[windows2000] Re: How to tighten up your network - suggestions

  • From: Richard Bruce <richardbruce@xxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Thu, 26 Mar 2009 20:44:24 +0000

Where's that again???
 


Date: Thu, 26 Mar 2009 15:43:09 -0500
Subject: [windows2000] Re: How to tighten up your network - suggestions
From: gareese@xxxxxxxxx
To: windows2000@xxxxxxxxxxxxx

actually it is but I didn't want to make the rest of you feel bad.


On Thu, Mar 26, 2009 at 3:40 PM, Steve Snyder <kwajalein@xxxxxxxxx> wrote:

It's not where you work? :D





On Fri, Mar 27, 2009 at 8:24 AM, Greg Reese <gareese@xxxxxxxxx> wrote:

the problem is these kids have seen Swordfish too many times and think it's all 
Halle Berry and cool cars in IT.





On Thu, Mar 26, 2009 at 3:22 PM, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx> 
wrote:

Yeah, I got asked by my old school to come back and give them a hand
because their previous admin had been malicious and they needed to
tidy up their environment before handing it over to a new admin.

I found a couple of kids who were exploring the network because they
didn't understand it. I didn't give them console access they weren't
"admins", yes, getting them to do mundane tasks like replacing
keyboards, setting up new workstations, explaining the odd bits and
pieces to them wasn't wasted time for me (And besides, they are going
to school, so it's not like they are with you all day). This is all
new stuff for them, yeah sure, we have been doing it for 10 - 15 years
(If not more), and it's mundane for us, but for them it's something
that they haven't done before.

Once the kids knew that on their network (There was two, a staff
network, physically isolated by building area, somewhere they didn't
have access to), and they understood what was there, there wasn't
anything for them to explore. They also found some respect for the
purpose that it was there for.

Giving a student the ability to kill jobs on a print queue as opposed
to running the whole server are two totally different matters. I ended
up hiring a couple of the kids that came out of that school at a later
date because they started in IT because of what I did.




Berny

2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>:
> Ok, have you ever actually DONE this? Because in my experience that's NOT
> the way it works. That just gives them more opportunities to "explore". In
> many cases these kids don't think they're doing any harm because they're
> NOT "attacking" - just "looking around". Now I have them logging into
> servers, usually at the console in the server room, where they can pop a CD
> or floppy in and really do some damage? No thanks! And I have to supervise
> them? Sorry, I'm busy enough as it is. I don't have time to babysit. Unless
> it's REALLY simple stuff like replacing keyboards or setting up
> workstations, I just can't afford to make what I consider a bad investment
> of my time and effort
>
> My solution? I had a meeting with him, the principal, his parents, and the
> local cop. We explained exactly what the policy and the law says on this,
> and what would happen to him. Done. And word spread fast. They don't stand
> much of a chance getting a decent IT job with a criminal record.
>
>> Date: Thu, 26 Mar 2009 19:27:03 +0000
>> Subject: [windows2000] Re: How to tighten up your network - suggestions
>> From: berny@xxxxxxxxxxxxxxxxx
>> To: windows2000@xxxxxxxxxxxxx
>>
>> Would I TRUST them implicitly? No, it's not their job to be enforcing
>> stuff, nor do they have the knowledge or maturity to properly look
>> after it. But for 1 or 2 students who see things like network print
>> queues filling up all the time (Out of paper and people hitting print
>> 20 times because their job didn't come out straight away), and giving
>> them something to do (Helping you around the place in their spare
>> time, which also means that they are supervised) gives them a sense of
>> responsibility for the network, so they don't WANT to attack it so
>> much. They will ask you questions, and you will end up teaching them a
>> bit, but instead of them attacking the network to find an answer, they
>> ask a question. When they see or find something, they come to you
>> straight away with it.
>>
>> It's free and it gets them onside.
>>
>> Berny
>>
>> 2009/3/26 Richard Bruce <richardbruce@xxxxxxxxxxx>:
>> > I gotta go with the solution in Snyder's environment ;-)> I've dealt
>> > with
>> > kids like this before. No matter how many holes we plug, they'll
>> > find new
>> > ones. You can even put them to work - but would you TRUST them with your
>> > network or sensitive data? They ONLY way to put a stop to it have
>> > consequences for their actions - and impose them!
>> >
>> > Richard Eells
>> >
>> >> Date: Thu, 26 Mar 2009 18:30:00 +0000
>> >> Subject: [windows2000] Re: How to tighten up your network - suggestions
>> >> From: berny@xxxxxxxxxxxxxxxxx
>> >> To: windows2000@xxxxxxxxxxxxx
>> >>
>> >> OK,
>> >>
>> >> Maybe it's just me, but you gotta admit, that's inventive!
>> >>
>> >> I would be asking him if he has considered a career in IT
>> >>
>> >> Berny
>> >>
>> >> 2009/3/26 Patrick <london31uk@xxxxxxxxx>:
>> >> > ok guys, after some serious talking to, the kid has decided to let us
>> >> > in
>> >> > on
>> >> > some of his tricks.
>> >> >
>> >> >
>> >> >
>> >> > 1.      Download zip files allows him to get to the C: drive by being
>> >> > able
>> >> > to access the Temp Internet files.
>> >> >
>> >> > 2.      If he disconnects the computer from the network, it installs
>> >> > a
>> >> > local
>> >> > profile for him, giving him access to the C: drive and the “Run”
>> >> > command.
>> >> >
>> >> > 3.      He  runs a “compressed” cmd file from within PowerPoint.
>> >> >
>> >> > 4.      By running “Find Printer” he is able to find users accounts.
>> >> >
>> >> > 5.      He accesses “command.com” (the equivalent of cmd.exe).
>> >> >
>> >> > 6.      He runs cmd.exe to get to files on the servers.
>> >> >
>> >> >
>> >> >
>> >> > Should this kid not be studying, rather than keeping me busy?
>> >> >
>> >> >
>> >> > Anyway, just thought to share.
>> >> >
>> >> >
>> >> >
>> >> > Thanks
>> >> >
>> >> > Patrick
>> >> >
>> >> > ________________________________
>> >> > From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx>
>> >> > To: windows2000@xxxxxxxxxxxxx
>> >> > Sent: Wednesday, March 25, 2009 11:54:33 PM
>> >> > Subject: [windows2000] Re: How to tighten up your network -
>> >> > suggestions
>> >> >
>> >> > Yes I understand kids will be kids but it covers you.
>> >> > Jim Kenzig
>> >> > Blog: http://www.techblink.com
>> >> > Twitter: http://twitter.com/kenzig
>> >> > Twitter: http://twitter.com/InternetPilot
>> >> >
>> >> >
>> >> > On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx>
>> >> > wrote:
>> >> >>
>> >> >> Hi Jim,
>> >> >>
>> >> >> This is an idea I have suggested, and I think there is a good case
>> >> >> to
>> >> >> push
>> >> >> this forward. Whats I have found is that no matter how tight you try
>> >> >> to
>> >> >> make
>> >> >> things the kids will seek to break in. In most cases because they do
>> >> >> not
>> >> >> understand what the consequences could be if enforced.
>> >> >>
>> >> >> Really annoying.
>> >> >>
>> >> >>
>> >> >>
>> >> >> Thanks
>> >> >>
>> >> >> Patrick
>> >> >>
>> >> >> ________________________________
>> >> >> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx>
>> >> >> To: windows2000@xxxxxxxxxxxxx
>> >> >> Sent: Wednesday, March 25, 2009 1:59:44 PM
>> >> >> Subject: [windows2000] Re: How to tighten up your network -
>> >> >> suggestions
>> >> >>
>> >> >> Well I am not sure about Australia but here we do have computer
>> >> >> hacking
>> >> >> laws and a simple "Your current computer activity appears to
>> >> >> be illegal
>> >> >> and
>> >> >> you may be prosecuted if you do not cease and desist" dm to the
>> >> >> computer may
>> >> >> be enough.   You of course also make sure that you have a proper
>> >> >> logon
>> >> >> privacy message in place prior to logon that requires an OK click.
>> >> >> Here is ours:
>> >> >> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES ONLY!
>> >> >> Activities may be subject to monitoring, recording, and periodic
>> >> >> audits
>> >> >> The system and all content are property of CCPL and are NOT
>> >> >> considered
>> >> >> private.
>> >> >> The organization may access any users accounts or communications.
>> >> >> Anyone using this system expressly consents to the above and to all
>> >> >> CCPL
>> >> >> Policies and Rules regarding
>> >> >> computer and Internet use and security.
>> >> >>   OK
>> >> >>
>> >> >> This should cover you legally at least.
>> >> >> Regards
>> >> >> Jim Kenzig
>> >> >> Blog: http://www.techblink.com
>> >> >> Twitter: http://twitter.com/kenzig
>> >> >> Twitter: http://twitter.com/InternetPilot
>> >> >>
>> >> >>
>> >> >> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton
>> >> >> <berny@xxxxxxxxxxxxxxxxx>
>> >> >> wrote:
>> >> >>>
>> >> >>> Yes, it was actually regedit and they were modifying the SAM.
>> >> >>>
>> >> >>> Quite clever really, but a little frustrating.
>> >> >>>
>> >> >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp.
>> >> >>> <bcoffman@xxxxxxxxxxxxxxxx>:
>> >> >>> > Scheduled task can run in System context & allow someone to
>> >> >>> > launch a
>> >> >>> > cmd
>> >> >>> > prompt or something with basically full control of the system.
>> >> >>> >
>> >> >>> > -----Original Message-----
>> >> >>> > From: windows2000-bounce@xxxxxxxxxxxxx
>> >> >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin Srbu
>> >> >>> > Sent: Wednesday, March 25, 2009 3:39 AM
>> >> >>> > To: windows2000@xxxxxxxxxxxxx
>> >> >>> > Subject: [windows2000] Re: How to tighten up your network -
>> >> >>> > suggestions
>> >> >>> >
>> >> >>> > Could you please elaborate on the scheduler thing, what's that
>> >> >>> > about?
>> >> >>> > Thx.
>> >> >>> > --
>> >> >>> > /Sorin
>> >> >>> >
>> >> >>> >
>> >> >>> >>-----Original Message-----
>> >> >>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>> >> >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton
>> >> >>> >>Sent: Tuesday, March 24, 2009 9:38 PM
>> >> >>> >>To: windows2000@xxxxxxxxxxxxx
>> >> >>> >>Subject: [windows2000] Re: How to tighten up your network -
>> >> >>> >> suggestions
>> >> >>> >>
>> >> >>> >>Oh, turn off the scheduler. Keep your patches up to date. (That's
>> >> >>> >> the
>> >> >>> >>one that caught me)
>> >> >>> >
>> >> >>> >
>> >> >>> > **********************
>> >> >>> > To Unsubscribe, set digest or vacation
>> >> >>> > mode or view archives use the below link.
>> >> >>> >
>> >> >>> > http://www.freelists.org/list/windows2000
>> >> >>> >
>> >> >>> **********************
>> >> >>> To Unsubscribe, set digest or vacation
>> >> >>> mode or view archives use the below link.
>> >> >>>
>> >> >>> http://www.freelists.org/list/windows2000
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >> >
>> >> **********************
>> >> To Unsubscribe, set digest or vacation
>> >> mode or view archives use the below link.
>> >>
>> >> http://www.freelists.org/list/windows2000
>> >
>> > ________________________________
>> > Quick access to Windows Live and your favorite MSN content with Internet
>> > Explorer 8.
>> **********************
>> To Unsubscribe, set digest or vacation
>> mode or view archives use the below link.
>>
>> http://www.freelists.org/list/windows2000
>
> ________________________________
> Quick access to Windows Live and your favorite MSN content with Internet
> Explorer 8.
**********************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://www.freelists.org/list/windows2000




_________________________________________________________________
Express your personality in color! Preview and select themes for Hotmail®.
http://www.windowslive-hotmail.com/LearnMore/personalize.aspx?ocid=TXT_MSGTX_WL_HM_express_032009#colortheme

Other related posts: