actually it is but I didn't want to make the rest of you feel bad. On Thu, Mar 26, 2009 at 3:40 PM, Steve Snyder <kwajalein@xxxxxxxxx> wrote: > It's not where you work? :D > > > On Fri, Mar 27, 2009 at 8:24 AM, Greg Reese <gareese@xxxxxxxxx> wrote: > >> the problem is these kids have seen Swordfish too many times and think >> it's all Halle Berry and cool cars in IT. >> >> >> On Thu, Mar 26, 2009 at 3:22 PM, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx >> > wrote: >> >>> Yeah, I got asked by my old school to come back and give them a hand >>> because their previous admin had been malicious and they needed to >>> tidy up their environment before handing it over to a new admin. >>> >>> I found a couple of kids who were exploring the network because they >>> didn't understand it. I didn't give them console access they weren't >>> "admins", yes, getting them to do mundane tasks like replacing >>> keyboards, setting up new workstations, explaining the odd bits and >>> pieces to them wasn't wasted time for me (And besides, they are going >>> to school, so it's not like they are with you all day). This is all >>> new stuff for them, yeah sure, we have been doing it for 10 - 15 years >>> (If not more), and it's mundane for us, but for them it's something >>> that they haven't done before. >>> >>> Once the kids knew that on their network (There was two, a staff >>> network, physically isolated by building area, somewhere they didn't >>> have access to), and they understood what was there, there wasn't >>> anything for them to explore. They also found some respect for the >>> purpose that it was there for. >>> >>> Giving a student the ability to kill jobs on a print queue as opposed >>> to running the whole server are two totally different matters. I ended >>> up hiring a couple of the kids that came out of that school at a later >>> date because they started in IT because of what I did. >>> >>> Berny >>> >>> 2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>: >>> > Ok, have you ever actually DONE this? Because in my experience that's >>> NOT >>> > the way it works. That just gives them more opportunities to "explore". >>> In >>> > many cases these kids don't think they're doing any harm because >>> they're >>> > NOT "attacking" - just "looking around". Now I have them logging into >>> > servers, usually at the console in the server room, where they can pop >>> a CD >>> > or floppy in and really do some damage? No thanks! And I have to >>> supervise >>> > them? Sorry, I'm busy enough as it is. I don't have time to >>> babysit. Unless >>> > it's REALLY simple stuff like replacing keyboards or setting up >>> > workstations, I just can't afford to make what I consider a bad >>> investment >>> > of my time and effort >>> > >>> > My solution? I had a meeting with him, the principal, his parents, and >>> the >>> > local cop. We explained exactly what the policy and the law says on >>> this, >>> > and what would happen to him. Done. And word spread fast. They don't >>> stand >>> > much of a chance getting a decent IT job with a criminal record. >>> > >>> >> Date: Thu, 26 Mar 2009 19:27:03 +0000 >>> >> Subject: [windows2000] Re: How to tighten up your network - >>> suggestions >>> >> From: berny@xxxxxxxxxxxxxxxxx >>> >> To: windows2000@xxxxxxxxxxxxx >>> >> >>> >> Would I TRUST them implicitly? No, it's not their job to be enforcing >>> >> stuff, nor do they have the knowledge or maturity to properly look >>> >> after it. But for 1 or 2 students who see things like network print >>> >> queues filling up all the time (Out of paper and people hitting print >>> >> 20 times because their job didn't come out straight away), and giving >>> >> them something to do (Helping you around the place in their spare >>> >> time, which also means that they are supervised) gives them a sense of >>> >> responsibility for the network, so they don't WANT to attack it so >>> >> much. They will ask you questions, and you will end up teaching them a >>> >> bit, but instead of them attacking the network to find an answer, they >>> >> ask a question. When they see or find something, they come to you >>> >> straight away with it. >>> >> >>> >> It's free and it gets them onside. >>> >> >>> >> Berny >>> >> >>> >> 2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>: >>> >> > I gotta go with the solution in Snyder's environment ;-)> I've dealt >>> >> > with >>> >> > kids like this before. No matter how many holes we plug, they'll >>> >> > find new >>> >> > ones. You can even put them to work - but would you TRUST them with >>> your >>> >> > network or sensitive data? They ONLY way to put a stop to it have >>> >> > consequences for their actions - and impose them! >>> >> > >>> >> > Richard Eells >>> >> > >>> >> >> Date: Thu, 26 Mar 2009 18:30:00 +0000 >>> >> >> Subject: [windows2000] Re: How to tighten up your network - >>> suggestions >>> >> >> From: berny@xxxxxxxxxxxxxxxxx >>> >> >> To: windows2000@xxxxxxxxxxxxx >>> >> >> >>> >> >> OK, >>> >> >> >>> >> >> Maybe it's just me, but you gotta admit, that's inventive! >>> >> >> >>> >> >> I would be asking him if he has considered a career in IT >>> >> >> >>> >> >> Berny >>> >> >> >>> >> >> 2009/3/26 Patrick <london31uk@xxxxxxxxx>: >>> >> >> > ok guys, after some serious talking to, the kid has decided to >>> let us >>> >> >> > in >>> >> >> > on >>> >> >> > some of his tricks. >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> > 1. Download zip files allows him to get to the C: drive by >>> being >>> >> >> > able >>> >> >> > to access the Temp Internet files. >>> >> >> > >>> >> >> > 2. If he disconnects the computer from the network, it >>> installs >>> >> >> > a >>> >> >> > local >>> >> >> > profile for him, giving him access to the C: drive and the “Run” >>> >> >> > command. >>> >> >> > >>> >> >> > 3. He runs a “compressed” cmd file from within PowerPoint. >>> >> >> > >>> >> >> > 4. By running “Find Printer” he is able to find users >>> accounts. >>> >> >> > >>> >> >> > 5. He accesses “command.com” (the equivalent of cmd.exe). >>> >> >> > >>> >> >> > 6. He runs cmd.exe to get to files on the servers. >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> > Should this kid not be studying, rather than keeping me busy? >>> >> >> > >>> >> >> > >>> >> >> > Anyway, just thought to share. >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> > Thanks >>> >> >> > >>> >> >> > Patrick >>> >> >> > >>> >> >> > ________________________________ >>> >> >> > From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx> >>> >> >> > To: windows2000@xxxxxxxxxxxxx >>> >> >> > Sent: Wednesday, March 25, 2009 11:54:33 PM >>> >> >> > Subject: [windows2000] Re: How to tighten up your network - >>> >> >> > suggestions >>> >> >> > >>> >> >> > Yes I understand kids will be kids but it covers you. >>> >> >> > Jim Kenzig >>> >> >> > Blog: http://www.techblink.com >>> >> >> > Twitter: http://twitter.com/kenzig >>> >> >> > Twitter: http://twitter.com/InternetPilot >>> >> >> > >>> >> >> > >>> >> >> > On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx> >>> >> >> > wrote: >>> >> >> >> >>> >> >> >> Hi Jim, >>> >> >> >> >>> >> >> >> This is an idea I have suggested, and I think there is a good >>> case >>> >> >> >> to >>> >> >> >> push >>> >> >> >> this forward. Whats I have found is that no matter how tight you >>> try >>> >> >> >> to >>> >> >> >> make >>> >> >> >> things the kids will seek to break in. In most cases because >>> they do >>> >> >> >> not >>> >> >> >> understand what the consequences could be if enforced. >>> >> >> >> >>> >> >> >> Really annoying. >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> Thanks >>> >> >> >> >>> >> >> >> Patrick >>> >> >> >> >>> >> >> >> ________________________________ >>> >> >> >> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx> >>> >> >> >> To: windows2000@xxxxxxxxxxxxx >>> >> >> >> Sent: Wednesday, March 25, 2009 1:59:44 PM >>> >> >> >> Subject: [windows2000] Re: How to tighten up your network - >>> >> >> >> suggestions >>> >> >> >> >>> >> >> >> Well I am not sure about Australia but here we do have computer >>> >> >> >> hacking >>> >> >> >> laws and a simple "Your current computer activity appears to >>> >> >> >> be illegal >>> >> >> >> and >>> >> >> >> you may be prosecuted if you do not cease and desist" dm to the >>> >> >> >> computer may >>> >> >> >> be enough. You of course also make sure that you have a proper >>> >> >> >> logon >>> >> >> >> privacy message in place prior to logon that requires an OK >>> click. >>> >> >> >> Here is ours: >>> >> >> >> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES >>> ONLY! >>> >> >> >> Activities may be subject to monitoring, recording, and periodic >>> >> >> >> audits >>> >> >> >> The system and all content are property of CCPL and are NOT >>> >> >> >> considered >>> >> >> >> private. >>> >> >> >> The organization may access any users accounts or >>> communications. >>> >> >> >> Anyone using this system expressly consents to the above and to >>> all >>> >> >> >> CCPL >>> >> >> >> Policies and Rules regarding >>> >> >> >> computer and Internet use and security. >>> >> >> >> OK >>> >> >> >> >>> >> >> >> This should cover you legally at least. >>> >> >> >> Regards >>> >> >> >> Jim Kenzig >>> >> >> >> Blog: http://www.techblink.com >>> >> >> >> Twitter: http://twitter.com/kenzig >>> >> >> >> Twitter: http://twitter.com/InternetPilot >>> >> >> >> >>> >> >> >> >>> >> >> >> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton >>> >> >> >> <berny@xxxxxxxxxxxxxxxxx> >>> >> >> >> wrote: >>> >> >> >>> >>> >> >> >>> Yes, it was actually regedit and they were modifying the SAM. >>> >> >> >>> >>> >> >> >>> Quite clever really, but a little frustrating. >>> >> >> >>> >>> >> >> >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp. >>> >> >> >>> <bcoffman@xxxxxxxxxxxxxxxx>: >>> >> >> >>> > Scheduled task can run in System context & allow someone to >>> >> >> >>> > launch a >>> >> >> >>> > cmd >>> >> >> >>> > prompt or something with basically full control of the >>> system. >>> >> >> >>> > >>> >> >> >>> > -----Original Message----- >>> >> >> >>> > From: windows2000-bounce@xxxxxxxxxxxxx >>> >> >> >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin >>> Srbu >>> >> >> >>> > Sent: Wednesday, March 25, 2009 3:39 AM >>> >> >> >>> > To: windows2000@xxxxxxxxxxxxx >>> >> >> >>> > Subject: [windows2000] Re: How to tighten up your network - >>> >> >> >>> > suggestions >>> >> >> >>> > >>> >> >> >>> > Could you please elaborate on the scheduler thing, what's >>> that >>> >> >> >>> > about? >>> >> >> >>> > Thx. >>> >> >> >>> > -- >>> >> >> >>> > /Sorin >>> >> >> >>> > >>> >> >> >>> > >>> >> >> >>> >>-----Original Message----- >>> >> >> >>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000- >>> >> >> >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton >>> >> >> >>> >>Sent: Tuesday, March 24, 2009 9:38 PM >>> >> >> >>> >>To: windows2000@xxxxxxxxxxxxx >>> >> >> >>> >>Subject: [windows2000] Re: How to tighten up your network - >>> >> >> >>> >> suggestions >>> >> >> >>> >> >>> >> >> >>> >>Oh, turn off the scheduler. Keep your patches up to date. >>> (That's >>> >> >> >>> >> the >>> >> >> >>> >>one that caught me) >>> >> >> >>> > >>> >> >> >>> > >>> >> >> >>> > ********************** >>> >> >> >>> > To Unsubscribe, set digest or vacation >>> >> >> >>> > mode or view archives use the below link. >>> >> >> >>> > >>> >> >> >>> > //www.freelists.org/list/windows2000 >>> >> >> >>> > >>> >> >> >>> ********************** >>> >> >> >>> To Unsubscribe, set digest or vacation >>> >> >> >>> mode or view archives use the below link. >>> >> >> >>> >>> >> >> >>> //www.freelists.org/list/windows2000 >>> >> >> >> >>> >> >> >> >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> ********************** >>> >> >> To Unsubscribe, set digest or vacation >>> >> >> mode or view archives use the below link. >>> >> >> >>> >> >> //www.freelists.org/list/windows2000 >>> >> > >>> >> > ________________________________ >>> >> > Quick access to Windows Live and your favorite MSN content with >>> Internet >>> >> > Explorer 8. >>> >> ********************** >>> >> To Unsubscribe, set digest or vacation >>> >> mode or view archives use the below link. >>> >> >>> >> //www.freelists.org/list/windows2000 >>> > >>> > ________________________________ >>> > Quick access to Windows Live and your favorite MSN content with >>> Internet >>> > Explorer 8. >>> ********************** >>> To Unsubscribe, set digest or vacation >>> mode or view archives use the below link. >>> >>> //www.freelists.org/list/windows2000 >>> >> >> >