Comments on: Safe Connect Bypass

By: CONTRA>

CONTRA> — Mon, 28 Feb 2011 15:19:45 +0000

Relevant: http://tcnjperspective.com/2010/11/01/safeconnect-security-or-spyware/

Also, I realize that the Iron Geek link in my prior posts might not work, so this is a good guide to follow: irongeek.com/i.php?page=security/osfuscate-change-your-windows-os-tcp-ip-fingerprint-to-confuse-p0f-networkminer-ettercap-nmap-and-other-os-detection-tools
Following that guide must be used in combination with User-agent spoofing, or else there is a good chance that your system will be detected as a liar relatively quickly.

I’m not sure how much Safeconnect can see without having installed the policy-key, NtwkAdmin, but I have to deal with some of the more harsh enforcements where I am and having Windows Update enabled while obfuscating my fingerprint and User-agent still has everything going smoothly.

By: Bigfish

Bigfish — Mon, 07 Feb 2011 09:09:12 +0000

Hey UCLA I tried to method to bypass Safeconnect which seem to work but I run into the problem where I keep having to reopen my user agent shortcut to stay connected has this been happening to you? If so did you find a fix or work around for it

By: Victor Huang

Victor Huang — Thu, 06 Jan 2011 03:53:40 +0000

Hi im also from ucla and have used your bypass to success, i was wondering what do u mean by your last comment. do u have to copy and paste it everytime i turn off my computer? Thanks

By: Austin

Austin — Wed, 05 Jan 2011 20:32:22 +0000

Is there a current working download link to this work around program? I’ve been fighting with this horrible program all morning, it keeps telling me I’m torrenting and blocking me for 10 minutes when I don’t even have a torrent program installed. My school also blocks skype and P2P on online games.

By: UCLA

UCLA — Sun, 02 Jan 2011 03:55:14 +0000

UCLA has actually taken this a step further and has announced to fully cooperate with RIAA in reporting students that download copyrighted material in dorms or graduate housing. Because you have to authenticate on a weekly basis, they now have proof that it was in fact you, which will be used against you in a trial. Here is what I did to bypass it (works at UCLA at Jan 1, 2011).

So basically, once you connect to the internet, either via wifi or with a cable, you cannot make any connections until you have opened a browser. The browser will then read your useragent, and foward you to the authentication and SafeConnect installer page. Once you have gone done so, your ip will be whitelisted, and you are redirected to a welcome page. Game consoles seem to be excepted, and are directly fowarded to the welcome page.

Using Google Chrome you can easily spoof your user agent without any additional tools. Simply start it like this:
C:\Users\TheDude\AppData\Local\Google\Chrome\Application\chrome.exe --user-agent="Mozilla/5.0 (PLAYSTATION 3 2.00)"

Note that this should be the first http request after connecting to the network. Once you have seen the welcome page, you can safely close Chrome, and then restart it without the –user-agent argument (as otherwise all websites think you are a PS3 which can cause problems).

What I did was to put a shortcut to the above location in my startup folder of my start menu. So now every time I open my computer, it will automatically open a browser to “authenticate” as a PS3.

By: Jessica

Jessica — Wed, 22 Dec 2010 01:39:54 +0000

Oh man, I hate Safe connect with a passion. I had to reinstall that stupid thing at least 20 times because it didn’t work right on my laptop.

By: Sigma

Sigma — Mon, 01 Nov 2010 15:50:16 +0000

Just wanted to say…this worked for me…thanks guys

By: NtwkAdmin

NtwkAdmin — Tue, 29 Jun 2010 18:46:08 +0000

I realize why people want to get around authenticating and having their machine scanned but one should look at what the Universities are ultimately after. We want to ensure that the network is safe from virus, worms, etc. and a well known way to help combat that is by having fully patched operating systems and anti virus programs. This means that my University is only using Safe Connect (in the past Clean Access) to ensure that users going out on our network have up to date anti virus and all security related Windows Updates installed. We are auditing whether firewalls are turned on but not enforcing that they be turned on at this time. As far as I can see, it does not show us anything about web traffic or screen shots showing the client computer. From what the tech’s told us, Safe Connect looks at what your operating system is doing, TCP Stack, User Agent string and services. This means that you can fool some of those attributes but if you have Windows Updates turned on and it discovers this, it will say there is an anomaly because it knows that Linux machines should not have the Windows Update service running. To address NAT routers, this is something I do not necessarily agree with because I wanted to run multiple machines and my Xbox in college but having multiple devices uses more bandwidth. If everyone starts plugging in more than 1 device, the network will slow down and the Help desk will get calls from students wondering why the internet is so slow. DUH, it’s because there are so many extra devices plugged in sucking up the bandwidth so not allowing this helps with the bandwidth issue. That’s all I know at this point.

By: CONTRA>

CONTRA> — Wed, 27 Jan 2010 23:53:45 +0000

not sure anon, but if it works be sure to let me know what you did!

By: anon

anon — Thu, 10 Dec 2009 22:26:36 +0000

wondering your thoughts about this approach….

safe connect at my school blocks all routers with NAT enabled.

I was wondering if installing dd-wrt on my wireless router and then trying to emulate a ps3 via mac address / tcp/ip foot print would be enough to circumvent having to log in… I have no experience with doing any of this as Mac address emulation used to be enough to get by the previous system…

any ideas? is this even easily done?