I must have missed that – I never really read the Montclairion. I hear it is good for burning though. Ark took a pottery class at some point, and he said they would regularly raid the Student Center and take reams of Montclairions for burning in the glazing furnances. ;) So they quoted you in it or what?

And people should have been fired. Someone out there was responsible for “accidentally” putting these records in the open, or authorizing someone to do it. If they won’t take any disciplinary action against people who do stuff like that then this will continue to happen.

Haha, yea, galaxy – it was a clusterfuck, literally. I was running a sniffer trying to analyze all that BS IP traffic, it was meaningless.

First time? Oh , that livejournal “scandal”, back when some genius, *ahem*, at MSU put all our SSNs up where a webcrawler could cache. I thought the school should have been held somehow responsible or at the very least the person should have been fired. This, to MSU’s paper, was big news. ZOMG el jay is newzzz!!11 Shanywayz, it turns out that person is gone now , so things have a way of working themselves out.

My favorite MSU security mishap was when Dr. Zartiski’s monster cluster got totally 0wned and used to run DDOS attacks. Fun times.

Wait, what do you mean by “again”? What did you do to get into it the first time?

Heh heh, yea well, I was with MSU before we even had a firewall. They were late in the security game. I used to scan open netbios shares at MSU from home when I was still in high school. Back then if you came to the campus with a foreign laptop all you needed to have was a bootp client or know how to grab a DHCP address yourself. Now there is a registration/virus scan process, etc. Things have changed all the way over to the other side.

Basically they had so many campus wide issues with worms, DOS attacks, and hacks that they implemented an extremely strict policy that cripples some usability. There is a very complex art to having intelligent firewall rules. When I was setting up Via Video conference cameras, we had to punch holes to access it via telnet (it did not run SSH) and http. Pretty soon, incoming and outgoing connections had different issues, and after a while, anything besides basic browsing potentially needed an admin’s involvement.

Well, you got the admin involved and the allow rule was purportedly created. So it seems you need to find a way to make the firewall reboot. How good are you with electricityz? Heh. ;) Jk jk, I don’t want to end up in the Montclairion again. Hahaha!

Well… He asked the firewall wizards to make a rule for me that would allow me an outbound access to the specific IP that I need.

But I still haven’t been able to successfully VPN out.

I talked to Nick and he said he had similar problem, and a similar solution, but his rule did not go into effect for couple of months until MSU had a major power outage and the firewall got rebooted. :P

Sigh…

Milos is right. When I worked for networking we would have to get access per device in order to punch a hole through the firewall. There are a few tricks to get around things though … how did Milos hook you up?

Wohoo! Miloš hooked me up! I think I will be able to use VPN on campus now. :mrgreen: :mrgreen: :mrgreen:

Yeah, that makes sense. But still – I imagine that quite a few people sometimes need to bring their work to school with them, and could really use a working vpn…

Anyways, thanks! :)

As the various network upgrades were performed in the past, I believe that the Networking group was guided by the following (good) principle:

“Disable all and then enable only what needed/requested/approved”

If I get more info, I’ll let you know.