Introduction: How to Disable Insite Student
So I am a (normally) white hat hacker... I am in school right now, and am mostly a script kiddie. (I admit it.) For this hub, I will end up being a black hat cracker (sort of).
So you may be asking "What is insite?" Well, it is a program developed by faronics. Their most popular program is Deep Freeze, which freezes the state of the hard drive so that every time you restart the computer, it reverts back to the saved state. There was another hacker that had a chip on his shoulder for Deep Freeze, and developed a program to disable it. I will not give you the link (although it does work). Insite is often used in schools to control your computer usage. I have a major chip on my shoulder for Insite, as every time I enter my password to sites, anyone with the admin interface on the entire network (or vlan) can view the password in plain text. The problem is that at one time the admins left the admin interface on the frozen hard drive of the student computers. 1. I don't trust even my professors that much. 2. I trust my fellow students even less. (Especially since I'm in in computer networking classes... A.K.A. hack classes!)
Now since then they have removed the admin interface from the hard drives, but since they are stupid and all of the computers are on the same VLAN and Subnet, people in other classrooms on the instructor computer can view my information. Not something I want. Now I know that I sign over the right for the school to view all my info over their network, but let's be honest, they at least need to work for it! ;)
So like a good script kiddie, the first thing I did was to google "How To Disable faronics Insite Student. Remarkably enough, I didn't find anything except to disable the student.exe program through task manager. The problem? The admins disabled command prompt. No problem, they used active directory, and a quick net user command shows that the default Administrator account was never removed! Great, go into the Administrator account, and end the process. Access is denied. They fixed the flaw. OK, just for the heck of it, run a task kill command. No go. This is where I really started to get interested. I'm not actually going to tell you exactly how to disable it... just to get you started in the right direction.
So you may be asking "What is insite?" Well, it is a program developed by faronics. Their most popular program is Deep Freeze, which freezes the state of the hard drive so that every time you restart the computer, it reverts back to the saved state. There was another hacker that had a chip on his shoulder for Deep Freeze, and developed a program to disable it. I will not give you the link (although it does work). Insite is often used in schools to control your computer usage. I have a major chip on my shoulder for Insite, as every time I enter my password to sites, anyone with the admin interface on the entire network (or vlan) can view the password in plain text. The problem is that at one time the admins left the admin interface on the frozen hard drive of the student computers. 1. I don't trust even my professors that much. 2. I trust my fellow students even less. (Especially since I'm in in computer networking classes... A.K.A. hack classes!)
Now since then they have removed the admin interface from the hard drives, but since they are stupid and all of the computers are on the same VLAN and Subnet, people in other classrooms on the instructor computer can view my information. Not something I want. Now I know that I sign over the right for the school to view all my info over their network, but let's be honest, they at least need to work for it! ;)
So like a good script kiddie, the first thing I did was to google "How To Disable faronics Insite Student. Remarkably enough, I didn't find anything except to disable the student.exe program through task manager. The problem? The admins disabled command prompt. No problem, they used active directory, and a quick net user command shows that the default Administrator account was never removed! Great, go into the Administrator account, and end the process. Access is denied. They fixed the flaw. OK, just for the heck of it, run a task kill command. No go. This is where I really started to get interested. I'm not actually going to tell you exactly how to disable it... just to get you started in the right direction.
Step 1: How Insite Works
So the first thing I started to think about is: "How does insite work?" Well, since the admin interface is run on a separate computer than the one you are using, it must use network resources. OK, great! Just disable the network controller while you are using the computer. Oh wait... then you can't use the internet if you need to! Well, some of the software on the computer had the port numbers that are being used on the computer... and insite's ports were clearly labeled. So let's use Windows Firewall to block those ports. Well, every time I tried to do that, when I applied it, it appeared to work until I went back in to the settings to be sure, the settings went back to default. I became convinced that no built in Windows program would do the trick. Finally Windows does something right! (Which hasn't happened since they released 8 for desktops and non-touch screens!)
Step 2: How to Disable Insite
So long story short, I found something to help me out... but it wasn't built into Windows. Think about it this way, I need to either disable the port that insite uses, or disable the program, neither of which Windows will do. OR, if your computer isn't running Deep Freeze or some other freezing program, use knoppix or another live OS to boot from a flash drive, go to the hard drive, and delete the student.exe file. If your admin isn't freezing the hard drive, they deserve to be hacked like that.
Other than that, think of a program that can disable the program or block the port. Install it, but don't use one that requires you to restart the computer, since it will probably get rid of all changes and programs added to the computer.
Other than that, think of a program that can disable the program or block the port. Install it, but don't use one that requires you to restart the computer, since it will probably get rid of all changes and programs added to the computer.
Step 3: WARNING!!!
These changes probably violate your acceptable use policy. You could get expelled. You could go to jail. Even if you think you can cover your tracks, you probably can't. I am not responsible for anything that happens to you. I do not condone this exercise, it is just for your information and is not meant to actually be used. Yada Yada Yada. But seriously, you could get in trouble. Trust me. Please. No really.
Step 4: Take the Following Quiz to Help You:
1. What does an antivirus do?
A. It blocks viruses. Most viruses are programs, so it blocks programs.
B. It's a magical program that protects you no matter what you do on the internet.
C. Something that you should have more than one installed on every computer.
2. What does a firewall do?
A. It is a brick wall that spews fire.
B. It's a program that blocks traffic that doesn't origionate from your computer - mostly based on port numbers.
3. Which of the following antivirus programs/firewalls are better?
A. Norton
B. Zone Alarm Free Firewall
A. It blocks viruses. Most viruses are programs, so it blocks programs.
B. It's a magical program that protects you no matter what you do on the internet.
C. Something that you should have more than one installed on every computer.
2. What does a firewall do?
A. It is a brick wall that spews fire.
B. It's a program that blocks traffic that doesn't origionate from your computer - mostly based on port numbers.
3. Which of the following antivirus programs/firewalls are better?
A. Norton
B. Zone Alarm Free Firewall
Step 5: Quiz Answers
1. A
2. B
3. B
The quiz will really help you...
2. B
3. B
The quiz will really help you...
