It's not where you work? :D On Fri, Mar 27, 2009 at 8:24 AM, Greg Reese <gareese@xxxxxxxxx> wrote: > the problem is these kids have seen Swordfish too many times and think it's > all Halle Berry and cool cars in IT. > > > On Thu, Mar 26, 2009 at 3:22 PM, Berny Stapleton > <berny@xxxxxxxxxxxxxxxxx>wrote: > >> Yeah, I got asked by my old school to come back and give them a hand >> because their previous admin had been malicious and they needed to >> tidy up their environment before handing it over to a new admin. >> >> I found a couple of kids who were exploring the network because they >> didn't understand it. I didn't give them console access they weren't >> "admins", yes, getting them to do mundane tasks like replacing >> keyboards, setting up new workstations, explaining the odd bits and >> pieces to them wasn't wasted time for me (And besides, they are going >> to school, so it's not like they are with you all day). This is all >> new stuff for them, yeah sure, we have been doing it for 10 - 15 years >> (If not more), and it's mundane for us, but for them it's something >> that they haven't done before. >> >> Once the kids knew that on their network (There was two, a staff >> network, physically isolated by building area, somewhere they didn't >> have access to), and they understood what was there, there wasn't >> anything for them to explore. They also found some respect for the >> purpose that it was there for. >> >> Giving a student the ability to kill jobs on a print queue as opposed >> to running the whole server are two totally different matters. I ended >> up hiring a couple of the kids that came out of that school at a later >> date because they started in IT because of what I did. >> >> Berny >> >> 2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>: >> > Ok, have you ever actually DONE this? Because in my experience that's >> NOT >> > the way it works. That just gives them more opportunities to "explore". >> In >> > many cases these kids don't think they're doing any harm because they're >> > NOT "attacking" - just "looking around". Now I have them logging into >> > servers, usually at the console in the server room, where they can pop a >> CD >> > or floppy in and really do some damage? No thanks! And I have to >> supervise >> > them? Sorry, I'm busy enough as it is. I don't have time to >> babysit. Unless >> > it's REALLY simple stuff like replacing keyboards or setting up >> > workstations, I just can't afford to make what I consider a bad >> investment >> > of my time and effort >> > >> > My solution? I had a meeting with him, the principal, his parents, and >> the >> > local cop. We explained exactly what the policy and the law says on >> this, >> > and what would happen to him. Done. And word spread fast. They don't >> stand >> > much of a chance getting a decent IT job with a criminal record. >> > >> >> Date: Thu, 26 Mar 2009 19:27:03 +0000 >> >> Subject: [windows2000] Re: How to tighten up your network - suggestions >> >> From: berny@xxxxxxxxxxxxxxxxx >> >> To: windows2000@xxxxxxxxxxxxx >> >> >> >> Would I TRUST them implicitly? No, it's not their job to be enforcing >> >> stuff, nor do they have the knowledge or maturity to properly look >> >> after it. But for 1 or 2 students who see things like network print >> >> queues filling up all the time (Out of paper and people hitting print >> >> 20 times because their job didn't come out straight away), and giving >> >> them something to do (Helping you around the place in their spare >> >> time, which also means that they are supervised) gives them a sense of >> >> responsibility for the network, so they don't WANT to attack it so >> >> much. They will ask you questions, and you will end up teaching them a >> >> bit, but instead of them attacking the network to find an answer, they >> >> ask a question. When they see or find something, they come to you >> >> straight away with it. >> >> >> >> It's free and it gets them onside. >> >> >> >> Berny >> >> >> >> 2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>: >> >> > I gotta go with the solution in Snyder's environment ;-)> I've dealt >> >> > with >> >> > kids like this before. No matter how many holes we plug, they'll >> >> > find new >> >> > ones. You can even put them to work - but would you TRUST them with >> your >> >> > network or sensitive data? They ONLY way to put a stop to it have >> >> > consequences for their actions - and impose them! >> >> > >> >> > Richard Eells >> >> > >> >> >> Date: Thu, 26 Mar 2009 18:30:00 +0000 >> >> >> Subject: [windows2000] Re: How to tighten up your network - >> suggestions >> >> >> From: berny@xxxxxxxxxxxxxxxxx >> >> >> To: windows2000@xxxxxxxxxxxxx >> >> >> >> >> >> OK, >> >> >> >> >> >> Maybe it's just me, but you gotta admit, that's inventive! >> >> >> >> >> >> I would be asking him if he has considered a career in IT >> >> >> >> >> >> Berny >> >> >> >> >> >> 2009/3/26 Patrick <london31uk@xxxxxxxxx>: >> >> >> > ok guys, after some serious talking to, the kid has decided to let >> us >> >> >> > in >> >> >> > on >> >> >> > some of his tricks. >> >> >> > >> >> >> > >> >> >> > >> >> >> > 1. Download zip files allows him to get to the C: drive by >> being >> >> >> > able >> >> >> > to access the Temp Internet files. >> >> >> > >> >> >> > 2. If he disconnects the computer from the network, it >> installs >> >> >> > a >> >> >> > local >> >> >> > profile for him, giving him access to the C: drive and the “Run” >> >> >> > command. >> >> >> > >> >> >> > 3. He runs a “compressed” cmd file from within PowerPoint. >> >> >> > >> >> >> > 4. By running “Find Printer” he is able to find users >> accounts. >> >> >> > >> >> >> > 5. He accesses “command.com” (the equivalent of cmd.exe). >> >> >> > >> >> >> > 6. He runs cmd.exe to get to files on the servers. >> >> >> > >> >> >> > >> >> >> > >> >> >> > Should this kid not be studying, rather than keeping me busy? >> >> >> > >> >> >> > >> >> >> > Anyway, just thought to share. >> >> >> > >> >> >> > >> >> >> > >> >> >> > Thanks >> >> >> > >> >> >> > Patrick >> >> >> > >> >> >> > ________________________________ >> >> >> > From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx> >> >> >> > To: windows2000@xxxxxxxxxxxxx >> >> >> > Sent: Wednesday, March 25, 2009 11:54:33 PM >> >> >> > Subject: [windows2000] Re: How to tighten up your network - >> >> >> > suggestions >> >> >> > >> >> >> > Yes I understand kids will be kids but it covers you. >> >> >> > Jim Kenzig >> >> >> > Blog: http://www.techblink.com >> >> >> > Twitter: http://twitter.com/kenzig >> >> >> > Twitter: http://twitter.com/InternetPilot >> >> >> > >> >> >> > >> >> >> > On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx> >> >> >> > wrote: >> >> >> >> >> >> >> >> Hi Jim, >> >> >> >> >> >> >> >> This is an idea I have suggested, and I think there is a good >> case >> >> >> >> to >> >> >> >> push >> >> >> >> this forward. Whats I have found is that no matter how tight you >> try >> >> >> >> to >> >> >> >> make >> >> >> >> things the kids will seek to break in. In most cases because they >> do >> >> >> >> not >> >> >> >> understand what the consequences could be if enforced. >> >> >> >> >> >> >> >> Really annoying. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Thanks >> >> >> >> >> >> >> >> Patrick >> >> >> >> >> >> >> >> ________________________________ >> >> >> >> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx> >> >> >> >> To: windows2000@xxxxxxxxxxxxx >> >> >> >> Sent: Wednesday, March 25, 2009 1:59:44 PM >> >> >> >> Subject: [windows2000] Re: How to tighten up your network - >> >> >> >> suggestions >> >> >> >> >> >> >> >> Well I am not sure about Australia but here we do have computer >> >> >> >> hacking >> >> >> >> laws and a simple "Your current computer activity appears to >> >> >> >> be illegal >> >> >> >> and >> >> >> >> you may be prosecuted if you do not cease and desist" dm to the >> >> >> >> computer may >> >> >> >> be enough. You of course also make sure that you have a proper >> >> >> >> logon >> >> >> >> privacy message in place prior to logon that requires an OK >> click. >> >> >> >> Here is ours: >> >> >> >> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES ONLY! >> >> >> >> Activities may be subject to monitoring, recording, and periodic >> >> >> >> audits >> >> >> >> The system and all content are property of CCPL and are NOT >> >> >> >> considered >> >> >> >> private. >> >> >> >> The organization may access any users accounts or communications. >> >> >> >> Anyone using this system expressly consents to the above and to >> all >> >> >> >> CCPL >> >> >> >> Policies and Rules regarding >> >> >> >> computer and Internet use and security. >> >> >> >> OK >> >> >> >> >> >> >> >> This should cover you legally at least. >> >> >> >> Regards >> >> >> >> Jim Kenzig >> >> >> >> Blog: http://www.techblink.com >> >> >> >> Twitter: http://twitter.com/kenzig >> >> >> >> Twitter: http://twitter.com/InternetPilot >> >> >> >> >> >> >> >> >> >> >> >> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton >> >> >> >> <berny@xxxxxxxxxxxxxxxxx> >> >> >> >> wrote: >> >> >> >>> >> >> >> >>> Yes, it was actually regedit and they were modifying the SAM. >> >> >> >>> >> >> >> >>> Quite clever really, but a little frustrating. >> >> >> >>> >> >> >> >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp. >> >> >> >>> <bcoffman@xxxxxxxxxxxxxxxx>: >> >> >> >>> > Scheduled task can run in System context & allow someone to >> >> >> >>> > launch a >> >> >> >>> > cmd >> >> >> >>> > prompt or something with basically full control of the system. >> >> >> >>> > >> >> >> >>> > -----Original Message----- >> >> >> >>> > From: windows2000-bounce@xxxxxxxxxxxxx >> >> >> >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin >> Srbu >> >> >> >>> > Sent: Wednesday, March 25, 2009 3:39 AM >> >> >> >>> > To: windows2000@xxxxxxxxxxxxx >> >> >> >>> > Subject: [windows2000] Re: How to tighten up your network - >> >> >> >>> > suggestions >> >> >> >>> > >> >> >> >>> > Could you please elaborate on the scheduler thing, what's that >> >> >> >>> > about? >> >> >> >>> > Thx. >> >> >> >>> > -- >> >> >> >>> > /Sorin >> >> >> >>> > >> >> >> >>> > >> >> >> >>> >>-----Original Message----- >> >> >> >>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000- >> >> >> >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton >> >> >> >>> >>Sent: Tuesday, March 24, 2009 9:38 PM >> >> >> >>> >>To: windows2000@xxxxxxxxxxxxx >> >> >> >>> >>Subject: [windows2000] Re: How to tighten up your network - >> >> >> >>> >> suggestions >> >> >> >>> >> >> >> >> >>> >>Oh, turn off the scheduler. Keep your patches up to date. >> (That's >> >> >> >>> >> the >> >> >> >>> >>one that caught me) >> >> >> >>> > >> >> >> >>> > >> >> >> >>> > ********************** >> >> >> >>> > To Unsubscribe, set digest or vacation >> >> >> >>> > mode or view archives use the below link. >> >> >> >>> > >> >> >> >>> > //www.freelists.org/list/windows2000 >> >> >> >>> > >> >> >> >>> ********************** >> >> >> >>> To Unsubscribe, set digest or vacation >> >> >> >>> mode or view archives use the below link. >> >> >> >>> >> >> >> >>> //www.freelists.org/list/windows2000 >> >> >> >> >> >> >> >> >> >> >> > >> >> >> > >> >> >> > >> >> >> ********************** >> >> >> To Unsubscribe, set digest or vacation >> >> >> mode or view archives use the below link. >> >> >> >> >> >> //www.freelists.org/list/windows2000 >> >> > >> >> > ________________________________ >> >> > Quick access to Windows Live and your favorite MSN content with >> Internet >> >> > Explorer 8. >> >> ********************** >> >> To Unsubscribe, set digest or vacation >> >> mode or view archives use the below link. >> >> >> >> //www.freelists.org/list/windows2000 >> > >> > ________________________________ >> > Quick access to Windows Live and your favorite MSN content with Internet >> > Explorer 8. >> ********************** >> To Unsubscribe, set digest or vacation >> mode or view archives use the below link. >> >> //www.freelists.org/list/windows2000 >> > >