Technical Assistant Attachment Programme

Sweeping up dirt with my roaming profile

• September 21st, 2007

I thought my own profile need to be way better than the normal student folks. Instead of using the same mandatory profile with the masses, I changed mine to use roaming instead. Wow.. finally I can have my own wallpaper and my own Firefox settings uniquely to my own! Oh the joy of Active Directory!Then..

..as times wear on, I realised that the perfection of a roaming profile is illusionary. True it is good, but only on a perfect world which I don’t live in.

In reality, due to a college’s enviroment, garbage software tends to gunk up pc’s faster than the rev meter on my friend’s car. Usually within hours of a fresh install, I can see garbage like Picasa install on the units. Who the heck uses Picasa on a public computer anyway?!

As such, as my roaming profile goes places when I log in to different pc’s all over the campus, it started collecting junk left by those pesky autoruns and utilities and services that litters my profile with useless settings.

I checked my profile and I saw things like Picasa settings, photoshop settings, mySQL settings, apache settings, java settings, the list goes on. It’s so bad that from my original profile backup which is only 19MB, it’s now a freaking 80MB. Then imagine loading this 80MB from the server everytime you log in.

Yup.. that’s me sitting there still staring at the loading screen. Har har.. very funny.

So now I’m figuring ways of locking down my profile when I don’t want it to collect infomation. I wonder if I can set my personal roaming profile to mandatory while existing on a different folder from the rest of the noobs.

ntuser.man -> ntuser.dat

Love hate relationship with APIIT firewall

• September 18th, 2007

I have always been fascinated with APIIT’s firewall. The same kind of interest you give your first Tamagotchi or Transformers toy. Like how it works and what it hides from you.

On one end I like how it blocks games from being run and videos from being streamed by other students. What for letting them take away bandwidth that is rightfully mine! On the other hand, I can’t use free bandwidth to stream too! WTH?!

So I tried to find loopholes and backdoor. I know there’s a staff segment but I can’t connect to that since I’m on a hardline and not in the correct domain. I also can’t simple use a VPN network cause my home pc is downloading nonstop too!
So after many attempts to ping, scan and infiltrate, I’d like to say.. I still don’t know how to trespass it.

Hau Cheong is breathing a sigh of relieve at this point.

Seems like he (dude above ^) got all the best YouTube, EXE’s, DIVX’s blocked nice and tight. However I have a reasoning that there are files like DOC or ZIP that he cannot simply block from AOCC or the general web. This would be my break.

So as part of my FYP, I did research on file compression and file download. Incorporating it into an online service which allows remote downloading and concurrent file compression (on the fly).

What it means is that I can specify a file and let my remote server download the file, then compressing it and pushing it back to the client to download.

HAHAHAHAHA

Also meant that since APIIT’s firewall allows ZIP file download, I can basically ask my server to download any files I want and stream it back to me in ZIP format.

Now normally I won’t post about my exploits here but I see no loophole. Even if HC were to block the ZIP files, I can use a drop down box to specify another extension. Maybe DOC, TXT, PPT (I don’t think he want to block all that). And when he decide to block based on file meta header, I can convert the file to Gzip, 7z, RAR, CAB… etc.. Yay!!!

Me 1; Firewall 0.

PS: Actually I only post this here to get your response on this and subsequently correct my FYP documentation Not going to tell you the server name and it runs on a dynamic IP address. Nothing a firewall can block. I just hope Google don’t cache this. Does our firewall block crawlers? Or next time I can fake myself as a crawler to go through the firewall.