March 29, 2006 total eclipse - IT admin's WORST NIGHTMARE

In less than 6 months, we will be one of several online media companies webcasting the total solar eclipse from Africa, on 29th March, 2006. This will be during the working hours in Europe. For corporate IT admins in Europe, this will be their WORST NIGHTMARE come to life. We are working on and improving our system in sucha way that corporate IT admins in Europe will not be able to stop people from watching the eclipse without shutting down the ENTIRE NETWORK. We will be using a heavily encrypted feed, so that any IT admins that try to sniff the packets wont get anything. As somoene said once "The book will be open, but the pages will all be in an unreadble language". We will be running an ecnrypted link over port 80. There is NO WAY that can be shut down without cutting off ALL web access to the network. We are taking a cue from Kazaa, and P2P services, and are using encrypted links over port 80, which admins will be unable to stop without shutting down the entire network. As far as eclipses go, this will be the longest, as far as totality goes, since one of our competitors began webcasting eclipses way back in 1997. Where we plan to he webcasting from, it will be at about 10:45 AM British Summer Time, 11:45 in Central Europe (Europe goes to Summer Time on Sunday,

26th March). Basically, people will be watching the eclipse, and gobbling down HUGE amounts of bandwidth. We plan to offer feeds up to 100K in bitrate, and that will add up fast. Users will be clogging the network watching the eclipse, and corporate IT admins will have no CLUE as to what is going in, becusae the feeds will be encrypted. The REAL nightmare scenario on this for IT admins, will be in the year 2009, when we will be webcasting a total solar eclipse with 6 minutes and 38 seconds of totality from Shanghai, China, on 22nd July, 2009. For nearly 7 minutes, poeple will be clooging network bandwidth all over Asia, and becuase it will be encrypted, admins will never know that people are watching the solar eclipse. It will also being during the workday in Australia, so Australian admins will also wonder why the bandwidth usage is going so high.
Reply to
Owl Jolsen
Loading thread data ...

Owl Jolsen wrote on date 02/10/2005 9.11:

ROTFL. It won't work.

Reply to
lorenzodes

Oh yes it will. First, the stream will be encrypted, so that anyone attempting to sniff the packets, will just get a bunch of indecipherable nonsense. There is no POSSIBLE way that IT admins in Europe will be able to figure out what is going on. At the area of greatest eclipse, the totality phase will last about 4 1/2 minutes. It admins in Europe and Africa, and parts of South America, where it will be during working hours, will not be able to figure out what is going on. And becuase we will be using an encrypted transmission over port

80, admins in South America, Europe, and Africa will be unable to stop people from watching the eclipse without shutting down the ENTIRE network. It admins in Asia will have the same problem during the July 22, 2009 eclipse.
Reply to
Owl Jolsen

In article , Owl Jolsen wrote: : And becuase we will be using an encrypted transmission over port :80, admins in South America, Europe, and Africa will be unable to :stop people from watching the eclipse without shutting down the :ENTIRE network.

Well, it'll be the middle of the night for me, so I won't care, but I know of several solutions that do not involve "shutting down the ENTIRE network". But as you seem to enjoy the prospect of "shutting down the ENTIRE network", you'll have to excuse if I don't post the solutions, so as not to give you ideas.

Reply to
Walter Roberson

What solutions? That way our system is designed to work, there is no POSSIBLE way to stop it. Plus, the stream will be ENCRYPTED, meaning that IT admins in Africa, Europe, and parts of South America will not ANY CLUE as to what will be causing bandwidth usage to jump for several minutes around 11:30AM British Summer Time (12:30 European Summer Time) on that particular day. All that any packet sniffers, such as Snort, will show is that encrypted transmissions took place. As some said once, "The book will be open, but the pages will all be in an unreadable language". We are taking a que from P2p companies that use port 80, when all other ports fail. There is no POSSIBLE way IT admins will be able to stop people from watching the eclipse through our service without cuttting off ALL port

80 accees, meaning that ALL web access would be shut down. For IT admins in Europe, Africa, and parts of South America, it will be their WORST NIGHTMARE come to life, when they find that our coverage of the eclipse CANNOT be blocked. Our system will run much like P2P service. Each computer that connects will act as a proxy. With ever changing addresses on port 80, there is no POSSIBLE way that they will be able to stop us, without cutting off ALL port 80 and port 443 access.
Reply to
Owl Jolsen

Any admin worth their salt won't have any problems with this - they will already be blocking access so that only approved sites are permitted, only those users that actually need web access get it, and that it's not any different that any other event.

Your assumption is that the security manager is a idiot or doesn't understand anything about security.

Reply to
Leythos

Ah, no wonder I didn't see this.

Sounds like the same troll who was posting about "IRC-based Olympic Coverage" last Christmas and "First new figure skating results coverage" in mid-January in this group. The wording, posting style, and concepts are similar. Obviously, the troll didn't learn anything in the past nine months.

Boring!

Old guy

Reply to
Moe Trin

Yep, it's the same lamer.

Reply to
Leythos

X-No-Archive: Yes

I think as far as figure skating goes, they might not be just blowing hot air. The United Skating Figure Skating Assn has inked a contract with one company to provide secure and encrypted broadband access to figure skating events under USFSA control, for an annual subscrption fee of $300, or for $5 if you want to buy by the event.

This sounds like a subsidiary of thhis guy's company, and something they just might try. If it is a subsdiary of this guy's company, it appears they just might pull off what they have been talking about here. If they really are going to provide encrypted subscription video access, via broadband, of figure skating events, it will be that much harder to stop. With encrypted packets, someone may well be able to sneak on and watch from work, without the boss knowing about it. It appears that the "worst nightmare" scenario of IT admins not being able to stop it may very well take place.

This is one reason why, it I were a corporate IT admin, I would get rid of any hardware firewalls the company was using, and put my software-based firewall on the company network. It would be able to stop this guy's stuff, where the hardware firewalls could not. The is what he apparently cannot understand. Hardware appliances do not have the flexibility to stop it, but my software based system does.

Reply to
Charles Newman

X-No-Archive: Yes

Well, this sounds like something this guy, and his engineers would try. If MediaZone really is a subsdiary of this guy's company, they just might well pull it off. Given that the transmissions are going to be encrypted, and he talked on here about encrypted transmissions, this just might be a subsdiary of his company.

From what I gather, MediaZone inked a contract with the USFSA to webcast all the events under their direct control. If this is a subsidiary of this guy's company, as I suspect it may well be, IT admins may well be in for some serious trouble. If the packets are encrypted, it would be that much harder to gather evidence to use inappropriate internet use as a reason to fire someone. That would have to come up with another reason, such as to tell them they are being downsized. That is the most common reason cited. It allows a company to get rid of an unwanted employee without having to say anything to any future employers that call up for a reference. You could still fire someone, but you would have to come up with another reason. Using downsizing as a reason saves the company from finding itself having to fight a wrongful termination lawsuit in court.

Reply to
Charles Newman

Which was completely different from what the troll was proposing back in January.

No, this is just a clueless troll

Still haven't bothered to learn about basic network concepts, huh?

That's only through your lack of knowledge of networking. Actually it's absolutely _trivial_ to detect, and _very_ easy to stop - in quite a number of ways. Just because you can't imagine how it's possible doesn't mean that every firewall admin is equally lacking.

But you are not - you're not even in IT, because you lack the knowledge and refuse to learn anything about it. Why should anyone take your advice when it has been proven on many cases that you don't understand even the fundamental concepts. Sure, your bean counter instructor taught ONE microsoft class, but you already know that microsoft has lied to you in that class, as has been pointed out on numerous occasions.

Charles, that was proven to be false - and you just can't imagine how all of your "network knowledge" could be so wrong.

Have you gotten a version of *nix installed yet? Remember, even microsoft is going to transition there, and your limited knowledge is going to be more useless until you learn it. Hmmm, you could even look at the built-in firewall and see one blatantly obvious trick that would block this trolls imaginary service at the perimeter firewall, but your toy firewall never heard of it. Wonder why.

Old guy

Reply to
Moe Trin

And you expect a company like MediaZone to be using clueless trolls posting from anonymous relays (or like the posts in December and January, through cracked windoze boxes) everywhere except California. That makes sense to you I'm sure. I suppose you also expect CCH to be flogging their services from anonymous servers, and you buy pharmaceuticals from the same sources.

That's stretching pretty far, isn't it? Or have you subscribed and are hoping it's not fake. If you paid by credit card and can dispute the charge.

Try using google - It's remotely possibly you might learn something.

What evidence do you think you have that this might be possible? By the way - make up your mind which is a subsidiary of which.

See, that's another reason you'd never make it in IT. You obviously know nothing about computers, never mind networking. You might want to check the 'alt.folklore.urban' newsgroup - there's a pretty apropos thread that might even hint a solution to you. But then again, it _is_ technical, even if it probably is fake.

Is that what you were taught by your bean counter instructor? Here's a free clue - consult a lawyer before you try that, lest the state of California Department of Industrial Relations comes down on your a$$. Think I'm joking? Ask a rather large chain of stores with a California headquarters near the Oakland/Bay bridge about that. (Can't believe they were _that_ stupid.)

Old guy

Reply to
Moe Trin

And you are a complete idiot - a hardware firewall will stop it, and even block it, if the firewall is setup properly.

Reply to
Leythos

X-No-Archive: Yes

We were taught in certain business managment courses, that unless you actually have the content they were downloading, you don't dare use inappropriate internet usage as a reason to fire someone. You look for another reason to fire them. That is what I was taught in busienss management courses at one time.

Reply to
Charles Newman

Well, you better be careful, if you dont have the actual content. You better have another reason to fire them, that will stand up on court, or your a$$ is gra$$, and they are a lawnmower.

This is what I was taught in the late 1990s. I was taught in a business law class that when it comes to firing for inappropriate internet use, and dont have the actual content they viewed or downloaded, you better find another reason to fire them. You can find other reasons to fire someone, you just need to be creative about it.

Reply to
Charles Newman

X-No-Archive: Yes

Now look here, asshole

You might get by the hardware appliaances, becuase they are not completely secure, but you would never get past my setup based on a software firewall. One guy on here might call it a "toy firewall", but it can do a lot more than the hardware appliances can. Your setup would probably use a Socks proxy, and I have Tiny setup on my network to only allow the Socks proxy to get on on the ports that PrecisionTime and Sam Spade use (ports 37 and

43 respectively). Also, becusae of the gaping security hole that CyBlock filterng proxy has, Tiny is configured to restrict it to ports 80 and 443 for outgoing calls. I would like to see your stuff get past my setup, wiseguy. Wavecrest really needs to fix the security hole their product creates. And its too bad, really, becuase it has all kinds of reports, that can drill down to an individual user, or IP, if needed, that the hardware filtering appliances have not learned yet.
Reply to
Charles Newman

But you have to have the actual content of what they viewed or downloaded, in order to show they used the network for non business reasons. If you dont have the actual content, you had better tread lightly on it. That is what I was taught in business law class once.

Reply to
Charles Newman

And it doesn't stop people from being Fired for ACCESSING NON-BUSINESS NECESSARY sites, and since we can account for browsing habits/time, it's easy to FIRE someone for spending to much time on the Intenet instead of working.

You need to get into a class that was taught in the 90's or 2000's years.

Reply to
Leythos

"Moe Trin" wrote in message news: snipped-for-privacy@compton.phx.az.us...

First, most of these open proxies have NOT been cracked. Most proxy servers are open to the world by default, and most site owners dont even know it. Bess, one of the leaders in filtering technology, shipped their filter program open to the world, be detault, for years. Proxy lists used to list a lot of open Bess proxies. You can find lists of these proxies at several sites on the Web. Do a web search on any search engine, and you will come up with constantly updated lists of open proxy servers worldwide. The servers we use can be found in any open proxy list on the Net. Second, we SPECIALISE in online programing that peopel might want to watch from restricted enviroments. Anonymous Demonic Media has several subsidiaries that do programming like this. We even do some political programming. During the Supreme Court nomination hearings for John Roberts, in the USA, we provided an encrypted feed, and had a lot of people watcihng from work. Becuase the feed was encrypted, there was no POSSIBLE way that someone's employer could find out WHAT they were up to. All sniffing the data packets would get is a bunch of indecipherable nonsense. We had a lot of interest from US users wanting to be able to tune into the hearings from work, without the boss knowing about it. With the controversy over Harriett Miers, we expect that to be one of our most ordered products, when we go online with an encrypted feed of the hearings. People will be able to tune into the hearings from work, and nobody, and I mean NOBODY will be able to figure out WHAT is going on. Also, as far as anything going on in Europe, partcularly the

29th March solar eclipse in Africa goes, a lot of cell phones in Europe now have high-speed internet access built-in. Someone who REALLY wanted to sneak on from work could unplug from the company LAN, and plug their office PC into their cell phone, and sign on that way. short of using an illegal cell phone jammer, there is no POSSIBLE way they could detect or stop THAT, because all the traffic would be going through their cellular provider, and nothing would show up in the company logs. We are going big time with some sports coverage. We are in the process of inking deals with several figure skating federations to provide live subscription video feeds from skating contests worldwide. Since most of them are in Europe, especially in the fall, it will become the European IT admins WORST NIGHTMARE, if anything should be on during the daytime, especially at Europeans. If we get to Webcast video from the European championships in Lyon, in January, it will be European IT admins WORST NIGHTMARE COME TO LIFE, as they will be unable to stop people from watching from work. In fact, the tentative schedule right now has the ladies short program, at Europeans, at 12:15 PM local time, on 16th January. For IT admins in England and France, it will be their worst nightmare, as people start logging on from work to view the ladies short program from Europeans. Even if we dont have video. our IRC-based commentary will still probably have a lot of hits.
Reply to
Owl Jolsen

If the user doesn't have local administrator access then they won't be able to change the Proxy settings and won't be able to use the Cell Phone method - and once again, a properly setup network won't all your crap to be accessed.

Reply to
Leythos

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.