[windows2000] Re: How to tighten up your network - suggestions
- From: Patrick <london31uk@xxxxxxxxx>
- To: windows2000@xxxxxxxxxxxxx
- Date: Tue, 31 Mar 2009 11:44:20 -0700 (PDT)
Thanks Greg. I will go through this. We have a 2 weeks breake coming up and I
have proposed some security changes, hoping that they will be approved. I will
see if I can pick some pointers out of this document.
Thanks
Patrick
________________________________
From: Greg Reese <gareese@xxxxxxxxx>
To: windows2000@xxxxxxxxxxxxx
Sent: Tuesday, March 31, 2009 2:54:26 PM
Subject: [windows2000] Re: How to tighten up your network - suggestions
the VP will get it when his account gets hacked by this kid.
I should have thought of this sooner but for some great guidance on locking
down a network. Look at the DISA STIGs. They are for DoD networks but anyone
can read over them and apply the same settings to their networks.
http://iase.disa.mil/stigs/index.html ; Be careful though, if you implement
these to the fullest extent, your network will be inaccessible. They have
ready made templates, GPO reports, testing scripts, all kinds of good stuff.
Greg
On Tue, Mar 31, 2009 at 7:45 AM, Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx> wrote:
"Boys will be boys"? I don't think the vice principal quite gets it either, or
so it would seem... At least that's not the way it works with IT. Who know
where it will stop unless somebody puts the foot down, as it were.
--
/Sorin
>-----Original Message-----
>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
>Sent: Tuesday, March 31, 2009 2:31 PM
>To: windows2000@xxxxxxxxxxxxx
>Subject: [windows2000] Re: How to tighten up your network - suggestions
>
>The vice principal doesnt seem qucite keen to push this forward, I am having
>to write
>up a report and hand it to the ICT director. I think is it up to them to
>decide what
>happens next
>
>
>________________________________
>
>From: Berny Stapleton <berny@xxxxxxxxxxxxxxxxx>
>To: windows2000@xxxxxxxxxxxxx
>Sent: Tuesday, March 31, 2009 12:36:54 PM
>Subject: [windows2000] Re: How to tighten up your network - suggestions
>
>I would certainly becoming up on time to take the toy away. A brief
>discussion with his parent(s) might be an option too.
>
>2009/3/31 Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>:
>> You can never win this, with less than banning this kid totally, remove his
>> account
>etc. Even then, he'll use somebody else's account instead. If he won't take
>the hint, I
>don't know what else you *can* do. Had the parents and police been informed? If
>that's what it takes... 8-/
>>
>> --
>> /Sorin
>>
>>>-----Original Message-----
>>>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
>>>Sent: Tuesday, March 31, 2009 1:18 PM
>>>To: windows2000@xxxxxxxxxxxxx
>>>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>
>>>Thanks guys. This is such a major issue, even after the little brat has been
>warned,
>>>he got onto the next computer and started again. Taking up our time
>>>monitoring
>him,
>>>we know that even with restrictions on his account he has access to other
>students
>>>accounts. We have decided to lockdown his account to only the time he has ICT
>>>related lessons which is 6 time a week for about 1 hr. Even with that he is
>spending
>>>time trying to get in. Anyway tha ballte continues.
>>>
>>>Thanks
>>>
>>>Patrick
>>>
>>>
>>>________________________________
>>>
>>>From: Richard Bruce <richardbruce@xxxxxxxxxxx>
>>>To: windows2000@xxxxxxxxxxxxx
>>>Sent: Monday, March 30, 2009 3:42:00 PM
>>>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>
>>>Sorin,
>>>
>>>My experience has been similiar with that age group ;-) however, that's not
>>>what
>I'm
>>>referring to.
>>>
>>>Most of these young wiz kids/hackers have already figured out how to network
>>>computers. I don't think you could give them a "playground" that would
>>>satisfy
>their
>>>curiosity as to how "real" networks run. And their desire to access
>>>information
>they
>>>have no right to access.
>>>
>>>I'm interested in networks, too. That doesn't mean I can hack my way around
>>>my
>>>employer's network. Not if I want to keep my job.
>>>
>>>Richard
>>>
>>>> From: sorin.srbu@xxxxxxxxxxxxx
>>>> To: windows2000@xxxxxxxxxxxxx
>>>> Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> Date: Mon, 30 Mar 2009 13:05:27 +0200
>>>>
>>>> I guess a nudge in the "proper" direction is all you can do. The rest is
>>>> up to
>them.
>>>8-)
>>>>
>>>> I've worked as a teacher with pupils age 14-16 for about two years at a
>>>> school. I
>>>haven't met anyone that knows anything about a career plan, much less a pupil
>that
>>>listens to anything a grown-up suggests about something that's years ahead in
>the
>>>future. Their attention-span is minutes ahead of the moment, if that. I'm
>>>generalish
>I
>>>know, but it's still a rather significant fact. ;-)
>>>> --
>>>> /Sorin
>>>>
>>>>
>>>> >-----Original Message-----
>>>> >From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>>> >bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
>>>> >Sent: Monday, March 30, 2009 11:17 AM
>>>> >To: windows2000@xxxxxxxxxxxxx
>>>> >Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >
>>>> >True, but I think the emphasis would be on helping them channel their
>>>> >ability in
>>>the
>>>> >right direction. What you might find is that these kids have a talent
>>>> >which we
>can
>>>help
>>>> >harness, and direct. This might potentially help them with a meaningful
>>>> >career
>in
>>>the
>>>> >future. What we tend to see is raw talent, unproductive and mis-directed.
>>>> >This particular kid wants a career in IT, but I am very sure he doesnt
>>>> >know
>what.
>>>> >This might help him channel his thoughts in the right direction, and be
>>>> >better
>>>informed
>>>> >when he makes his choice.
>>>> >
>>>> >But then, I might be wrong, and we might just be dealing with seasoned
>Hackers.
>>>> >
>>>> >
>>>> >Thanks
>>>> >
>>>> >Patrick
>>>> >
>>>> >
>>>> >________________________________
>>>> >
>>>> >From: Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>
>>>> >To: windows2000@xxxxxxxxxxxxx
>>>> >Sent: Monday, March 30, 2009 7:49:23 AM
>>>> >Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >
>>>> >The risk here is that as soon as it's something organized by adults, the
>>>> >chase
>>>loses
>>>> >its attraction. OTOH, setting up a lab-network and telling them to hack
>>>> >this and
>>>this
>>>> >computer and find a file containing this particular text, might set them
>>>> >off.
>Kinda'
>>>like
>>>> >a treasure hunt. The coin has two sides though, as always. They might use
>the
>>>> >same techniques to hack you sharp production network, "just to see if it's
>>>possible".
>>>> >;-)
>>>> >
>>>> >--
>>>> >/Sorin
>>>> >
>>>> >
>>>> >>-----Original Message-----
>>>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
>>>> >>Sent: Saturday, March 28, 2009 7:17 AM
>>>> >>To: windows2000@xxxxxxxxxxxxx
>>>> >>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >>
>>>> >>He must be about 15/16. Cos there was the talk of him taking his final
>exams. I
>>>am
>>>> >>begining to notice a trend in all the schools I support. We seem to have
>>>> >>about
>3
>>>or 4
>>>> >>kids that are good @ things like that. Well these are kids we know, and
>>>> >>I am
>>>> >thinking
>>>> >>of suggesting setting up a special technology group to help them chanel
>>>> >>thier
>gift
>>>> >>constructively.
>>>> >>I might create a mini lab/ network with a dozen old pcs, and get them to
>>>> >>play
>>>and
>>>> >>reaaly focusing and directing thier intelligent on good. Not sure how the
>>>principals
>>>> >>would take that, but I sure will suggest this to the IT director.
>>>> >>
>>>> >>
>>>> >>Patrick
>>>> >>
>>>> >>
>>>> >>________________________________
>>>> >>
>>>> >>From: Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>
>>>> >>To: windows2000@xxxxxxxxxxxxx
>>>> >>Sent: Friday, March 27, 2009 8:10:27 AM
>>>> >>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >>
>>>> >>Nice, and also rather ingenious IMO!
>>>> >>
>>>> >>How old kid(s) are we speaking?
>>>> >>
>>>> >>--
>>>> >>/Sorin
>>>> >>
>>>> >>
>>>> >>>-----Original Message-----
>>>> >>>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>>> >>>bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
>>>> >>>Sent: Thursday, March 26, 2009 6:12 PM
>>>> >>>To: windows2000@xxxxxxxxxxxxx
>>>> >>>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >>>
>>>> >>>ok guys, after some serious talking to, the kid has decided to let us
>>>> >>>in on
>some
>>>of
>>>> >>his
>>>> >>>tricks.
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>1. Download zip files allows him to get to the C: drive by being able to
>access
>>>> >>the
>>>> >>>Temp Internet files.
>>>> >>>
>>>> >>>2. If he disconnects the computer from the network, it installs a local
>>>> >>>profile
>for
>>>> >>>him, giving him access to the C: drive and the “Run” command.
>>>> >>>
>>>> >>>3. He runs a “compressed” cmd file from within PowerPoint.
>>>> >>>
>>>> >>>4. By running “Find Printer” he is able to find users accounts.
>>>> >>>
>>>> >>>5. He accesses “command.com <http://command.com/>
><http://command.com/>
>>><http://command.com/>
>>>> ><http://command.com/> ” (the equivalent of
>>>> >>cmd.exe).
>>>> >>>
>>>> >>>6. He runs cmd.exe to get to files on the servers.
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>Should this kid not be studying, rather than keeping me busy?
>>>> >>>
>>>> >>>
>>>> >>>Anyway, just thought to share.
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>Thanks
>>>> >>>
>>>> >>>Patrick
>>>> >>>
>>>> >>>
>>>> >>>________________________________
>>>> >>>
>>>> >>>From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx>
>>>> >>>To: windows2000@xxxxxxxxxxxxx
>>>> >>>Sent: Wednesday, March 25, 2009 11:54:33 PM
>>>> >>>Subject: [windows2000] Re: How to tighten up your network - suggestions
>>>> >>>
>>>> >>>Yes I understand kids will be kids but it covers you.
>>>> >>>Jim Kenzig
>>>> >>>Blog: http://www.techblink.com
>>>> >>>Twitter: http://twitter.com/kenzig
>>>> >>>Twitter: http://twitter.com/InternetPilot
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx>
>>>wrote:
>>>> >>>
>>>> >>>
>>>> >>> Hi Jim,
>>>> >>>
>>>> >>> This is an idea I have suggested, and I think there is a good case to
>>>> >>>push this forward. Whats I have found is that no matter how tight you
>>>> >>>try to
>>>make
>>>> >>>things the kids will seek to break in. In most cases because they do not
>>>> >understand
>>>> >>>what the consequences could be if enforced.
>>>> >>>
>>>> >>> Really annoying.
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>> Thanks
>>>> >>>
>>>> >>> Patrick
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>________________________________
>>>> >>>
>>>> >>> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx>
>>>> >>> To: windows2000@xxxxxxxxxxxxx
>>>> >>>
>>>> >>> Sent: Wednesday, March 25, 2009 1:59:44 PM
>>>> >>>
>>>> >>> Subject: [windows2000] Re: How to tighten up your network -
>>>> >>>suggestions
>>>> >>>
>>>> >>>
>>>> >>> Well I am not sure about Australia but here we do have computer
>>>> >>>hacking laws and a simple "Your current computer activity appears to be
>>>illegal
>>>> >and
>>>> >>>you may be prosecuted if you do not cease and desist" dm to the computer
>>>may
>>>> >be
>>>> >>>enough. You of course also make sure that you have a proper logon
>privacy
>>>> >>>message in place prior to logon that requires an OK click.
>>>> >>> Here is ours:
>>>> >>>
>>>> >>> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND
>>>> >>>ACTIVITIES ONLY!
>>>> >>> Activities may be subject to monitoring, recording, and periodic audits
>>>> >>> The system and all content are property of CCPL and are NOT
>>>> >>>considered private.
>>>> >>> The organization may access any users accounts or communications.
>>>> >>> Anyone using this system expressly consents to the above and to all
>>>> >>>CCPL Policies and Rules regarding
>>>> >>> computer and Internet use and security.
>>>> >>> OK
>>>> >>>
>>>> >>> This should cover you legally at least.
>>>> >>> Regards
>>>> >>> Jim Kenzig
>>>> >>> Blog: http://www.techblink.com <http://www.techblink.com/>
><http://www.techblink.com/>
>>>> ><http://www.techblink.com/>
>>>> >><http://www.techblink.com/>
>>>> >>> Twitter: http://twitter.com/kenzig
>>>> >>> Twitter: http://twitter.com/InternetPilot
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton
>>>> >>><berny@xxxxxxxxxxxxxxxxx> wrote:
>>>> >>>
>>>> >>>
>>>> >>> Yes, it was actually regedit and they were modifying the
>>>> >>>SAM.
>>>> >>>
>>>> >>> Quite clever really, but a little frustrating.
>>>> >>>
>>>> >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp.
>>>> >>> <bcoffman@xxxxxxxxxxxxxxxx>:
>>>> >>>
>>>> >>> > Scheduled task can run in System context & allow
>>>> >>>someone to launch a cmd
>>>> >>> > prompt or something with basically full control of the
>>>> >>>system.
>>>> >>> >
>>>> >>> > -----Original Message-----
>>>> >>> > From: windows2000-bounce@xxxxxxxxxxxxx
>>>> >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf
>>>> >>>Of Sorin Srbu
>>>> >>> > Sent: Wednesday, March 25, 2009 3:39 AM
>>>> >>> > To: windows2000@xxxxxxxxxxxxx
>>>> >>> > Subject: [windows2000] Re: How to tighten up your
>>>> >>>network - suggestions
>>>> >>> >
>>>> >>> > Could you please elaborate on the scheduler thing,
>>>> >>>what's that about? Thx.
>>>> >>> > --
>>>> >>> > /Sorin
>>>> >>> >
>>>> >>> >
>>>> >>> >>-----Original Message-----
>>>> >>> >>From: windows2000-bounce@xxxxxxxxxxxxx
>>>> >>>[mailto:windows2000-
>>>> >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton
>>>> >>> >>Sent: Tuesday, March 24, 2009 9:38 PM
>>>> >>> >>To: windows2000@xxxxxxxxxxxxx
>>>> >>> >>Subject: [windows2000] Re: How to tighten up your
>>>> >>>network - suggestions
>>>> >>> >>
>>>> >>> >>Oh, turn off the scheduler. Keep your patches up to
>>>> >>>date. (That's the
>>>> >>> >>one that caught me)
>>>> >>> >
>>>> >>> >
>>>> >>> > **********************
>>>> >>> > To Unsubscribe, set digest or vacation
>>>> >>> > mode or view archives use the below link.
>>>> >>> >
>>>> >>> > //www.freelists.org/list/windows2000
>>>> >>> >
>>>> >>> **********************
>>>> >>> To Unsubscribe, set digest or vacation
>>>> >>> mode or view archives use the below link.
>>>> >>>
>>>> >>> //www.freelists.org/list/windows2000
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>
>>>> >>
>>>> >
>>>> >
>>>>
>>>
>>>
>>>________________________________
>>>
>>>Internet Explorer 8 – Get your Hotmail Accelerated. Download free!
>>><http://clk.atdmt.com/MRT/go/141323790/direct/01/>
>>
>>
>**********************
>To Unsubscribe, set digest or vacation
>mode or view archives use the below link.
>
>//www.freelists.org/list/windows2000
>
Other related posts:
