My employer has decided to block OzBargain. This comes as a compliment to the creators of OzBargain, however makes it difficult to enjoy OzB during my lunchbreak.
Can OzBargain please create a mirror site so we can enjoy this while taking our lunch break?
They can't block the Ethernet port
Considering it is a work computer, don't you think they may need that port to connect to the bank's network?
Why would the bank need an Ethernet port on someone's laptop
Why are you assuming the OP is using a laptop?
Makes no difference laptop or desktop unless the Ethernet cable is hard wired into the PC LoL
unless the bank has a strict policy on disconnecting and reconnecting Ethernet ports.
If I was network administrator and found out you were disconnecting the ethernet and connecting to unknown network (at a bank) in order to circumvent my site blocks, I'd take note of that…
@jonathonsunshine: yep… You might even suspect that there was unethical practices going on. You would report it to the board. Then the board would…. Er… Get a report done by Clayton Utz?
@Michegianni: having previously worked with several of the major banks they absolutely do have policies about plugging in or connecting devices and or networks to corporate machines. It is a massive huge no no as it is a huge security risk. Not to mention the posters request here is dumb, if they are blocking ozbargain then they will almost certainly block any mirror as well.
Highly likely to be MAC filtered, and plugging in a different MAC addy will trigger NAC to block the port on the CISCO. Many big corporations have gone this way now.
A different device is not being plugged into the network, the computer itself is being connected to a different network (via tethering).
@voolish: Not literally, I worked for one of the bigger mining conglomerates here in Aussie who had it enabled. Really pissed off that staff and IT guys/girls alike.
@gearhead: Yeah, I read it differently. Sorry about that.
Still, in my experience with big corporates, something similar to DCS or equivalent product would stop this from working. You would think the bank would have all bases covered.
@dazzywazzy: but I didn't see them did I? So my statement is still correct 😋.
For me it just meant an extra 30-45mins sitting on hold until someone from network ops answered the phone and let a computer I had just replaced the main board on to connect (they never asked for verification either which shows the futility of MAC filtering).
@gearhead: Plugging a company machine into a different network?
Sounds like a great way to lose your job.
Can't tether on my work computer (ASX50 company). If a website is blocked it's done via a web based proxy. So if you connect via 4G it will ping the server before trying to connect.
So you have 2 connections going at the same time ?
Can you kill the work one ?
It's built into the MOE. So regardless of connection it will authenticate through the cloud based proxy.
EUC is getting smart now ;)
They can't block the Ethernet port
Yeah ya can, MAC filtering for a start (but you can fake that). Can also block hubs etc (only one IP allowed per port).
Or unplug a cable.
I don't follow.
You mentioned mac filtering would stop you from using your own internet connection.
How would it do that ?
They can't block the Ethernet port from being used on another internet service.
I don't think you read the entire post.
I'm saying, unplug their connection - plug in your own. Either tether through USB or get a 4G device with Ethernet.
Not sure what you are talking about re: wireless Ethernet ???
Have you ever worked in a corporate computing environment? You don't have admin access to your own machine. They absolutely can block the ethernet port from being used on another service.
Not sure what you are talking about re: wireless Ethernet ???
If I unplug the cable, how do the electrons get from OzBargain to my PC?
I don't follow.
Neither do I. So I'm sitting at my desk at work, the boss tells me he's going to a 'meeting' to which I think "Great, OzBargain here I come!".
Of course it's blocked, so I unplug the ethernet cable.. and… then what?
@Michegianni: So I plug my work computer into my own network.
Right, so you want me to ring up Telstra and and get then to install my own personal NBN at my desk. Uh huh.
Or do you mean that if I have a work-supplied laptop I can connect that to my modem at home, showing you don't quite know how this stuff actually works.
Have you ever had a job?
@D C:
Wow the comments here are insane.
You get a 4G modem with Ethernet. How many bloody times do I have to repeat myself. I actually gave up after seeing such retarded responses designed to only attack people without actually reading all the information.
If you actually bothered to read my post…
I wonder if you have actually ever had a job or worked in IT before…
Or if you can read ?
Is this the way you respond to things in your daily work life as well ? Ignore the most important piece of information ? 4G modem with Ethernet.
Jesus christ this site has seriously got some plonkers.
Any of these will do the job.
http://computers.mwave.com.au/m/electronics/4g-Modem-Etherne…
@Michegianni: If it is a work issued and managed machine this will almost certainly be blocked or detected and result in them being sacked. Banks take bypassing network/machine security seriously.
If you actually bothered to read my post…
I did, you've no idea.
You cannot plug an unknown device into a corporate network and expect it to work. (And if it does work, it won't for long. Been there done that.)
That goes for plugging your personal laptop in the corporate network, and also for attaching your 4G modem to the work PC. At the simplest level the work PC is will only connect to a certain domain and gateway, and that's not going to be your 4G modem.
Jesus christ this site has seriously got some plonkers.
Probably the only thing you've gotten right.
Here's a question for you, what's the difference between browsing OzBargain on a 4G modem or a phone?
Lol, looks like @Michegianni has run out of negs for the day. Come back tomorrow son, you can get the rest of them then.
Or maybe in the morning you'll wake up and think "Oh yeah, that won't work…."
@D C:
DC I think you and Michegianni are completely misinterpreting what either of you are trying to say.
What he is trying to say is that once you yank the network cable off the desktop, NAC doesnt apply. So theoretically it will not be governed by NAC policies/port security etc.
The reason this will not work is because firewall and HIDS (host based IDS) policies are typically managed through GPO. There are (typically) two sets of policies, one for when the box is connected to the domain, and the other when it is connected to an untrusted network (e.g. the 4G dongle w/ethernet). As soon as the box is disconnected from the network, it's likely that the firewall ruleset will be ridiculously locked down (e.g. allowing outbound connection to only their external VPN service etc).
Another very simple thing will thwart the OP… the proxy settings. These settings are typically administrator-controlled and cannot be changed by a normal user. So when OP yanks the network cable off plugs it into their 4G, and say the host firewall DOESNT clam up, browsing the Internet will still not be possible as the the configured proxy server will be inaccessible.
the proxy settings. These settings are typically administrator-controlled and cannot be changed by a normal user.
No typically about it for a bank, but yes, unless you are admin you simply cannot connect your 4G modem and magically have it work. Jeez, can't even pick you screensaver or wallpaper these days.
I had no problem understanding what @Michegianni was saying, just bemused at him being so naive thinking it would work. "Plug it into your own network, duh! Morons!"
As someone else pointed out, it's easy to spot those who've never worked in an environment with any sort of security.
I've seen machines set up to wipe themselves if connected to a 'foreign' network. Many of my apps will embed a code into documents so the monitoring system can detect if they're being copied or emailed; a friend was almost fired because he had trouble accessing a file from home so in a brain fade moment emailed it to his personal address. Some even store the temp folder on the network, not the local drive to protect data (oh, so that's why it's slow…).
The @Michegianni's of the world really have no idea.
@D C:
No typically about it for a bank, but yes, unless you are admin you simply cannot connect your 4G modem and magically have it work. Jeez, can't even pick you screensaver or wallpaper these days.
It could work in certain instances, but way more effort than its worth. Most use wpad files hosted on a network location, so you could have a node on your own network do NBNS/LLMNR/DNS spoofing and then serve up your own WPAD file.
To fool the firewall policy (i.e. bypass NLA), there are ways as well, from spoofing a WINS/DC etc. All wayy too involved and require a bit of technical expertise.
https://blogs.technet.microsoft.com/networking/2010/09/08/ne…
I've seen machines set up to wipe themselves if connected to a 'foreign' network. Many of my apps will embed a code into documents so the monitoring system can detect if they're being copied or emailed; a friend was almost fired because he had trouble accessing a file from home so in a brain fade moment emailed it to his personal address. Some even store the temp folder on the network, not the local drive to protect data (oh, so that's why it's slow…).
That is really smart. :) A colleague working at 'payments provider' is in a blue team that actively uses the exact same technique for DLP. They have nodes internal and external that "catch" these callbacks. If certain callbacks are triggered, it automatically raises a DLP incident which they investigate and invoke HR when its confirmed.
To defeat this, you need to somehow block outbound to a bunch of blacklisted domains (or null route them). To do this in the simple manner would require you to access the hosts file on your box (which again requires local admin so lol). The more complicated way would involve either running a DNS server (and resolving callback domains to loopback) or drop connections to sus IPs at the gateway (which you'd have control over through DHCP).
The @Michegianni's of the world really have no idea.
True… very true.
It could work in certain instances, but
…none of them as simplistic as @Michegianni claiming "4G modem noobs! Just plug it in and BOOM! Unblocked internet you morons!"
There is a whole protocol designed to screw over employees who do that. It's not common to use but the employee will likely get caught and questions will be raised
Break the network security in such a manner and the network/sysadmins will have your arse. Period. You'll have way more to worry about than a blocked website. Under no circumstances plug your own shit into your work network, it's a pretty solid track to never working in finance again.
I don’t know why anyone thinks you plug it into your work network.
You don’t.
No-one cares to read anything so I’m not even going to bother.
You plug it into your work computer. Not your work network. The whole setup actually bypasses your work network. That’s the whole point.
Ingnorance must be bliss to both of you.
You plug it into your work computer. Not your work network. The whole setup actually bypasses your work network. That’s the whole point.
Plug a non-approved device into a work PC? Connect a work computer to a 'foreign' network? Yeah, that's a firing.
Won't work anyway, go try it.
Ingnorance must be bliss to both of you.
How's it working for you? Seriously, go try it.
@D C:
You’re a clown I do it all the time - hence why I suggested it.
Even if I proved it to you with a video you’d still be in denial.
People will make their own reality and lie to themselves to feel better about being wrong.
You can show them that a ball will fall to the ground when you let it go, capture it on camera, show them that it will definitely happen, show them scientific papers but once their mind is set on being right they will never consider anything other than their own warped false reality.
That’s you - plonker.
People will make their own reality and lie to themselves to feel better about being wrong.
Yeah.
So which bank (*) is this then?
We're all curious as to which bank has so little security & oversight that they're happy to let you plug random crap into their computers and do no work.
I see you've gotten a lot of negs for your silly idea, none of them mine. Lots of plonkers here it seems. Hello, fellow plonkers!
(* definitely not that one.)
They don't want you to see how they're ripping everyone off with their savings accounts.
True. Banks are the biggest 'oxymorons' ever! They are the biggest ripoffs and 'loan-sharks'.
I just realized about this with my westpac eSaver after a year.
Regret that I didnt realize sooner that Ubank or RAMS provide much better rate annually.
Basically lose $ 4k in interest. Y'all reckon that I can "threaten" them by moving all muh moneh to Ubank / RAMS?
Nope don't even bother. Just jump ship.
Already halfway, cant do all in one-go theres a limit.
Not happy with them, 1st the Saving Interest, then almost losing my $1k by depositing through ATM & also after that ATM miscounted the cash by $100 (lucky I got the receipt otherwise they say no such things happen and told me to be very careful next time).
Such a joke, really grind my gear. One time it really make my blood boil that I want to report them to similiar organization for ACCC but for banks
Try a web proxy.
Fiber proxy is blocked.
Ah, doesn't surprise me all the well-known ones are blocked.
Looks like it's use your phone, or, y'know, go do some work.
You can setup your own proxy using a free amazon microserver.
@D C:
Funny thing is , some of these big corporation is very aggresive with blocking the time-wasting web that they blocked gmail as well, which sometimes used for productive & work related purpose.
blocked gmail as well which is sometimes used for productive & work related purpose.
I'd block gmail as well as other webmail. Most companies do, as someone pointed out it's to stop people leaking data.
You have a company email account, use that. (And yes, you can use gmail for your company while blocking peoples personal accounts.)
Yes, try something that would likely get you fired, OP :)
Lol I did not think of that.
Guess op's only option then is to use Ozbargain on his phone.
Blocking Ozbargain on Anzac day. That is just bloody un-Australian!
If its affecting morale, tell that to your boss, and get a petition going, or use a proxy.
Petition to unblock a time-wasting site while being paid on the clock at work? Yea, that'll work.
His comment is obviously sarcasm…
Hahaha. Are you still at school or Uni? I don't think you realise how the real world works.
Yeh im a 12 year old boy. The real world is big and scary.
btw, are you the same dogboy from the smg lan back in the day ?
Nope
You could try accessing OzBargain directly by IP: https://43.229.60.154/ (If it's just DNS filtering) or Google's Data Saver.
Thanks, also tried that but no luck.
go to your boss for advice…. oh wait they are not good at that
most of their advice came from ozb forums. theyre not only blocking the site, theyre blocking the paper trail.
Boss will give no advice and charge you for it.
Good reason to find another job, my boss loves OzB.
Haha same here and he doesn't care about the casual browse during work hours either.
how about using your own fricken mobile phone?
Perhaps your employer does not like that we have a poll featuring competitor's bank accounts as well as deals from other banks.
are you working for the cult of the red star?
i really feel for you i only use this site when i'm at work lol
4G
Your bosses are bankers.
Typo? I believe you were going for wan… Ohhhhh.
Nah I was trying to type wan… But then I got candle jacked.
bankers are souls caught sucking ship heads
Scotty tried that at OzBargain too.
You're all wasting time on Ozbargain when you should be shredding and deleting stuff for the Royal Commission.
shredding and deleting stuff
Lol, as if they can find the paperwork in the first place.
(Disclosure: I've worked for three banks on various "you will now compensate the customer after ripping them off" projects.)
In hindsight Malcolm Turnbull's delaying of the Royal Commission was a job creation scheme; the more the banks ripped people off the more people you need to hire to clean up the mess. I look forward to my next contract, thanks Mal!
You are paid by the boss to work - not play around on the web visiting external sites.
Usually jump on there during my lunch break.
Yeah right.
This is your boss btw… yeeeeaaahhhhh
I have shares in some of the big4 banks, can all the employees work hard instead of browsing, so the banks keep making record profit each year and my sp keeps going up. Pass this on to the management as well. Thanks.
Then use your phone if it's on your break
Good. Less competition for limited stock now
On eBay the 'conventional wisdom' was to end auctions after Sunday dinner, the 'best time' as people were home blah blah.
I thought this was bollocks, so I ended mine Tuesday-Thursdays after lunch, which is when the slackers like OP would get back to the office and spend an hour or two futzing about on the 'net.
For what I was selling it worked rather well.
I wonder if that's still the case, or does everyone block eBay these days. Or no-one gives a damn about eBay auctions.
I buy work stuff off ebay with my company credit card!
I'm sure I'm not the only one.
Years ago at CBA there was a bloke selling old gear for them on eBay. Never did ask him what the account name was.
Oh well, more gains for me
Tor is most likely blocked.
I don't see how the bank could block it if you use a bridged connection.
I just accessed ozbargain using tor, so ozbargain don't block tor users.
The bank can block USB, block unknown apps, block TOR exits (yes yes which is why you bridge) and then invite you for a chat with HR after all this shows up in the logs.
Just use your damn phone.
Since this is a bank environment. The server will have strict group policy settings.
@D C: You can tell how many people have never worked in a corporate IT system that has any sort of security
@D C:
The bank can block USB
Go to devices >> right click on your usb >> select browse files >> Bob's your uncle
Don't really want anyone to know.
That you've no idea how group policy works?
Some places make it so you can't read or write to USB. At others you can read from USB, but not write to it. Sometimes they simply fill the ports with epoxy or pull them off the motherboard. Fascinating stuff.
Use your phone and RSS to the community's feeds!