|
OT-Computer networking
OK this is 99 and 44/100% OT, but you guys know everything.
The place I work has an IT department straight out of a Dilbert cartoon. For a department of 15, we have been allowed 1 (!) internet computer, located in the far corner of our area. Major nusiance. We use this alot, and would like to set up a clandestine sub-network off of our department computer, to get web access to our desks. We asked repeatedly via offical channels and where refused, with no explaniation. Never a group to avoid from such a challange, I turn to you for help. Our internet connection is a T1, distributed over an internal network, seperate from the "regular" company network. We originally tried the obvious, which was to plug a hub into where our web computer is and distribute from there, but it won't work. I found out that the system is set up to communicate only with the MAC address of the specific ethernet card in that computer. It ignores any other network device that is plugged into it. Now I understand that it is possible to put 2 network cards in 1 computer. Is that true, and would it be possible to do that and use the second network card to allow "passthrough" (for lack of a better term) access to the web? What would it take, SW and HW wise? As I am sure you have gathered, I am not any sort of networking expert, but maybe know just enough to be dangerous. Any ideas or suggestions as to the best way to accomplish this? All of these computers are P3's (sad, I know...) running Win98 or 98SE. Thanks for any suggestions! |
Check into Internet Connection sharing. It's a built in function
courtesy of MS. You will need a second NIC to connect to your "local" network. http://www.winbookcorp.com/_technote/WBTA08000453.htm I have not done this on Win98 but it is simple on Win2k. I expect it is similar on Win98. JW |
|
|
|
On Wed, 09 Mar 2005 21:21:22 GMT, ff wrote:
I suspect your IT people are trying to keep viruses off the regular company network. A good idea, believe me. Yabbut, he said it's a separate T1 feed from the local provider, not the corporate network. I think maybe they're just overworked and don't want to deal with it. Still safer to propose it & get permission, though... |
I'm the Tech cor. and I can tell you if you where here at the school, you
would be gone, toast, history. Anyone that bypass network safe guard I have in place do not get a second chance very often. Jim Geib Mansfield, Oh wrote in message ups.com... OK this is 99 and 44/100% OT, but you guys know everything. The place I work has an IT department straight out of a Dilbert cartoon. For a department of 15, we have been allowed 1 (!) internet computer, located in the far corner of our area. Major nusiance. We use this alot, and would like to set up a clandestine sub-network off of our department computer, to get web access to our desks. We asked repeatedly via offical channels and where refused, with no explaniation. Never a group to avoid from such a challange, I turn to you for help. Our internet connection is a T1, distributed over an internal network, seperate from the "regular" company network. We originally tried the obvious, which was to plug a hub into where our web computer is and distribute from there, but it won't work. I found out that the system is set up to communicate only with the MAC address of the specific ethernet card in that computer. It ignores any other network device that is plugged into it. Now I understand that it is possible to put 2 network cards in 1 computer. Is that true, and would it be possible to do that and use the second network card to allow "passthrough" (for lack of a better term) access to the web? What would it take, SW and HW wise? As I am sure you have gathered, I am not any sort of networking expert, but maybe know just enough to be dangerous. Any ideas or suggestions as to the best way to accomplish this? All of these computers are P3's (sad, I know...) running Win98 or 98SE. Thanks for any suggestions! |
Yes and as soon as he does anything he essentially connects the corp net to
the real net and blamo... virus city.. 98/98SE isn't going to do the gateway, an external router is the only way, and now they will have to put dual nics in all their machines so they can hook to both corporate and their 'hack net'.. and when, not if... WHEN, they virus the whole company I'm SURE heads will roll. just my 2 cents worth Dave "Dave Hinz" wrote in message ... On Wed, 09 Mar 2005 21:21:22 GMT, ff wrote: I suspect your IT people are trying to keep viruses off the regular company network. A good idea, believe me. Yabbut, he said it's a separate T1 feed from the local provider, not the corporate network. I think maybe they're just overworked and don't want to deal with it. Still safer to propose it & get permission, though... |
On Wed, 09 Mar 2005 22:08:41 GMT, Dave August wrote:
Yes and as soon as he does anything he essentially connects the corp net to the real net and blamo... virus city.. No, he specified that it's a separate feed and a separate network. If that's not correct, then yes, bad idea for valid reasons. 98/98SE isn't going to do the gateway, an external router is the only way, Right. and now they will have to put dual nics in all their machines so they can hook to both corporate and their 'hack net'.. As soon as they do that, the whole thing falls apart and is very much fire-able. and when, not if... WHEN, they virus the whole company I'm SURE heads will roll. Yup, if he's tying those clients to two networks, one secure and one insecure, that'd be a problem. Didn't sound like what he was saying. But, I think enough of us have thrown huge red flags up at this point that if he's going to continue, he at least knows he's walking into a buzzsaw. |
Thanks all, for the replies.
As to the risk for doing this sort of thing, it is pretty minimal. The IT department is, essentially, one guy. He seems to simply not want to do this sort of thing. When we asked for unsupported control, he said no. When we asked for support, he said no also. This is not a new pattern for him. He really is an OK guy, just a bit odd. This was the guy who was unreachable (no "reach me here" number, cell phone shut off, etc) on the opposite coast, for 5 days when our company network went down. The guy he left in charge was not even given keys to the server room, so we broke the lock off the door for him, only to find out that all of the stuff was password protected, and he had not shared the passwords. Shut down an entire section of the company for 4 days. he still works here, I think we are OK. Our experience has been that once we set this up, word will get around, and then the IT guy will just sort of take it over. That is fine with us, there is nothing illicit going on here. That was how we got our web computer in the first place. We sort of "borrowed" an underutilized one from a neighboriing department, after being refused one of our own. He takes care of it since. just seems to be a way to get things done sometimes in one of these not-big-but-not-small-either-companies. It is a silly way for things to work, but it does keep life there interesting. Thanks again for all of the replies. I really do appreciate all of your advice, technical and otherwise. |
|
|
I may have worded poorly, but there is NO connection between the
internal corperate network and the web. We are not trying to add one. I agree that would be dangerous and stupid. Everybody here has at least 2 computers in thier office, one on the company network, and one or more that are not. Would just like to have more than one web computer in our area, so that we don't have to stand in line to get outside email. Like I said, nothing sinister or suicidal. Maybe "clandestine" was a bit too strong a word. : ) |
wrote in message ups.com... OK this is 99 and 44/100% OT, but you guys know everything. The place I work has an IT department straight out of a Dilbert cartoon. For a department of 15, we have been allowed 1 (!) internet computer, located in the far corner of our area. Major nusiance. We use this alot, and would like to set up a clandestine sub-network off of our department computer, to get web access to our desks. We asked repeatedly via offical channels and where refused, with no explaniation. Never a group to avoid from such a challange, I turn to you for help. Our internet connection is a T1, distributed over an internal network, seperate from the "regular" company network. We originally tried the obvious, which was to plug a hub into where our web computer is and distribute from there, but it won't work. I found out that the system is set up to communicate only with the MAC address of the specific ethernet card in that computer. It ignores any other network device that is plugged into it. Now I understand that it is possible to put 2 network cards in 1 computer. Is that true, and would it be possible to do that and use the second network card to allow "passthrough" (for lack of a better term) access to the web? What would it take, SW and HW wise? As I am sure you have gathered, I am not any sort of networking expert, but maybe know just enough to be dangerous. Any ideas or suggestions as to the best way to accomplish this? All of these computers are P3's (sad, I know...) running Win98 or 98SE. Thanks for any suggestions! Firewall issues.....viruses....better off seeing if they will perhaps agree to add a second terminal onto that particular node if the one is busy too often... To do otherwise would be pretty much asking for them to fire you. -- SVL |
|
Dave Hinz wrote in news:3997rvF5v27g7U1
@individual.net: On Wed, 09 Mar 2005 21:21:22 GMT, ff wrote: I suspect your IT people are trying to keep viruses off the regular company network. A good idea, believe me. Yabbut, he said it's a separate T1 feed from the local provider, not the corporate network. I think maybe they're just overworked and don't want to deal with it. Still safer to propose it & get permission, though... Even if it's a separate network, once he links up the office computers to that one, the company network is wide open also, since any virus that gets on any of thier 'workstations' can now infect the sequestered LAN. Bad thing to do. Maybe one of the reasons is that the $$ guys don't want to spend money on the filtering, scanning and other software that is really needed on a company internet feed. Be aware, that even if it is a separate network, the IT guys can see any page you have been to, and anything else you have done on the internet, it's all monitored through the head-in. Our guys get a weekly report on who has spent the most time online (no ****, personnel gets this report also). If you were to try and go to some site you 'shouldn't be' i.e. a porn site, it emails personnel and admin immediately at both work and home. In the US, they can legally read any email you send or recieve, and also any listen to an voicemail or phone conversations you have, if you are using thier equipment. Big brother is here and alive and well. -- Anthony You can't 'idiot proof' anything....every time you try, they just make better idiots. Remove sp to reply via email |
One of my computer customers (my hobby business, 20 years, 12 customers)
bypassed the security I put in place to keep employees off the net except on one isolated machine. Result: over two days down-time on their accounting package including order entry, shop orders and billing. Cost to the company: They estimate $18,000 plus lost customers. Think twice!!! wrote in message ups.com... OK this is 99 and 44/100% OT, but you guys know everything. The place I work has an IT department straight out of a Dilbert cartoon. For a department of 15, we have been allowed 1 (!) internet computer, located in the far corner of our area. Major nusiance. We use this alot, and would like to set up a clandestine sub-network off of our department computer, to get web access to our desks. We asked repeatedly via offical channels and where refused, with no explaniation. Never a group to avoid from such a challange, I turn to you for help. Our internet connection is a T1, distributed over an internal network, seperate from the "regular" company network. We originally tried the obvious, which was to plug a hub into where our web computer is and distribute from there, but it won't work. I found out that the system is set up to communicate only with the MAC address of the specific ethernet card in that computer. It ignores any other network device that is plugged into it. Now I understand that it is possible to put 2 network cards in 1 computer. Is that true, and would it be possible to do that and use the second network card to allow "passthrough" (for lack of a better term) access to the web? What would it take, SW and HW wise? As I am sure you have gathered, I am not any sort of networking expert, but maybe know just enough to be dangerous. Any ideas or suggestions as to the best way to accomplish this? All of these computers are P3's (sad, I know...) running Win98 or 98SE. Thanks for any suggestions! |
John Ings wrote:
Many DSL routers, like a Linksys BEFSR41 can fake a MAC address and act as a hub the way you intended, I don't think it's so much "faking" it as that's basically the way it works. I have one of those partly because it was highly recommended for my needs. Nothing "subversive" just a good working unit. At the moment I have four computers (only two of which will be here for any great span of time) hooked to it and all can see my internet connection. But what happens when the IT department discovers your evasion of their policy? You threaten to quit and mean it. IT organizations are less important to company success than any IT department. Been there, done that. Ted |
Anthony wrote:
Big brother is here and alive and well. Good reason to run something other than windoze on your computer. Ted |
On Thu, 10 Mar 2005 05:18:40 GMT, Ted Edwards wrote:
Anthony wrote: Big brother is here and alive and well. Good reason to run something other than windoze on your computer. If you're on http rather than https, the platform isn't relevant, because you can just snoop it on the network. |
On Thu, 10 Mar 2005 04:39:07 GMT, Tom Gardner wrote:
One of my computer customers (my hobby business, 20 years, 12 customers) bypassed the security I put in place to keep employees off the net except on one isolated machine. Result: over two days down-time on their accounting package including order entry, shop orders and billing. Cost to the company: They estimate $18,000 plus lost customers. Think twice!!! He keeps saying it's a separate network with separate machines. This is no different than what we have right over --- there, our "DSL lab", with a local provider's DSL dropped in so we can test our sites from a computer which is networkologically "outside". It's in the same building, but it's no more on our network than my computers at home are on our network. |
Indeed.
When I work as a consultant, as I often do, my consulting agreements forbid me from ANY access to the Internet while on a customer's time. There is a damn good reason for this, and it has nothing to do with surfing porn! The point is that you are, as a contractor or consultant, hired for your own expertise,and not what you can quickly snarf up from the Web. Contractors, on company time, have no need for Web access. Harry C. |
|
|
|
On 11 Mar 2005 16:15:26 GMT, Dave Hinz wrote:
On 10 Mar 2005 15:00:22 -0800, wrote: Indeed. When I work as a consultant, as I often do, my consulting agreements forbid me from ANY access to the Internet while on a customer's time. Must be inconvenient as hell when you're trying to, you know, fix something. There is a damn good reason for this, and it has nothing to do with surfing porn! And what would that damn good reason be, exactly? The point is that you are, as a contractor or consultant, hired for your own expertise,and not what you can quickly snarf up from the Web. Contractors, on company time, have no need for Web access. Unless your job involves, you know, working with computers. Your statement is vastly over-generalized, and you gave zero context as to who or what you're replying to. I also work as a computer "consultant". What a word. Means absolutely nothing or anything, depending how you look at it. I repair computer systems. As such, the internet is one of my handiest tools - If I need an updated driver - it's on the internet. If there is a worm or trojan on the system, the tool to remove it is on the internet. If there is an update required to the microsoft operating system, it's on the internet. I'm paid for knowing how to find out what is wrong, and for knowing where to get the tools to get the job done.In todays information technology world, NOT using the internet when it is available is irresponsible and just plain stupid - IMHO I can fiddle around for 10 hours or get straight to the problem and fix it in two. The days when a "computer consultant" can rack up the hours and charge indiscriminately are GONE. The customer expects, and deserves, to have the job done as quickly and economically as possible, which requires that the technician (OK, consultant if you want to hang that handle around your neck) uses all the tools at his disposal, and uses them effectively. I've said enough. |
On Sat, 12 Mar 2005 12:17:41 +1100, Terry Collins
wrote: wrote: The point is that you are, as a contractor or consultant, hired for your own expertise,and not what you can quickly snarf up from the Web. Contractors, on company time, have no need for Web access. ROFL, what I do is find and implement solutions for hirer's problems. Sometimes I "find" those solutions on the Internet. Now, if I have to wait until I get home to do the finding/reasearch, then that can double the time to solution. It is a bit like bundying on and off, either you are employed to do the job or employed to put in the time (which may or may not mean you do the job). Each to their own, but you get what you pay for. It has been my experience in life that you seldom get MORE than you pay for, but in most cases you are extremely lucky if you even get anywhere near what you pay for. In the computer biz, where I have made my living for the last 18-20 years, I have seen more over-qualified, over paid, under "educated", pompous jackasses ripping off clients with their gross ineptitude than in any other business I have been associated with. I also spent 25 years in the automotive service industry. About the only two "professions" I can think of where the "rip-off Mentality" is more prevalent is with accountants and lawyers. I didn't get rich as a mechanic, and I'm not getting rich as a computer tech (or consultant if you want to use that overworked term), but in both fields I have had a loyal and appreciative following. They know they WILL get what they paid for. |
|
On 12 Mar 2005 15:02:47 GMT, Dave Hinz wrote:
On Fri, 11 Mar 2005 21:20:22 -0500, wrote: As such, the internet is one of my handiest tools - If I need an updated driver - it's on the internet. If there is a worm or trojan on the system, the tool to remove it is on the internet. If there is an update required to the microsoft operating system, it's on the internet. All of these things you mention fit nicely on a 1 GB USB thumb drive. I've been doing it that way for a while and am pleased with that technique. Saves much time, and if there's an update, I had to download it anyway - so I copy the update to the thumb drive at that time. Saves a LOT of hassle. A bootable CDROM OS (such as a Knoppix Linux) is handy for fixing a scrogged virus-infested windows system, if you're comfortable starting in Linux to fix the Windows stuff. One problem. You don't always know what the problem you are going to is - so you don't know what updates the system MIGHT need - or what driver might be corrupted, etc etc etc. Having the internet as a resource makes life a lot easier. If I'm 50 miles from my office and do not have the particular driver/update/dll file or whatever in my briefcase, who pays for the 100 mile round trip??? I'm paid for knowing how to find out what is wrong, and for knowing where to get the tools to get the job done.In todays information technology world, NOT using the internet when it is available is irresponsible and just plain stupid - IMHO Exactly. Sometimes, though, sneakernet is even better... The days when a "computer consultant" can rack up the hours and charge indiscriminately are GONE. The customer expects, and deserves, to have the job done as quickly and economically as possible, which requires that the technician (OK, consultant if you want to hang that handle around your neck) uses all the tools at his disposal, and uses them effectively. Right. Or you don't get called back, and rightfully so. Dave Hinz |
|
| All times are GMT +1. The time now is 11:53 PM. |
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004 - 2014 DIYbanter