|
Tac | Tue 29-Aug-06 03:16 PM |
Member since 15th Nov 2005
2050 posts
| |
|
#105, "Mudding from work."
|
Does your employer know?
Do they care?
Would they care if they knew?
Would it be trivial to detect who was connecting from the kind of security logs most corporations take?
Anything else you'd like to share about mudding and work.
|
|
|
|
RE: Mudding from work.,
Drama,
30-Aug-06 10:16 AM, #8
RE: Mudding from work.,
Ysaloerye,
30-Aug-06 09:44 AM, #7
RE: Mudding from work.,
Valkenar,
30-Aug-06 02:47 PM, #10
Haha, I can relate to that one. nt,
Drama,
30-Aug-06 04:37 PM, #11
RE: Mudding from work.,
Bajula,
30-Aug-06 08:37 AM, #6
RE: Mudding from work.,
Isildur,
30-Aug-06 12:08 AM, #3
sidenote,
Isildur,
30-Aug-06 12:35 AM, #4
Nice =) question though..,
Marcus_,
30-Aug-06 02:38 AM, #5
RE: Nice =) question though..,
Isildur,
30-Aug-06 10:17 AM, #9
RE: Mudding from work.,
Amaranthe,
29-Aug-06 09:16 PM, #2
RE: Mudding from work.,
Mylinos,
29-Aug-06 04:39 PM, #1
| |
  |
Valkenar | Wed 30-Aug-06 02:47 PM |
Member since 04th Mar 2003
1203 posts
| |
|
#138, "RE: Mudding from work."
In response to Reply #7
|
>type flee;quaf return. Such is the price of mudding from >work.
The worst is having your boss come over to socialize while you're ranking and then switching back to find that you've been slowly wittled to an entirely avoidable mod-death while ranking. Even more gratifying is the sight of your groupmates repeatedly begging you to flee as you wimpy one room away for 8 ticks before finally dieing.
|
|
|
|
    |
Drama | Wed 30-Aug-06 04:37 PM |
Member since 27th Aug 2006
24 posts
| |
|
#139, "Haha, I can relate to that one. nt"
In response to Reply #10
|
|
|
|
Bajula | Wed 30-Aug-06 08:37 AM |
Member since 04th Mar 2003
929 posts
| |
|
#130, "RE: Mudding from work."
In response to Reply #0
|
>Does your employer know? > They sure do.
>Do they care? > Only if I were to just blow off work in favor of a pk or something.
>Would they care if they knew? Obviously not.. Der! > >Would it be trivial to detect who was connecting from the kind >of security logs most corporations take? I dunno about most. but we keep track of almost everything, I just ignore most of it, or if it gets crazy tell the person they need to leave off it. We have a more relaxed atmosphere than most places. now stuff coming from outside.. that is where the job gets 'fun'.
> >Anything else you'd like to share about mudding and work. It's not the wisest thing. I might have say 70% of a day to mud during certain times of the year, but when I have to go I have to go right THEN. It beats staring at the walls, and if I didn't I'd spend so much money on books it would be sick. For me it's more cost effective to mud. For most of the people out there though I wouldn't suggest it, you are risking your job .. become an alchoholic instead, they tend to send you to rehab and act all supportive when you come out. mudders they just can and give bad references to.
|
|
|
|
|
Isildur | Wed 30-Aug-06 12:08 AM |
Member since 04th Mar 2003
5969 posts
| |
|
#122, "RE: Mudding from work."
In response to Reply #0
|
>Does your employer know?
Not to my knowledge.
>Do they care? >Would they care if they knew?
They would if they knew, but only if I was counting time spent on CF as "work time". Otherwise they wouldn't care. My project manager at one of the client sites I was at recently would organize after-hours LAN parties using the company network. The key being "after hours", meaning people weren't playing games for 2 hours every afternoon then taking off at 5pm.
>Would it be trivial to detect who was connecting from the kind >of security logs most corporations take?
Depends on how fancy you are w/ regard to tunnelling, proxies, etc. If you're just telnettnig directly to CF then it would be pretty easy to detect. It might be suspicious that you're connecting to a non-standard port, or they might not care. My experience so far, albeit limited, is that companies typically just block what they don't want you to access. Or, at least they try. Unless you're doing something illegal (filesharing), expensive w/ regard to bandwidth, or potentially embarrassing for the company (porn) they're only going to ding you if your job performance dips.
>Anything else you'd like to share about mudding and work.
Don't do it. Yeah, I know, I'm a hypocrite. But trust me, it's bad all around. It makes your job performance suffer, and sooner or later your boss is going to walk in and you'll have to go AFK and probably get PK'd while you're away. That sucks ass.
|
|
|
|
  |
Isildur | Wed 30-Aug-06 12:34 AM |
Member since 04th Mar 2003
5969 posts
| |
|
#123, "sidenote"
In response to Reply #3
Edited on Wed 30-Aug-06 12:35 AM
|
It wouldn't be hard to set up a pretty innocuous looking system whereby you could mud from work, assuming they give you normal web access and don't have a keylogger installed on your machine.
1. Get a generic sounding domain name and map it to a static IP or one of those services that lets you automatically update the DNS entry for your domain. This will point to your home machine.
2. Set up a web server with a fake storefront or some other "real looking" content that doesn't identify you. This way an admin won't be disappointed if he loads the site in a browser to see whether it's legit. Also, when you register the domain name, use an anonymizer instead of your real info in case they do a whois lookup.
3. Set up a ssh server listening on port 443. It's unlikely this port will be blocked (or monitored) since it's used for SSL. SSL traffic is encrypted, so the fact that you're sending non-plain-text data to port 443 shouldn't raise any red flags.
4. SSH to yourdomain.com:443 and use the port-forwarding feature to foward localhost:9999 to carrionfields.com:9999. The three main Windows SSH clients each support this: PuTTY, SecureCRT and the OpenSSH/Cygwin port. The latter is simplest, imho.
5. Load up your favorite mud client and point it at localhost:9999. Your packets will be encrypted and travel to port 443 on yourdomain.com, at which point they'll be decrypted and forwarded to carrionfields.com:9999.
The main flaw in this scheme is that if someone were to actually telnet (or ssh) to yourdomain.com:443 they would immediately know you're running a ssh daemon on that port. That would raise huge red flags, since it would be pretty obvious that you're trying to cover your tracks.
Also, if your employer does periodic disk scans to detect third-party software, use a client like WinTin or yTin that doesn't have to be "installed" in the Windows sense. Compress the client and your scripts into a password-protected zip file, then rename that file to something drab like "temp.txt". When you're ready to play, just rename the file and extract its contents.
|
|
|
|
    |
Marcus_ | Wed 30-Aug-06 02:36 AM |
Member since 04th Mar 2003
681 posts
| |
|
#125, "Nice =) question though.."
In response to Reply #4
Edited on Wed 30-Aug-06 02:38 AM
|
>> The main flaw in this scheme is that if someone were to actually telnet (or ssh) to yourdomain.com:443 they would immediately know you're running a ssh daemon on that port. That would raise huge red flags, since it would be pretty obvious that you're trying to cover your tracks.
Couldn't you set up iptables on yourdomain.com to drop all incoming packets that don't originate from your work desktop?
Or even better, to do some internal package shuffling so all packages but those from your work computer end up at an actual SSL server running at some different port. Or forward them to an external SSL server, some e-commerce system for example. (Don't know if the latter works, but it would be neat.. The first option would probably also raise the red flags)
>> Also, if your employer does periodic disk scans to detect third-party software, use a client like WinTin or yTin that doesn't have to be "installed" in the Windows sense. Compress the client and your scripts into a password-protected zip file, then rename that file to something drab like "temp.txt". When you're ready to play, just rename the file and extract its contents.
I put my laptop pr0n in a password protected zip file like that in a last-minute stint of paranoia when I went to thailand (it's illegal there). Much to my dismay, the contents of the folder could still be listed... So I'd say it's more important to rename the ytin.exe file before adding it to the password protected zip folder. (Since I assume a good disc scanning program will recognize the headers of archive files and check their contents anyway)
|
|
|
|
|
Amaranthe | Tue 29-Aug-06 09:15 PM |
Member since 17th Mar 2003
536 posts
| |
|
#117, "RE: Mudding from work."
In response to Reply #0
Edited on Tue 29-Aug-06 09:16 PM
|
Does your employer know?
If we consider my employers my kids, then yes, they know. Sort of. Well they can't read, and I call it "work". "Mommy's working!" Does that make me a bad mother? Trust me, it's more true than not! I only play my imm while my kids are present.. they are far too distracting to play mortals although they are mercifully getting more self sufficient and I did manage a cloistered Herald all the way up to an impressive level thirty-something during their lego sessions.
Do they care?
Yes. Usually it's, "But MOMMMMMY! I'm HUNGRY/THIRSTY/BORED!" and anything that prevents me from instantly jumping up and gratifying their whim is something they care about. Sheesh, them kids and their needs!
Would they care if they knew?
My daughter, the only one old enough to speak, would probably be much more interested if she DID know what it was I really was doing. In fact, often she asks me to play my "Dragon Game" which refers to any graphical game I've ever played (Except for Knights of the Old Republic, which is "the Jedi Game" or "the Jawa Game").. she likes games. Too bad she can't read!
I'm sure this was of no help to you, but perhaps mildly amusing.
|
|
|
|
|