hear that you'll get around 'em - then watch them smile ... 'cause they know they'll getcha.

I'm not meaning to really be that contentious ... I don't care ... I'm just trying to get you to take a breath and think about it. As Jack mentioned, posts like this pop up every year about school-starting time .... followed by "Dammit, my school just cut off my network access, what can I do?" posts.

Think. Watch. Act accordingly.

Trust me.

Scott

 

[kfranc9]

Your excitement about this topic would leave me to believe you're somewhat religious about this topic. Anyway, I'll take my chances for 2 reasons. The first being I'm a new student; they have to give me a warning. The second is that I work for the Computing Services office on campus...they'll cut me some slack.

Also, did I not start this thread to get your response. All you were asked to say was:

There are a number of ways for detecting nat'd / firewalled traffic, TTL . TTL = "Time to Live:" It's a counter in the packet that (usually) starts at 255 and counts down by one every hop. If your PC is directly connected, you put out packets with a TTL of 255 ... you put a router in-line, you now have packets with a TTL starting at 254. You can't set the TTL = 256, because TTL of 256 would be zero.
There are other signatures in the packet that give away nat'd / FW'd / routed traffic.

There ain't nuthin' you can do that hasn't been tried before.

 

[n0cmonkey]

Originally posted by: kfranc9
Your excitement about this topic would leave me to believe you're somewhat religious about this topic. Anyway, I'll take my chances for 2 reasons. The first being I'm a new student; they have to give me a warning. The second is that I work for the Computing Services office on campus...they'll cut me some slack.

Bwahahahahahaha!

Also, did I not start this thread to get your response. All you were asked to say was:

There are a number of ways for detecting nat'd / firewalled traffic, TTL . TTL = "Time to Live:" It's a counter in the packet that (usually) starts at 255 and counts down by one every hop. If your PC is directly connected, you put out packets with a TTL of 255 ... you put a router in-line, you now have packets with a TTL starting at 254. You can't set the TTL = 256, because TTL of 256 would be zero.
There are other signatures in the packet that give away nat'd / FW'd / routed traffic.

There ain't nuthin' you can do that hasn't been tried before.

You start a thread, you take your chances. This isn't a religious thing, it's a respect thing. What do you think we do all day? Sit around, stufy, download porn, and get drunk? Oh, wait, we probably do a lot of that. Between updating servers and stopping idiot users.

Anyhow, good luck with school.

 

[Nothinman]

The first being I'm a new student; they have to give me a warning. The second is that I work for the Computing Services office on campus...they'll cut me some slack.

Then what's wrong with asking first? They might actually say they don't care, but even if they don't they have to cut you some slack, right?

 

[Mir96TA]

Scott Mac have a BEST advise
Listen to him
Other people need little bit more Fiber in their Diet

 

[kfranc9]

The problem with asking first is them saying no, then catching me and saying....I TOLD YOU NO!

Also, I have a job at the CS office, but I haven't started working yet. Is it bad that I'm trying to find the easiest way to learn without starting a dispute or getting my face and IP address posted around campus.

I understand that 99% of the people on campus intend to either suck up bandwidth or whatever else, but not me. Could you imagine being 18, spending alot of money on equipment to supplement your learning...and now you can't because previous users have crapped up?

Scott Mac have a BEST advise
Listen to him
Other people need little bit more Fiber in their Diet

How will I ever be as great as Dr. Scott Mac if I don't learn?!?

 

[spidey07]

Yep, guess its that time of year again. Time when the college kids try to circumvent acceptible use policies, etc.

Look at it this way, lots of us on this board are paid to prevent EXACTLY what you're trying to do. Hence why it is frowned upon.

 

[Nothinman]

Is it bad that I'm trying to find the easiest way to learn without starting a dispute or getting my face and IP address posted around campus.

Not necessarily, but it's bad that you're trying to find a way to get around network security and policy. Whether you agree with it or not is irrelevant, you agreed to follow it when you signed up to go to school there.