[windows2000] Re: How to tighten up your network - suggestions

  • From: Patrick <london31uk@xxxxxxxxx>
  • To: windows2000@xxxxxxxxxxxxx
  • Date: Thu, 26 Mar 2009 10:12:14 -0700 (PDT)

ok guys, after some serious talking to, the kid has decided to let us in on 
some of his tricks.


1.      Download zip files allows him to get to the C: drive by being able to 
access the Temp Internet files.
2.      If he disconnects the computer from the network, it installs a local 
profile for him, giving him access to the C: drive and the “Run” command.
3.      He  runs a “compressed” cmd file from within PowerPoint.
4.      By running “Find Printer” he is able to find users accounts.
5.      He accesses “command.com” (the equivalent of cmd.exe).
6.      He runs cmd.exe to get to files on the servers.
 
Should this kid not be studying, rather than keeping me busy? 


Anyway, just thought to share.



Thanks

Patrick




________________________________
From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx>
To: windows2000@xxxxxxxxxxxxx
Sent: Wednesday, March 25, 2009 11:54:33 PM
Subject: [windows2000] Re: How to tighten up your network - suggestions

Yes I understand kids will be kids but it covers you. 
Jim Kenzig 
Blog: http://www.techblink.com
Twitter: http://twitter.com/kenzig
Twitter: http://twitter.com/InternetPilot



On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx> wrote:

Hi Jim,

This is an idea I have suggested, and I think there is a good case to push this 
forward. Whats I have found is that no matter how tight you try to make things 
the kids will seek to break in. In most cases because they do not understand 
what the consequences could be if enforced.

Really annoying.



Thanks

Patrick




________________________________
From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx>
To: windows2000@xxxxxxxxxxxxx
Sent: Wednesday, March 25, 2009 1:59:44 PM 

Subject: [windows2000] Re: How to tighten up your network - suggestions



Well I am not sure about Australia but here we do have computer hacking laws 
and a simple "Your current computer activity appears to be illegal and you may 
be prosecuted if you do not cease and desist" dm to the computer may be 
enough.   You of course also make sure that you have a proper logon privacy 
message in place prior to logon that requires an OK click. 
Here is ours:

THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES ONLY!
Activities may be subject to monitoring, recording, and periodic audits
The system and all content are property of CCPL and are NOT considered private.
The organization may access any users accounts or communications.
Anyone using this system expressly consents to the above and to all CCPL 
Policies and Rules regarding
computer and Internet use and security. 
  OK

This should cover you legally at least. 
Regards
Jim Kenzig 
Blog: http://www.techblink.com
Twitter: http://twitter.com/kenzig
Twitter: http://twitter.com/InternetPilot



On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx> 
wrote:

Yes, it was actually regedit and they were modifying the SAM.

Quite clever really, but a little frustrating.

2009/3/25 Robert K Coffman Jr. -Info From Data Corp.
<bcoffman@xxxxxxxxxxxxxxxx>:

> Scheduled task can run in System context & allow someone to launch a cmd
> prompt or something with basically full control of the system.
>
> -----Original Message-----
> From: windows2000-bounce@xxxxxxxxxxxxx
> [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin Srbu
> Sent: Wednesday, March 25, 2009 3:39 AM
> To: windows2000@xxxxxxxxxxxxx
> Subject: [windows2000] Re: How to tighten up your network - suggestions
>
> Could you please elaborate on the scheduler thing, what's that about? Thx.
> --
> /Sorin
>
>
>>-----Original Message-----
>>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton
>>Sent: Tuesday, March 24, 2009 9:38 PM
>>To: windows2000@xxxxxxxxxxxxx
>>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>
>>Oh, turn off the scheduler. Keep your patches up to date. (That's the
>>one that caught me)
>
>
> **********************
> To Unsubscribe, set digest or vacation
> mode or view archives use the below link.
>
> http://www.freelists.org/list/windows2000
>
**********************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://www.freelists.org/list/windows2000


      

Other related posts: