24 December, 2006

on access and hostilities

Sometimes, I find myself cut off from the rest of the world. During these times, I may have to resort to using somebody else's transit network. Occasionally this is more than just an ISP or two, such as an ad-hoc network that connects to an ISP that subsequently connects me to another ISP, and then to the innernets. An example of this would be a campus network, or that in a coffee shop.

It deeply saddens me, but sometimes people on these networks, for whatever reason, feel the need to exclude, filter, throttle, or otherwise malign packets coming from my machine(s), be they over copper, glass, or wireless. I can't imagine what they think is going through my head. "Uh oh, the innernets are broken, maybe it's time to restart." or "Man, this wireless card is sure giving me trouble!"

To those who would do such things, I didn't get the message. Passive aggression is very bad at conveying explicit data. And also, please remember that I am not your average user, with your average understanding of the way networks work. In fact, I'm not even just a skilled user. I am a highly skilled, trained, and proficient network administrator, systems administrator, and security officer. This means that I don't have any false conceptions of "my hardware isn't working," or "maybe today the innernets are down," or that devices and software are, just temporarily, beyond my understanding and control.

No, when I come across this sort of behavior, I am not likely to walk away shaking my head, taking my laptop and going home because you've so stealthily and cleverly done whatever it is you hoped to achieve. Rather, I am inclined to swap a good defense for a good offense. Where I cannot circumvent, I will aim to commandeer. Where a firewall exists, I will tunnel ports, reshape traffic, or indeed commandeer said firewall. The only network that is certain to exclude me from it is a network that is airgapped. Should that happen, I am about as equally pleased that I have excluded you from your network, as I would have normally been, having retained use of it.

There's no need to be a martyr. Not everyone out there is a drone. Sometimes, it's just better sense to let the red team have the run of things, while reducing the damage wrought by hostile residents of your network.

War. The packets will burn. The networks will run with the anguished cries of defeated countermeasures and the cancerous arteries that are your commandeered or destroyed applications and devices.

Ask yourself whether your agenda is worth loss of data or loss of access.

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.
[[error]]
Post a Comment