Remote computing

steve1980

Richie-from-the-Boro wrote: »

#14 "" All the files are PDF and DOC files related to my ongoing treatment. ""

That was well sneaked in!

In that case, if you (OP) do try and do this then you deserve al you get.

eneville

I'm surprised that no one has mentioned that IPv6 may make this whole effort a bit easier for you if you have the ability to enable it. In most operating systems it's easy to toggle (if you have network configuration at your disposal).

Anyhows, assuming that's all possible then just enable it both ends and you should be able to navigate between to the two end points without needing to consider NAT implications and existing tools such as rdesktop will be available.

asbokid

Hammyman wrote: »

I'm glad you don't do my networking. Any admin worth their salt will block all of the ports for all of the above services on the WAN side.

How do you mean? I don't think they can firewall him off.

If he uses a Java applet-based SSH client in the office to initiate a connection to a remote SSH server running on his home PC, the source port will be non-privileged (source port number > 1024). You can't use a firewall rule to deny outbound connections from non-privileged source ports, or it will impact normal activities, like browsing.

And since he's running the ssh server on his home PC, he can configure that server however he wants. He could make it listen on whatever port number he wants, not just the standard tcp port for SSH (22).

If he finds that outgoing port 22 traffic is blocked by the firewall at work, he could get his ssh server to listen on tcp port 80 (HTTP), for example, just to disguise what he's doing, and slip his traffic beneath the radar of the company firewall.

And once he's punched a hole in the firewall, and has opened up an ssh tunnel, he can do what the hell wants thereafter.

Any business that treats its loyal and dedicated staff as badly as dori2o has been treated, deserves to be shafted. It's our moral duty to help good people like dori2o. He's a corporate whistleblower who needs to get those damning documents into the workplace.

We would do well to remember the words of Pastor Niemoller..

First they came for the corporate whistleblower,
and I didn't speak out because I've been on the dole since 1983.

Next they came for the employee who had too long for lunch,
and I didn't speak out because I'm always too hungover for lunch.

Next they came for the employee who took an unauthorised toilet break,
and I didn't speak out because I've got a stoma bag and poop at the desk.

etc...

dori2o

Richie-from-the-Boro wrote: »

Can I ask the group why, apart from other criminal offences, each poster is facilitating, indeed encouraging the theft of personal medical records from an employer ?

Kevlar firewall applied .. .. feel free to respond !

They are not and never have been employers medical files. PLus, how can I be stealing medical files from my employer when I'm looking to view files on my HOME PC from my WORK PC?

They are my own personal files. Yes some are medically related, but they are mine, sent to me by the NHS at my request (xrays/MRI scans).

I am unsure where you got the idea from that these were my employers files I was looking at?

LucianH

I repeat what I asked earlier - have you not consulted your HR or Occupational Healt?

What's stopping you reading memory sticks is an IT Policy. I would have expected that, if you have a real medical need, your IT department would be able to enable the USB port or disk drive for your machine and that your HR/OH could agree to establish a policy for you whereby you undertake not to use the USB port for any other purpose - and if you did then you'll be subject to disciplinary proceedings.

eneville

asbokid wrote: »

How do you mean? I don't think they can firewall him off.

If he uses a Java applet-based SSH client in the office to initiate a connection to a remote SSH server running on his home PC, the source port will be non-privileged (source port number > 1024). You can't use a firewall rule to deny outbound connections from non-privileged source ports, or it will impact normal activities, like browsing.

You can firewall to various service and non-service ports. Some corp firewalls will reject connections to ports > 1024, and not 80/443 etc, which is were having a large number of disposable IP addresses comes in handy.

asbokid wrote: »

And since he's running the ssh server on his home PC, he can configure that server however he wants. He could make it listen on whatever port number he wants, not just the standard tcp port for SSH (22).

If he finds that outgoing port 22 traffic is blocked by the firewall at work, he could get his ssh server to listen on tcp port 80 (HTTP), for example, just to disguise what he's doing, and slip his traffic beneath the radar of the company firewall.

And once he's punched a hole in the firewall, and has opened up an ssh tunnel, he can do what the hell wants thereafter.

Any business that treats its loyal and dedicated staff as badly as dori2o has been treated, deserves to shafted. It's our moral duty to help good people like dori2o. He's a corporate whistleblower who needs to get those damning documents into the workplace.

I agree, working somewhere that doesn't let you gain access to arbitrary ports is a royal pain. However, the firewall is there for a reason and it's normally to protect the employees from the evil internet, with good reason and intent.

From what's been described, I'd be surprised if the corporate IE install will allow for Java objects.

asbokid

eneville wrote: »

From what's been described, I'd be surprised if the corporate IE install will allow for Java objects.

We need more information from the OP..

Is the browser at work Java enabled? Is he allowed to download Java applets?

Here's a way of testing: http://javatester.org/version.html

Is the OP allowed to connect to arbitrary websites?

Here's a free Java-based VNC client: http://danielwebb.us/software/vnc/vncviewer.html

And here's a free Java-based SSH client: http://wiredx.net/jcterm/

If the OP can run either of those applets on his workplace machine then he's halfway there..

He just needs to install and configure a corresponding server on a PC that he controls outside of the workplace, and he's away..

closed

OP your hijackthis log many moons ago had possible signs of infections, before you even contemplate overriding your workplace IT policy, via the web, usb stick or any other means - I'd advise you to make sure your machine is clean, one rogue usb stick with a new or undetected worm can bring the whole network down.

I'd also forget about trying logmein or flicking through 100's of pages of pdf's (presumably not directly related to your occupation?) in work time if you wish to keep your job. If you need to take selected information to work for some work related health issue/dispute, do the research at home and print out the bits you need.

dori2o

closed wrote: »

OP your hijackthis log many moons ago had possible signs of infections, before you even contemplate overriding your workplace IT policy, via the web, usb stick or any other means - I'd advise you to make sure your machine is clean, one rogue usb stick with a new or undetected worm can bring the whole network down.

I'd also forget about trying logmein or flicking through 100's of pages of pdf's (presumably not directly related to your occupation?) in work time if you wish to keep your job. If you need to take selected information to work for some work related health issue/dispute, do the research at home and print out the bits you need.

The PC is now clean following a clean install of Windows 7.

Also I won't be browsing '100's of pages of PDF's' in work time. We have the ability to use the net for personal use in our own time, i.e dinner and breaks.

I am also allowed to use the net during my extra breaks to make use of relaxation/stress exercises as part of my employers reasonable adjustments due to my health conditions.

As for keeping my job, to be honest, I really don't care at the minute. My health is of more concern at the moment. If they want to get rid of me they know exactly how to go about it.

Richie-from-the-Boro

dori2o wrote: »

They are not and never have been employers medical files. PLus, how can I be stealing medical files from my employer when I'm looking to view files on my HOME PC from my WORK PC?

They are my own personal files. Yes some are medically related, but they are mine, sent to me by the NHS at my request (xrays/MRI scans).

I am unsure where you got the idea from that these were my employers files I was looking at?

Look dori2o, we know each others posts from another place, if what you want to do in the workplace was bona-fide you would not be on this techie group seeking a way to circumnavigate your employers rules.

If because of your ongoing issues you still want them to sack you, ask them to do so, tell them you are struggling, they may offer more help. You could make an approach and tell them what you want to do and ask them to facilitate it or you. Have you done that and been refused, hence the approach to the tec-sec here ?