Originally Posted by
Nosferattu
I really don't even want to go into all the ways this can backfire even if you do all the steps to not get caught. I was also the Tech's assistant at my school so heres what I learned.
The servers that you login to log what user is logged in, so example if your name is John Doe and you're connected to the network it would show up as NetWorkID/JohnDoe or (assuming that SSD was the server your connecting to it would be SSD/JohnDoe) so if they see a strange account connecting to their server guess what? There gunna call the school and tell them the IP address of the computer and tell them to find it, then you're screwed. When we were setting up the school over the summer for the next school year we had a systematic way to set up the IP's all over the school. 6 Wings in the school (200, 300 400, 250, 350, 450) so the IP format would be 10.6.20.X for the 200 wing, 10.6.30.X for the 300 wing etc. There were ~5 rooms in each wing with at least one computer lab in each wing that has 31 computers in it. So starting with the first room to the left in each wing we would just work up the numbers, so example for the 200 wing would be 10.6.20.1, 10.6.20.2 etc. So it wouldn't be hard to locate the IP address of the computer you're using if the techs at your school are half smart. So creating a new user account to login with really isn't a great idea because you will get caught as soon as someone looks at the Network log on the server machine (which they do I promise.)
And next the ping thing. Yes you can ping a website and yes you can connect to that website using the response you get from the ping. But heres the thing, when you go to a website, say myspace.. this is what you would get (sorry for the wall of text this is turning into)
Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:Users***>ping myspace.com
Pinging myspace.com [216.178.38.104] with 32 bytes of data:
Reply from 216.178.38.104: bytes=32 time=80ms TTL=244
Reply from 216.178.38.104: bytes=32 time=98ms TTL=244
Reply from 216.178.38.104: bytes=32 time=93ms TTL=244
Reply from 216.178.38.104: bytes=32 time=92ms TTL=244
Ping statistics for 216.178.38.104:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 80ms, Maximum = 98ms, Average = 90ms
C:Users***>
Ok so Myspace has an IP address of 216.178.38.104, and you can now access the homepage, but heres the catch. When you try to login its going to redirect you to home.myspace.com which will be blocked because its not longer the IP address of the site.
If you get caught you won't be able to touch a computer in your school for the rest of the year. Face possible suspension/Expulsion and/or legal issues because hacking in the United States of America is a federal offense, and hacking a school server is even more serious offense.
A kid at my school during my junior year decided that he was going to use a program called RockXP to get the encrypted password for the local administrator account on a computer. He sent that encrypted password to a site to have it decrypted and then logged in at school just to see if it works. The tech saw that an admin was logged in and knew there weren't any other techs at the school and went and nailed the kid for it. He was expelled from the school, and was carried off in handcuffs. The school didn't press charges because of the fact he didn't try to do anything malicious, but he was still in jail for the night and wasn't allowed back in the school.
So long story short, don't try to hack a school server, stupid idea, and not worth the short-term benefits you might gain.