vn_nnanji
Title: Outpost Music Expert
Posts:
71,647
Registered:
Jun 30, '01
Extended Info (if available)
Real Post Cnt: 62,027
User ID: 212,537
|
Subject:
Dear IT geeks. A question....
|
I'm working on a story and I need to know something.
If someone uses a VPN to login to a company network, what kind of information can the IT dept gather from the login? I would assume the IP address although I don't really understand if that is important, can't you change or mask it? Hell I login from more than 8 different places a week.
The main point is that if someone was in hiding and they logged into their company VPN would there be any way that someone at the server itself could find out where they were?
-----signature-----
|
|
Link to this post
|
Scarne
Title: Capo di Scientifico
Posts:
27,710
Registered:
Jul 23, '01
Extended Info (if available)
Real Post Cnt: 22,798
User ID: 272,061
|
Subject:
Dear IT geeks. A question....
|
Since the VPN server needs to send data back to the PC that is logged in, it knows the IP it connected from. So unless you use some sort trickery like logging into one VPN and connecting to the company VPN from that VPN or using some sort of anonymous relay, they know what IP you are coming from. 
-----signature-----
E Pluribus Unum
|
|
Link to this post
|
vn_nnanji
Title: Outpost Music Expert
Posts:
71,647
Registered:
Jun 30, '01
Extended Info (if available)
Real Post Cnt: 62,027
User ID: 212,537
|
Subject:
Dear IT geeks. A question....
|
|
Are IP's tied to a physical location? Or assigned to one PC?
-----signature-----
|
|
Link to this post
|
eodoll
Posts:
17,153
Registered:
Feb 14, '02
Extended Info (if available)
Real Post Cnt: 15,943
User ID: 645,592
|
Subject:
Dear IT geeks. A question....
|
The IT department will know which system was granted the IP from the VPN - the VPN at the company network will be like a router.
So they will know that the user "x" got IP 'y' - and every DNS query/website you use will be routed to them first - so they will see all the online activity.
edit: They can track an IP up to where it is granted from - you can go to windows 'cmd' and do 'tracert "ip"' - try" tracert www.google.com" and it'll show you how it gets from your computer to google.
-----signature-----
(none)
|
|
Link to this post
|
Lyken-P
Posts:
8,313
Registered:
Jan 14, '06
Extended Info (if available)
Real Post Cnt: 8,289
User ID: 1,108,553
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
Are IP's tied to a physical location? Or assigned to one PC?
IPs are tied to a physical location, not to one PC. The MAC address is associated with a specific PC.
-----signature-----
(none)
|
|
Link to this post
|
vn_nnanji
Title: Outpost Music Expert
Posts:
71,647
Registered:
Jun 30, '01
Extended Info (if available)
Real Post Cnt: 62,027
User ID: 212,537
|
Subject:
Dear IT geeks. A question....
|
Ok that helps. You can route and hide it of course but the main point is that it could be something to be concerned about.
Second question:
Why are republicans so dumb?
-----signature-----
|
|
Link to this post
|
paulg_68
Posts:
30,961
Registered:
Jul 27, '09
Extended Info (if available)
Real Post Cnt: 30,669
User ID: 1,364,918
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
Why are republicans so dumb?
Because they don't have to be smart to keep up with the Democrats.
-----signature-----
If you wish to make an apple pie from scratch... http://www.youtube.com/watch?v=zSgiXGELjbc "Everyone has a chance to become rich." - Groucho48 "Most of the human wealth on earth exists between the ears of live human beings." - theredkay1
|
|
Link to this post
|
Altra_Shadowstalker
Posts:
17,553
Registered:
Jan 17, '02
Extended Info (if available)
Real Post Cnt: 16,076
User ID: 616,837
|
Subject:
Dear IT geeks. A question....
|
|
So what's your excuse for being so dumb then? That you post on the Outpost?
-----signature-----
"Goddammit, Swearengen, I don't trust you as far as I could th'ow you, but I enjoy the way you lie."
I don't typo often, but when I do, I blame Swype.
|
|
Link to this post
|
Taliesihne
Title: Wind on the Deep Waters
Posts:
36,223
Registered:
Feb 19, '04
Extended Info (if available)
Real Post Cnt: 30,592
User ID: 896,469
|
Subject:
Dear IT geeks. A question....
|
Lyken-P posted:
vn_nnanji posted:
Are IP's tied to a physical location? Or assigned to one PC?
IPs are tied to a physical location, not to one PC. The MAC address is associated with a specific PC.
IP's are not tied to a physical location. And MAC Addresses are associated with hardware...there's no guarantee a PC is actually involved.
For the love of god, please tell me you do not work in technology.
Badjar, rule of thumb is to assume everything on a work network is being watched and recorded. Implementation by company will vary and is impossible to determine without specifics, but generally speaking it's always possible.
-----signature-----
Jesus saves, Allah protects, and Cthulhu thinks you'd make a nice sandwich
First comes smiles, then lies. Last is gunfire. -Roland Deschain, of Gilead
|
|
Link to this post
|
Crackdoc
Posts:
6,681
Registered:
Oct 7, '05
Extended Info (if available)
Real Post Cnt: 6,609
User ID: 1,082,910
|
Subject:
Dear IT geeks. A question....
|
Metalface WILL be here soon.
However, I'd think logging into a company network means you have already used a password(s) to a specific account(s) and so that identifies you (pr someone who has hacked your password(s).
Cookies also use the identity of the computer user - I'd think if you have something like a cookie at your end, the other end has something also. Just what isn't clear to me, and frankly, since I don't indulge in kiddie-porn, I don't care.
-----signature-----
People in the Middle-East: They Are ALL Crazy as BedBugs!!!
Erich Fromm: “There is only one meaning of life: the act of living itself.â€
Toss aside the paradigms of civility you hold - welcome the social dysfunction of tomorrow.
|
|
Link to this post
|
Lyken-P
Posts:
8,313
Registered:
Jan 14, '06
Extended Info (if available)
Real Post Cnt: 8,289
User ID: 1,108,553
|
Subject:
Dear IT geeks. A question....
|
Taliesihne posted:
Lyken-P posted:
vn_nnanji posted:
Are IP's tied to a physical location? Or assigned to one PC?
IPs are tied to a physical location, not to one PC. The MAC address is associated with a specific PC.
IP's are not tied to a physical location. And MAC Addresses are associated with hardware...there's no guarantee a PC is actually involved.
-----signature-----
(none)
|
|
Link to this post
|
Abaddon_Ambrosius
Title: Retired Theurgist TL
Posts:
25,187
Registered:
Dec 21, '01
Extended Info (if available)
Real Post Cnt: 25,057
User ID: 568,022
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
I'm working on an alibi and I need to know something.
hmmm...
-----signature-----
In the immortal words of Socrates - "I drank what?"
"God you guys suck at the internet - how can you fail to locate porn?!" - Eternal_Midnight
"Knowing means nothing." - Fat-badger
|
|
Link to this post
|
Jaedence
Posts:
151
Registered:
Feb 27, '09
Extended Info (if available)
Real Post Cnt: 151
User ID: 1,349,778
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
I'm working on a story and I need to know something.
If someone uses a VPN to login to a company network, what kind of information can the IT dept gather from the login? I would assume the IP address although I don't really understand if that is important, can't you change or mask it? Hell I login from more than 8 different places a week.
The main point is that if someone was in hiding and they logged into their company VPN would there be any way that someone at the server itself could find out where they were?
They can't gather much more than who logged in.
You COULD find where someone is from their IP address, unless they knew how to hide it. If they know how to hide it, they can appear to be logging in from anywhere in the world.
You can make someone searching for you hit a dead end very easily.
-----signature-----
(none)
|
|
Link to this post
|
Taliesihne
Title: Wind on the Deep Waters
Posts:
36,223
Registered:
Feb 19, '04
Extended Info (if available)
Real Post Cnt: 30,592
User ID: 896,469
|
Subject:
Dear IT geeks. A question....
|
Lyken-P posted:
Explain virtualization then.
-----signature-----
Jesus saves, Allah protects, and Cthulhu thinks you'd make a nice sandwich
First comes smiles, then lies. Last is gunfire. -Roland Deschain, of Gilead
|
|
Link to this post
|
Koneg
Title: Evil Genius
Posts:
31,388
Registered:
Dec 4, '01
Extended Info (if available)
Real Post Cnt: 28,579
User ID: 530,943
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
Ok that helps. You can route and hide it of course but the main point is that it could be something to be concerned about.
Not really.
First, the IP is tied to the ISP providing the internet connection you're using, not to any physical location. MAC addresses are a red herring for identification purposes, since they can be changed at a whim.
Still, this doesn't really matter. From your questions you're hinting at trying to either mask or hide from the VPN operator, and on a properly configured setup that's going to be the next best thing to impossible.
A proper VPN uses key based authentication.
My workplace knows when I connect to the VPN, because there is no one else in the company with the key I use. My password doesn't actually log me into the network, it only unlocks my key. That key is what identifies me to them when connecting. The key is digitally signed by the VPN operator's private key - and during the key exchange it is literally impossible for them not to know it's me on the other end of that connection.
Most VPNs use key based authentication because of employee churn. If you quit or get fired they revoke your key and now you're locked out of the network.
Jaedence posted:
You COULD find where someone is from their IP address, unless they knew how to hide it. If they know how to hide it, they can appear to be logging in from anywhere in the world.
Not really.
A VPN by its nature cannot be hidden behind a proxy or a spoofed IP... and at the end of the day it doesn't even matter, because they don't need to know where you are to know who you are, and the who is infinitely more important.
-----signature-----
* First rule of a gun fight: Have a gun.
|
"Any sufficiently advanced idiocy is
indistinguishable from trolling." -- Arthur C Clarke
|
|
Link to this post
|
Ashmaele
Title: Pastor of Muppets
Posts:
19,662
Registered:
Jan 15, '02
Extended Info (if available)
Real Post Cnt: 15,903
User ID: 612,352
|
Subject:
Dear IT geeks. A question....
|
|
Short answer: Yes badjar you will get caught, no you should not try it
-----signature-----
I had a dream. It was an incredible dream. When I awoke, I had a huge mess to clean up. 
|
|
Link to this post
|
Koneg
Title: Evil Genius
Posts:
31,388
Registered:
Dec 4, '01
Extended Info (if available)
Real Post Cnt: 28,579
User ID: 530,943
|
Subject:
Dear IT geeks. A question....
|
vn_nnanji posted:
The main point is that if someone was in hiding and they logged into their company VPN would there be any way that someone at the server itself could find out where they were?
I'll take this point separately.
First if someone is in hiding and they're connecting to a VPN they're not hiding very well 
As to figuring out where they are, you would have to subpoena the IP data from the ISP used. That's the slow way.
The fast way is to have a Bastard like me (or any of the other admins I work with) running the VPN. 
Come on folks think it through. When you establish a connection on a VPN you are setting aside all of your own defenses and telling your own computer "I trust this network completely".
If you were an employee of ours and you were trying to hide the last thing you would ever do is establish a connection to our VPN - because most of our admins are frikken scary, and would be inside your computer faster than you could blink. Figure out where you are? Hell, if your computer or laptop has a camera in it we'll not only tell them where you are we'll tell them what you're wearing.
-----signature-----
* First rule of a gun fight: Have a gun.
|
"Any sufficiently advanced idiocy is
indistinguishable from trolling." -- Arthur C Clarke
|
|
Link to this post
|
Hammerhand21
Title: That's what she said
Posts:
6,674
Registered:
Feb 26, '02
Extended Info (if available)
Real Post Cnt: 6,610
User ID: 650,702
|
Subject:
Dear IT geeks. A question....
|
|
I can see whenever someone VPN's into my firewall here at corporate. It's IPsec and I can see both the public IP they are logging in with, and the private one they were given when authenticated. If I feel motivated I can find out where on the network they have been, what port they are using, and even take control of their machines. So no, do not try to hide from admins.
-----signature-----
DAoC, WAR, WoW, AoC, L2, Allods, Aion, LotRo, SC2, Darkfall, Global Agenda, RIFT, WoT, BF3, Skyrim WAR Video - Filefront http://tinyurl.com/bhtytb Youtube - http://tinyurl.com/34epmh8 Old DAoC Hero Vid - http://tinyurl.com/27to8zb
|
|
Link to this post
|
Jaedence
Posts:
151
Registered:
Feb 27, '09
Extended Info (if available)
Real Post Cnt: 151
User ID: 1,349,778
|
Subject:
Dear IT geeks. A question....
|
Let me give you a different answer Nnanji,
If someone was trying to get into a computer system and hide their identity, they wouldn't be going in through VPN.
-----signature-----
(none)
|
|
Link to this post
|
Clackdor
Posts:
14,305
Registered:
Sep 21, '01
Extended Info (if available)
Real Post Cnt: 10,860
User ID: 407,233
|
Subject:
Dear IT geeks. A question....
|
|
Ahh, the secret is in what is staring you in the face. VPN. Virtual Private Networking.
-----signature-----
If we can hit that bullseye, the rest of the dominos will fall like a house of cards. Checkmate.
|
|
Link to this post
|
