Hey guys i have an interesting issue,
I have an issue with the teks are scared of us booting linux in our cyber security class and they keep yelling at us, but we need to boot linux to do forensics and such.
So my issue is that they keep seeing us on the network. is there a way to hide or pretend to be the windows 7?
Thanks
Tell them to fuck off and there's nothing to be scared of.
I second that tell them to fuck off.
What kind of security course only allows windows systems in their class?
https://wiki.archlinux.org/index.php/Simple_stateful_firewall#.22Hide.22_your_computer
Well these teks are just a bunch of old farts. i think that they dont want booting linux because it subverts their ever watchful eye.
I know that tails uses something to make the machine appear as a windows machine on the network. Is it possible to get that on Ubuntu?
Also what ports should I be blocking if I want to be hidden
Should I use DROP or REJECT to be hidden? DROP right?
I would go with DROP. IIRC REJECT tells the sender that the packet was rejected. DROP just ignores the packets. Feel free to correct me if I'm wrong.
You really can't hide, so to speak, on the network. Some device, somewhere has to know you exist or else you wouldn't be connected to the network.
If they can't stop you from doing it and they won't listen to reason, just ignore their complaints. Unless they implement better control mechanisms for the network that prevents you from doing what you want to do.... do what you want to do. What are they gonna do? Kick you out of class?
@Grassyloki do you know how they are monitoring the network? That might be a pre-req for your cyber security class. Find out how they are monitoring you.
im sure you can spoof what your pc is reporting as the os
Having done forensics and pen testing in uni I have two questions. Are you running this class? If not your lecturer should be dealing with this and have already cleared the use of the software required ages ago. (should have*)
And two. What on earth are you doing running these classes on a live network in the first place? Ideally you should have a dedicated lab for this separated from the uni network, just like your networking labs will be (if your uni does networking).
Tails does
First off, this is a high school class. The reason we need to boot Linux is that the computers have a program called deep freeze they wipes the locked down windows at reboot. We are booting Linux to run vm's for testing and just to learn Linux. The compurers are pretty powerful so they can run client side. They have a i7 3770, 8gb of ram, amd HD 7570.
Deep freeze is pretty common. But that isnt the problem. The problem is your running pentesting software on a live network and handing it over to people who (forgive the generalization) don't know what they are doing yet.
Your teacher shouldn't be running it on the live network. The fact that your tech team are giving hassle about it means it wasn't properly authorized or planned for.
If you want them off your classes backs, take the computers off the network for the class.
@Eden No you are miss understanding what we are doing. We compete in the cyberpatriot competitions and they use vmware. we are not pen testing natively in ubuntu, we open up a kali vm and connect the vm's together on a virtual network. we boot linux to expose everyone to linux and command line. we dont do any pen testing through our boot os(ubuntu). Our locked down windows cant use putty and such to ssh into our raspberry pi's, which is one of the reasons we boot linux.
We leave windows alone because the other classes use it and we would rather not leave all those goodies for people to mess with, our cybersecurity class is decently smart with computers, but not with linux. the other web dev classes and digital art classes dont need this stuff.
@cj1 Well the network is a static ip network. My guess is thet they just see what netbios reports or smb. Kdk what they would use, but my guess is that it is a crude method. It might be something with the Dell sonic Wall but i dont think so.
If the virtual network cant access the school network then there should be a problem. A solution might be to have the class comptuers temporarily blocked off the school network while you work on any security related stuff in vms. At least thats what id do.
Does anyone know how to block the windows "Network" thing in explorer? its some kind of discovery system. SMB? NetBios? anyone know?
This seems odd? Why wouldn't you guys have your own network with a gateway/firewall doing NAT for you onto the main network. Then all the 'Techs' see is the gateway machine.
The Windows network discovery system uses SMB to find shares, if you don't have SAMBA installed, you shouldn't even show up in network discovery.