[windows2000] Re: How to tighten up your network - suggestions

  • From: Greg Reese <gareese@xxxxxxxxx>
  • To: windows2000@xxxxxxxxxxxxx
  • Date: Tue, 31 Mar 2009 08:54:26 -0500

the VP will get it when his account gets hacked by this kid.

I should have thought of this sooner but for some great guidance on locking
down a network.  Look at the DISA STIGs.  They are for DoD networks but
anyone can read over them and apply the same settings to their networks.
http://iase.disa.mil/stigs/index.html  Be careful though, if you implement
these to the fullest extent, your network will be inaccessible.  They have
ready made templates, GPO reports, testing scripts, all kinds of good stuff.

Greg

On Tue, Mar 31, 2009 at 7:45 AM, Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>wrote:

> "Boys will be boys"? I don't think the vice principal quite gets it either,
> or so it would seem... At least that's not the way it works with IT. Who
> know where it will stop unless somebody puts the foot down, as it were.
>
> --
> /Sorin
>
>
> >-----Original Message-----
> >From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
> >bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
> >Sent: Tuesday, March 31, 2009 2:31 PM
> >To: windows2000@xxxxxxxxxxxxx
> >Subject: [windows2000] Re: How to tighten up your network - suggestions
> >
> >The vice principal doesnt seem qucite keen to push this forward, I am
> having to write
> >up a report and hand it to the ICT director. I think is it up to them to
> decide what
> >happens next
> >
> >
> >________________________________
> >
> >From: Berny Stapleton <berny@xxxxxxxxxxxxxxxxx>
> >To: windows2000@xxxxxxxxxxxxx
> >Sent: Tuesday, March 31, 2009 12:36:54 PM
> >Subject: [windows2000] Re: How to tighten up your network - suggestions
> >
> >I would certainly becoming up on time to take the toy away. A brief
> >discussion with his parent(s) might be an option too.
> >
> >2009/3/31 Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>:
> >> You can never win this, with less than banning this kid totally, remove
> his account
> >etc. Even then, he'll use somebody else's account instead. If he won't
> take the hint, I
> >don't know what else you *can* do. Had the parents and police been
> informed? If
> >that's what it takes... 8-/
> >>
> >> --
> >> /Sorin
> >>
> >>>-----Original Message-----
> >>>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
> >>>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
> >>>Sent: Tuesday, March 31, 2009 1:18 PM
> >>>To: windows2000@xxxxxxxxxxxxx
> >>>Subject: [windows2000] Re: How to tighten up your network - suggestions
> >>>
> >>>Thanks guys. This is such a major issue, even after the little brat has
> been
> >warned,
> >>>he got onto the next computer and started again. Taking up our time
> monitoring
> >him,
> >>>we know that even with restrictions on his account he has access to
> other
> >students
> >>>accounts. We have decided to lockdown his account to only the time he
> has ICT
> >>>related lessons which is 6 time a week for about 1 hr. Even with that he
> is
> >spending
> >>>time trying to get in. Anyway tha ballte continues.
> >>>
> >>>Thanks
> >>>
> >>>Patrick
> >>>
> >>>
> >>>________________________________
> >>>
> >>>From: Richard Bruce <richardbruce@xxxxxxxxxxx>
> >>>To: windows2000@xxxxxxxxxxxxx
> >>>Sent: Monday, March 30, 2009 3:42:00 PM
> >>>Subject: [windows2000] Re: How to tighten up your network - suggestions
> >>>
> >>>Sorin,
> >>>
> >>>My experience has been similiar with that age group ;-) however, that's
> not what
> >I'm
> >>>referring to.
> >>>
> >>>Most of these young wiz kids/hackers have already figured out how to
> network
> >>>computers. I don't think you could give them a "playground" that would
> satisfy
> >their
> >>>curiosity as to how "real" networks run. And their desire to access
> information
> >they
> >>>have no right to access.
> >>>
> >>>I'm interested in networks, too. That doesn't mean I can hack my way
> around my
> >>>employer's network. Not if I want to keep my job.
> >>>
> >>>Richard
> >>>
> >>>> From: sorin.srbu@xxxxxxxxxxxxx
> >>>> To: windows2000@xxxxxxxxxxxxx
> >>>> Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> Date: Mon, 30 Mar 2009 13:05:27 +0200
> >>>>
> >>>> I guess a nudge in the "proper" direction is all you can do. The rest
> is up to
> >them.
> >>>8-)
> >>>>
> >>>> I've worked as a teacher with pupils age 14-16 for about two years at
> a school. I
> >>>haven't met anyone that knows anything about a career plan, much less a
> pupil
> >that
> >>>listens to anything a grown-up suggests about something that's years
> ahead in
> >the
> >>>future. Their attention-span is minutes ahead of the moment, if that.
> I'm generalish
> >I
> >>>know, but it's still a rather significant fact. ;-)
> >>>> --
> >>>> /Sorin
> >>>>
> >>>>
> >>>> >-----Original Message-----
> >>>> >From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
> >>>> >bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
> >>>> >Sent: Monday, March 30, 2009 11:17 AM
> >>>> >To: windows2000@xxxxxxxxxxxxx
> >>>> >Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >
> >>>> >True, but I think the emphasis would be on helping them channel their
> ability in
> >>>the
> >>>> >right direction. What you might find is that these kids have a talent
> which we
> >can
> >>>help
> >>>> >harness, and direct. This might potentially help them with a
> meaningful career
> >in
> >>>the
> >>>> >future. What we tend to see is raw talent, unproductive and
> mis-directed.
> >>>> >This particular kid wants a career in IT, but I am very sure he
> doesnt know
> >what.
> >>>> >This might help him channel his thoughts in the right direction, and
> be better
> >>>informed
> >>>> >when he makes his choice.
> >>>> >
> >>>> >But then, I might be wrong, and we might just be dealing with
> seasoned
> >Hackers.
> >>>> >
> >>>> >
> >>>> >Thanks
> >>>> >
> >>>> >Patrick
> >>>> >
> >>>> >
> >>>> >________________________________
> >>>> >
> >>>> >From: Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>
> >>>> >To: windows2000@xxxxxxxxxxxxx
> >>>> >Sent: Monday, March 30, 2009 7:49:23 AM
> >>>> >Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >
> >>>> >The risk here is that as soon as it's something organized by adults,
> the chase
> >>>loses
> >>>> >its attraction. OTOH, setting up a lab-network and telling them to
> hack this and
> >>>this
> >>>> >computer and find a file containing this particular text, might set
> them off.
> >Kinda'
> >>>like
> >>>> >a treasure hunt. The coin has two sides though, as always. They might
> use
> >the
> >>>> >same techniques to hack you sharp production network, "just to see if
> it's
> >>>possible".
> >>>> >;-)
> >>>> >
> >>>> >--
> >>>> >/Sorin
> >>>> >
> >>>> >
> >>>> >>-----Original Message-----
> >>>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
> >>>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
> >>>> >>Sent: Saturday, March 28, 2009 7:17 AM
> >>>> >>To: windows2000@xxxxxxxxxxxxx
> >>>> >>Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >>
> >>>> >>He must be about 15/16. Cos there was the talk of him taking his
> final
> >exams. I
> >>>am
> >>>> >>begining to notice a trend in all the schools I support. We seem to
> have about
> >3
> >>>or 4
> >>>> >>kids that are good @ things like that. Well these are kids we know,
> and I am
> >>>> >thinking
> >>>> >>of suggesting setting up a special technology group to help them
> chanel thier
> >gift
> >>>> >>constructively.
> >>>> >>I might create a mini lab/ network with a dozen old pcs, and get
> them to play
> >>>and
> >>>> >>reaaly focusing and directing thier intelligent on good. Not sure
> how the
> >>>principals
> >>>> >>would take that, but I sure will suggest this to the IT director.
> >>>> >>
> >>>> >>
> >>>> >>Patrick
> >>>> >>
> >>>> >>
> >>>> >>________________________________
> >>>> >>
> >>>> >>From: Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>
> >>>> >>To: windows2000@xxxxxxxxxxxxx
> >>>> >>Sent: Friday, March 27, 2009 8:10:27 AM
> >>>> >>Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >>
> >>>> >>Nice, and also rather ingenious IMO!
> >>>> >>
> >>>> >>How old kid(s) are we speaking?
> >>>> >>
> >>>> >>--
> >>>> >>/Sorin
> >>>> >>
> >>>> >>
> >>>> >>>-----Original Message-----
> >>>> >>>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
> >>>> >>>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
> >>>> >>>Sent: Thursday, March 26, 2009 6:12 PM
> >>>> >>>To: windows2000@xxxxxxxxxxxxx
> >>>> >>>Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >>>
> >>>> >>>ok guys, after some serious talking to, the kid has decided to let
> us in on
> >some
> >>>of
> >>>> >>his
> >>>> >>>tricks.
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>1. Download zip files allows him to get to the C: drive by being
> able to
> >access
> >>>> >>the
> >>>> >>>Temp Internet files.
> >>>> >>>
> >>>> >>>2. If he disconnects the computer from the network, it installs a
> local profile
> >for
> >>>> >>>him, giving him access to the C: drive and the “Run” command.
> >>>> >>>
> >>>> >>>3. He runs a “compressed” cmd file from within PowerPoint.
> >>>> >>>
> >>>> >>>4. By running “Find Printer” he is able to find users accounts.
> >>>> >>>
> >>>> >>>5. He accesses “command.com <http://command.com/>
> ><http://command.com/>
> >>><http://command.com/>
> >>>> ><http://command.com/> ” (the equivalent of
> >>>> >>cmd.exe).
> >>>> >>>
> >>>> >>>6. He runs cmd.exe to get to files on the servers.
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>Should this kid not be studying, rather than keeping me busy?
> >>>> >>>
> >>>> >>>
> >>>> >>>Anyway, just thought to share.
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>Thanks
> >>>> >>>
> >>>> >>>Patrick
> >>>> >>>
> >>>> >>>
> >>>> >>>________________________________
> >>>> >>>
> >>>> >>>From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx>
> >>>> >>>To: windows2000@xxxxxxxxxxxxx
> >>>> >>>Sent: Wednesday, March 25, 2009 11:54:33 PM
> >>>> >>>Subject: [windows2000] Re: How to tighten up your network -
> suggestions
> >>>> >>>
> >>>> >>>Yes I understand kids will be kids but it covers you.
> >>>> >>>Jim Kenzig
> >>>> >>>Blog: http://www.techblink.com
> >>>> >>>Twitter: http://twitter.com/kenzig
> >>>> >>>Twitter: http://twitter.com/InternetPilot
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx>
> >>>wrote:
> >>>> >>>
> >>>> >>>
> >>>> >>> Hi Jim,
> >>>> >>>
> >>>> >>> This is an idea I have suggested, and I think there is a good case
> to
> >>>> >>>push this forward. Whats I have found is that no matter how tight
> you try to
> >>>make
> >>>> >>>things the kids will seek to break in. In most cases because they
> do not
> >>>> >understand
> >>>> >>>what the consequences could be if enforced.
> >>>> >>>
> >>>> >>> Really annoying.
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>> Thanks
> >>>> >>>
> >>>> >>> Patrick
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>________________________________
> >>>> >>>
> >>>> >>> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx>
> >>>> >>> To: windows2000@xxxxxxxxxxxxx
> >>>> >>>
> >>>> >>> Sent: Wednesday, March 25, 2009 1:59:44 PM
> >>>> >>>
> >>>> >>> Subject: [windows2000] Re: How to tighten up your network -
> >>>> >>>suggestions
> >>>> >>>
> >>>> >>>
> >>>> >>> Well I am not sure about Australia but here we do have computer
> >>>> >>>hacking laws and a simple "Your current computer activity appears
> to be
> >>>illegal
> >>>> >and
> >>>> >>>you may be prosecuted if you do not cease and desist" dm to the
> computer
> >>>may
> >>>> >be
> >>>> >>>enough. You of course also make sure that you have a proper logon
> >privacy
> >>>> >>>message in place prior to logon that requires an OK click.
> >>>> >>> Here is ours:
> >>>> >>>
> >>>> >>> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND
> >>>> >>>ACTIVITIES ONLY!
> >>>> >>> Activities may be subject to monitoring, recording, and periodic
> audits
> >>>> >>> The system and all content are property of CCPL and are NOT
> >>>> >>>considered private.
> >>>> >>> The organization may access any users accounts or communications.
> >>>> >>> Anyone using this system expressly consents to the above and to
> all
> >>>> >>>CCPL Policies and Rules regarding
> >>>> >>> computer and Internet use and security.
> >>>> >>> OK
> >>>> >>>
> >>>> >>> This should cover you legally at least.
> >>>> >>> Regards
> >>>> >>> Jim Kenzig
> >>>> >>> Blog: http://www.techblink.com <http://www.techblink.com/>
> ><http://www.techblink.com/>
> >>>> ><http://www.techblink.com/>
> >>>> >><http://www.techblink.com/>
> >>>> >>> Twitter: http://twitter.com/kenzig
> >>>> >>> Twitter: http://twitter.com/InternetPilot
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton
> >>>> >>><berny@xxxxxxxxxxxxxxxxx> wrote:
> >>>> >>>
> >>>> >>>
> >>>> >>> Yes, it was actually regedit and they were modifying the
> >>>> >>>SAM.
> >>>> >>>
> >>>> >>> Quite clever really, but a little frustrating.
> >>>> >>>
> >>>> >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp.
> >>>> >>> <bcoffman@xxxxxxxxxxxxxxxx>:
> >>>> >>>
> >>>> >>> > Scheduled task can run in System context & allow
> >>>> >>>someone to launch a cmd
> >>>> >>> > prompt or something with basically full control of the
> >>>> >>>system.
> >>>> >>> >
> >>>> >>> > -----Original Message-----
> >>>> >>> > From: windows2000-bounce@xxxxxxxxxxxxx
> >>>> >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf
> >>>> >>>Of Sorin Srbu
> >>>> >>> > Sent: Wednesday, March 25, 2009 3:39 AM
> >>>> >>> > To: windows2000@xxxxxxxxxxxxx
> >>>> >>> > Subject: [windows2000] Re: How to tighten up your
> >>>> >>>network - suggestions
> >>>> >>> >
> >>>> >>> > Could you please elaborate on the scheduler thing,
> >>>> >>>what's that about? Thx.
> >>>> >>> > --
> >>>> >>> > /Sorin
> >>>> >>> >
> >>>> >>> >
> >>>> >>> >>-----Original Message-----
> >>>> >>> >>From: windows2000-bounce@xxxxxxxxxxxxx
> >>>> >>>[mailto:windows2000-
> >>>> >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton
> >>>> >>> >>Sent: Tuesday, March 24, 2009 9:38 PM
> >>>> >>> >>To: windows2000@xxxxxxxxxxxxx
> >>>> >>> >>Subject: [windows2000] Re: How to tighten up your
> >>>> >>>network - suggestions
> >>>> >>> >>
> >>>> >>> >>Oh, turn off the scheduler. Keep your patches up to
> >>>> >>>date. (That's the
> >>>> >>> >>one that caught me)
> >>>> >>> >
> >>>> >>> >
> >>>> >>> > **********************
> >>>> >>> > To Unsubscribe, set digest or vacation
> >>>> >>> > mode or view archives use the below link.
> >>>> >>> >
> >>>> >>> > http://www.freelists.org/list/windows2000
> >>>> >>> >
> >>>> >>> **********************
> >>>> >>> To Unsubscribe, set digest or vacation
> >>>> >>> mode or view archives use the below link.
> >>>> >>>
> >>>> >>> http://www.freelists.org/list/windows2000
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>>
> >>>> >>
> >>>> >>
> >>>> >
> >>>> >
> >>>>
> >>>
> >>>
> >>>________________________________
> >>>
> >>>Internet Explorer 8 – Get your Hotmail Accelerated. Download free!
> >>><http://clk.atdmt.com/MRT/go/141323790/direct/01/>
> >>
> >>
> >**********************
> >To Unsubscribe, set digest or vacation
> >mode or view archives use the below link.
> >
> >http://www.freelists.org/list/windows2000
> >
>
>

Other related posts: