BlameThePixel!

Heh, i got banned from the network for a week for introducing that to my school.

Altho if i was gonna be pedantic there weren't actually any published rules about it. And looking at the ones that have been put into place following that discovery i personally never actually broke any of them.

Since then we've lost the DOS prompt and it's much harder to do. Altho the rules say i shoudl gain unauthorised access to any system settings or use external software without permission from the ICT dept - i could still make a form in MS access that runs the shell command if i use that flag that supresses the CMD prompt opening. It works, I've tried it - I just hope no-one blames me this time if ppl find out

lol, I didn't get banned, just told off by the deputy head, an English teacher who clearly didn't have a clue what he was talking about.

I suppose you could say I assisted other users in sending offensive messages (all the "U R GAY"s that were going around), but indirectly and it's daft that I should be responsible for what people do with software I develop. I even put a little disclaimer in the thing.
Security at our school tends to be based on "they're kids, they wouldn't know how to do that". Like the student stats spreadsheet on an open network share, or the one-character password on an admin account.
They have got a bit better recently though. That admin password which we had for two or three years has been changed, my old webserver has an IP ban, and they deleted our copy of Firebird.

I'm interested, how did they get rid of the dos prompt? Can't you just go to Start > Run > NET SEND ...?

no run menu, it's a strict login with lots of disallowed function, they even run VNC so they can watch us if they want. (noticeable slowdown can give this away). Why oh why would they delete firebird? delete IE, much better course of action.

Also, due to some unforseen security beef up, we cant actually view the ICT code of conduct, it gets closed when we open it automatically.

ya ours has the VNC. And the same thing happens to us. It slows down so u know they are. But no-one really does anything bad because u cant even go onto the internet without getting in trouble. Odd really.

Our teachers dont even know we can delet out history and our command prompt ahasnt been blocked...I shall try net send what eva it is

does this "netsend" send to every computer?

Only if you type "net send * (message)", which luckily not many people discovered at my school. Type "net help send" and it'll tell you everything

We have to use Synchroneyes by the way - it's rubbish, lets you close it or rename your computer easily. Lags like hell if you change your resolution.
The admins of Readme's network at least seem to have a clue, the last time I pointed out a suspicious file on the network in got double-clicked by an IT teacher and then the whole network had nimdA.

the command is 'net', 'send' is a parameter... sort of a command of 'net'. send del net.

anyway in command prompt type "net /?" or "net help" and/or then "net send /?". 'net send' is used to send a single message to a single computer, but can be used to send to multiple computers depending on network configuration. many schools have firewalls set up that would block any attempt, and i wouldn't know how to get around that.

from within the network it's unlikely that the firewall will block it, net send uses the messenger service so any windows PC running NT4+ will have it iirc, even works over the internet i belive

syntax is

NET SEND [address] [message]

Where address can be an IP, computer name, or more usefully - the login name of the recipient.

Yea, I meant firewall within the network. They may not, of course. It all depends on the network setup. I don't know Novell that much. I think they can disable things really easily.

wow i can't believe you know so much about this type of stuff.




wats nimdA?

W32/Nimda-D is a variant of W32/Nimda-A. The virus spreads via email, network shares and websites.

The W32/Nimda-D virus can infect users of the Windows 95/98The Pope$1operating systems as well as Windows NT and 2000.

Affected emails have an attached file called SAMPLE.EXE. The virus attempts to exploit a MIME Vulnerability in some versions of Microsoft Outlook, Microsoft Outlook Express, and Internet Explorer to allow the executable file to run automatically without the user double-clicking on the attachment.

The virus copies itself into the Windows directory with the filenames load.exe and riched20.dll (both have their file attributes set to "hidden"), and attempts to spread itself to other users via network shares.

The virus alters the System.ini file to include the line

shell=explorer.exe load.exe -dontrunold

so that it executes on Windows startup.

The virus forwards itself to other email addresses found on the computer. Furthermore, the virus looks for IIS web servers suffering from several vulnerabilities, including the Unicode Directory Traversal vulnerability.

The virus scans for vulnerable IIS HTTP servers by generating random IP addresses and sending malformed HTTP GET requests. When a vulnerable machine is found, the virus copies itself into file HTTPODBC.DLL and runs.

On some affected machines, the virus also copies itself into the Windows directory with the filename CSRSS.EXE.



Just discovered how to delete files using command prompt...the fun I shall have in IT on Monday....

Just a virus would of done, I think your planing something?

Ur kidding me right? And i wouldn't recommend deleting files wontonly, someone might need them, and that someone could be you.

I hardly ever dabble with command prompt, so it's all new to me.

Oh and I'll just delete a hard drive or two while on someone else's account