5

So I'm in a new job, and they're pretty draconian about their network, hardware, and OS security. :-( I'm a web developer, but am forced to use IE7 for development simply because they don't want ANYone installing ANYthing other than the boilerplate OS install. Any web developers out there know that, sure - you can "get by" developing like this--even though it's a hassle--most of the time. But SOMEtimes, you need an extra program or two to look at the requests being sent/received to see how your client (the browser) is communicating with the server. I HAVE all the programs I want on my personal laptop, but it's not authorized to connect to the corporate network.

Now I'm NO networking expert, but I had this thought: If I can spoof my work desktop's MAC address & IP address on my personal laptop, unplug my desktop, and then plug my laptop into the network, shouldn't I be able to connect? But it doesn't seem to work. How does the network "know" that anything has changed? I thought that MAC address was the only "thing" which identifies you on a network once you've requested and been assigned an IP address.

EDIT: BTW, I've already weighed the risk of "getting in trouble" at work, so no need to remind me that it's "possibly a violation of the network policies" etc. I'm already aware! My real question isn't, "can you tell me how to do this", it's, "why doesn't this work, since I'm obviously misunderstanding something about how networks operate." :-)

loneboat
  • 303
  • 3
  • 9
  • At what stage does it fail? Do you receive an IP address? Can you ping something? – Jasper Jul 29 '10 at 13:57
  • @Jasper I get an IP address, and can ping the DNS server, but nothing outside the network. – loneboat Jul 29 '10 at 14:03
  • so MikeyB is probably right, maybe 802.11x is activated due to your desktop computer being a windows domainmember. – Jasper Jul 29 '10 at 14:28
  • That's what I'm thinking; I marked MikeyB's as an accepted answer. I've got a lot to learn about networking! :-) – loneboat Jul 29 '10 at 14:38

4 Answers4

5

Breaking company policy to suit your arbitrary requirements is absolutely ill-advised. If you cannot get it approved by IT, speak to your boss and argue for your requirements. Otherwise, deal with it or get a new job.

Warner
  • 23,440
  • 2
  • 57
  • 69
  • 1
    Thanks Warner. My question wasn't, 'How do I do this'. It was, 'Why doesn't this work, since I'm obviously misunderstanding something about how networks operate'. Thanks! :-) P.S. See the edit to my original post. – loneboat Jul 29 '10 at 13:47
4

Sounds like they might be using 802.1x which requires end node authentication to the network layer itself.

Which is designed to prevent exactly what you're trying to do.

If all you really want to do it intercept the traffic in between your desktop and the server, you may be able to do that by:

  • putting a hub in between your desktop and switch port and hooking up your laptop.
  • configuring your laptop to be a completely silent and transparent bridge between two ports and putting it in between your desktop and switch port.
MikeyB
  • 38,725
  • 10
  • 102
  • 186
  • 802.11X is NAC. See: http://en.wikipedia.org/wiki/802.11x – Warner Jul 29 '10 at 13:52
  • Okay, cool. Thanks! Like I said, I'm no networking whiz - I just saw "802.somethingSomething" and thought you were talking about some WiFi protocol. Thanks! – loneboat Jul 29 '10 at 13:56
  • 1
    All the Wifi protocols (far as I know) are under `802.11`. 802 is actually networking in general. – MikeyB Jul 29 '10 at 14:56
0

you said you can access internal stuff but not external. it could just simply be a proxy server? Check your internet explorer options underneath connectivity! let me know how you get on!

JamesK
  • 1,646
  • 11
  • 19
0

There could well be some form of internal VPN automatically starting on your office machine - we have something similar meaning we can't just plug any old machine into our network.

Chopper3
  • 100,240
  • 9
  • 106
  • 238