Sometimes, just for fun, I like to...

keatron · April 2007

Attack my own network at home and watch my IDS, IPS, and anti-intrusion stuff go crazy. Then I do it again being as stealthy as possible. On Monday morning I bring it into the office all the snort, event, syslog files and other records to some of my employees. I tell them $500 to the first person who can decipher the logs and give me a detail of every type of attack I tried by the end of the next day (so they can do it at home, they're usually to busy to do it at work). Nobody has ever got them all, but some have come very close. I end up giving the 500 to whoever came the closest (sometimes it's a tie, so they split the money). Fun fun fun!!!

Mr.Bobster · April 2007

Compress NTLDR

Then watch them reformat.

deneb829 · April 2007

We did this one in class this past week:

Set runlevel in the /etc/inittab to 6 for a student who is rarely in class. When he got back to class, his PC kept rebooting - I was surprised that the rest of the students kept a straight face the whole time. The kid whose computer was rebooting never said a word to any of us, including me (the instructor). Then as he was putting the Fedora DVD back in the drive to reinstall, one of the other students grabbed his hand like the Angel who grabbed Abraham's hand when God told him to sacrifice his son. The guy didn't really seem bothered that the class played a joke on him. They showed him how to fix it and it was business as usual.

sprkymrk · April 2007

We had a loudmouth, smart alec, young punk kid in my class when I was doing the NT4 MCSE stuff. He was bragging that he had just installed Windows 2000 (beta) and was using Black Ice Defender and that nobody could hack into his home network. So on a Thursday evening when the rest of the class went to dinner (an hour break) 3 of us stayed behind and went to work. We found his home IP address (he was running an FTP server in IIS and accessing stuff during class time) and eventually hacked in through a task scheduler exploit. We put a bunch of folders and text files on his desktop saying stuff like "Your friends from class were here" and changed his boot.ini file text to read "W2K Server with Black Ice Defender Sucks" and then opened his Black Ice IDS logs. It was certainly logging our intrusion. So we replaced the entire log file with our first names and little notes like "Hi Tony" and "This is sure a nice IDS you've got here".

He was VERY quiet the following class, until about half hour into he said "Okay guys, you got me. Please just tell me how!".

deneb829 · April 2007

Man, I hate eating humble pie and crow! My students think I am some kind of networking master, but I know what I don't know, so I hold my arms wide apart and say "This is everything there is to know about networking." Then I hold my hands just a few inches apart and say "this is what I know about networking." Then I hold my fingers until you can just see a sliver of light and tell them "This is what you know about networking". I had one student who introduced himself described himself as a 'know it all'. How do you teach someone who thinks they already know everything?

markzab · April 2007

deneb829 wrote:

Man, I hate eating humble pie and crow! My students think I am some kind of networking master, but I know what I don't know, so I hold my arms wide apart and say "This is everything there is to know about networking." Then I hold my hands just a few inches apart and say "this is what I know about networking." Then I hold my fingers until you can just see a sliver of light and tell them "This is what you know about networking". I had one student who introduced himself described himself as a 'know it all'. How do you teach someone who thinks they already know everything?

I'd imagine you find out what they don't know...

And then make the entire next test you give the class revolve around that subject.

Obviously you don't grade them on it...but watching the sweat roll off that kids forehead would be priceless.

TechJunky · April 2007

Why not ask him to teach the class for a day?

I doubt even the brightest student would want to do that...

1. even if they could, would he want to hinder his grade to prove a point?
2. The chance of making a complete ass of yourself... PRICELESS.

deneb829 · April 2007

He's graduated now, but for some reason he's having problems finding and a job.

I think he can't figure out while people won't hire him.

sexion8 · April 2007

keatron wrote:

Fun fun fun!!!

keatron... How come I feel as if we've crossed paths before? Packetstorm maybe? NANOG? As for the attacks on your IDS/IPS' ... I normally send nifty things I find to a good friend named Laura Chappelle (Cisco author) so she could dissect them. I'm currently working on a highly theoretical (yet I believe functional) method of attacks via 1) MPLS and 2) multicasting, should you care to see what I've been dealing with, shoot me a private message or email: (antispam code? nah...

)

wget -qO - http://www.infiltrated.net/pimp|\
ruby -lne 'puts STDIN.readlines.reverse!.slice(0,2).reverse!;#sucker'|\
perl -p -e 's/[0-9]//g;s/X/ /g'|\
ruby -pe '$_ = $_.chomp + " " + gets if $. % 2'

KGhaleon · April 2007

Speaking of con, I remember that long ago, if you were type /con/con on a 9x box, it would instantly blue screen. Oh the days when I was like 13 telling people to /con/con in IRC and watching 50 people disconnect! The good old days!"
Ah hah, I remember that. I think you could also do it within AOLs chatting service as well.

When I worked at Lockheed a while back, someone got onto my computer and did a printscreen and pasted it into paint. They then made the screenshot my background and told told windows not to show desktop icons. They then disabled the taskbar and various other things.

When I came back I couldn't figure out what the heck happened, and just start checking running processes. I started locking my machine after that.

Worst thing I've done was when I was sitting in the lobby of this expensive hotel using the wireless hotspot nearby, when some obnoxious teenagers sat across from me and played some loud music. My response: I found their hostname/MAC and logged in(no password), then tossed a virus on the C:\
It was an old one, which most any virus-software will detect and remove with ease. It really didn't even work on newer OSes. I had to contain my laughter when one of them yells, "****, I got a virus." I waited a couple minutes and did it again. The virus software they had kept prompting them to remove it. I also grabbed their music folder and moved it to another directory, and put a text file where it had been which stated that they needed to use a windows password. After a while they got fed up and left, so I grabbed a drink and enjoyed my night.

KG

Ricka182 · April 2007

Breathe....

christenm123 · April 2007

tell my less computer savvy friends that pushing ALT+F4 unlocks a cool easter egg in most programs and games. I like to see the look on thier face if its in person or the usual "OMG MY PROGRAM CLOSED, YOU JERK!" if its via IM.

Also playing Halo from time to time online is quite fun. I can't wait for Halo 2.

markzab · April 2007

christenm123 wrote:

tell my less computer savvy friends that pushing ALT+F4 unlocks a cool easter egg in most programs and games. I like to see the look on thier face if its in person or the usual "OMG MY PROGRAM CLOSED, YOU JERK!" if its via IM.

Also playing Halo from time to time online is quite fun. I can't wait for Halo 2.

I remember doing that years ago when I used to go into aol chat rooms. If my friend wanted to get into a room I was in but it was full I'd tell everyone in the chat to check out the cool new alt+f4 feature. Needless to say my friend was able to get in after that.

mrhaun03 · April 2007

Sometimes I like to hang up side down blindfolded and take my gun apart then hurry up and put it back together before my nose starts bleeding...heh heh heh

~Major Payne

blackmage439 · April 2007

mrhaun03 wrote:

Sometimes I like to hang up side down blindfolded and take my gun apart then hurry up and put it back together before my nose starts bleeding...heh heh heh

~Major Payne

I salute you for that well-placed quote good sir!

Any, as for the topic. I like to take any chance I can get to belittle the campus I work at in the minds of anyone I can. For example, every time a power surge hits the building, most projectors refuse to turn on (I guess the campus has really @#$&ty surge protection). The only way to get them to work is to physically unplug the power cables on the projectors and plug the units back in. Well, at our most recent employee meeting, they told us specifically, "Do not unplug the projectors!!!" for absolutely no reason at all. Last week we must have gotten spiked because a lot of projectors weren't working. I had to help a teacher get the thing turned on for his class. I just unplugged it and it worked fine. I told the instructor to just go ahead and unplug the things even though my boss said not not to. I told him that unless he wanted to wait like a half hour for someone from the A/V department to just fricken unplug the thing, he should just do that.

I love fighting idiocy in the bureaucracy of my "institution of higher learning"...

Sometimes, just for fun, I like to...

Comments