I gotta go with the solution in Snyder's environment ;-)> I've dealt with kids like this before. No matter how many holes we plug, they'll find new ones. You can even put them to work - but would you TRUST them with your network or sensitive data? They ONLY way to put a stop to it have consequences for their actions - and impose them! Richard Eells > Date: Thu, 26 Mar 2009 18:30:00 +0000 > Subject: [windows2000] Re: How to tighten up your network - suggestions > From: berny@xxxxxxxxxxxxxxxxx > To: windows2000@xxxxxxxxxxxxx > > OK, > > Maybe it's just me, but you gotta admit, that's inventive! > > I would be asking him if he has considered a career in IT > > Berny > > 2009/3/26 Patrick <london31uk@xxxxxxxxx>: > > ok guys, after some serious talking to, the kid has decided to let us in on > > some of his tricks. > > > > > > > > 1. Download zip files allows him to get to the C: drive by being able > > to access the Temp Internet files. > > > > 2. If he disconnects the computer from the network, it installs a local > > profile for him, giving him access to the C: drive and the “Run” command. > > > > 3. He runs a “compressed” cmd file from within PowerPoint. > > > > 4. By running “Find Printer” he is able to find users accounts. > > > > 5. He accesses “command.com” (the equivalent of cmd.exe). > > > > 6. He runs cmd.exe to get to files on the servers. > > > > > > > > Should this kid not be studying, rather than keeping me busy? > > > > > > Anyway, just thought to share. > > > > > > > > Thanks > > > > Patrick > > > > ________________________________ > > From: Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx> > > To: windows2000@xxxxxxxxxxxxx > > Sent: Wednesday, March 25, 2009 11:54:33 PM > > Subject: [windows2000] Re: How to tighten up your network - suggestions > > > > Yes I understand kids will be kids but it covers you. > > Jim Kenzig > > Blog: http://www.techblink.com > > Twitter: http://twitter.com/kenzig > > Twitter: http://twitter.com/InternetPilot > > > > > > On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx> wrote: > >> > >> Hi Jim, > >> > >> This is an idea I have suggested, and I think there is a good case to push > >> this forward. Whats I have found is that no matter how tight you try to > >> make > >> things the kids will seek to break in. In most cases because they do not > >> understand what the consequences could be if enforced. > >> > >> Really annoying. > >> > >> > >> > >> Thanks > >> > >> Patrick > >> > >> ________________________________ > >> From: Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx> > >> To: windows2000@xxxxxxxxxxxxx > >> Sent: Wednesday, March 25, 2009 1:59:44 PM > >> Subject: [windows2000] Re: How to tighten up your network - suggestions > >> > >> Well I am not sure about Australia but here we do have computer hacking > >> laws and a simple "Your current computer activity appears to be illegal and > >> you may be prosecuted if you do not cease and desist" dm to the computer > >> may > >> be enough. You of course also make sure that you have a proper logon > >> privacy message in place prior to logon that requires an OK click. > >> Here is ours: > >> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES ONLY! > >> Activities may be subject to monitoring, recording, and periodic audits > >> The system and all content are property of CCPL and are NOT considered > >> private. > >> The organization may access any users accounts or communications. > >> Anyone using this system expressly consents to the above and to all CCPL > >> Policies and Rules regarding > >> computer and Internet use and security. > >> OK > >> > >> This should cover you legally at least. > >> Regards > >> Jim Kenzig > >> Blog: http://www.techblink.com > >> Twitter: http://twitter.com/kenzig > >> Twitter: http://twitter.com/InternetPilot > >> > >> > >> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx> > >> wrote: > >>> > >>> Yes, it was actually regedit and they were modifying the SAM. > >>> > >>> Quite clever really, but a little frustrating. > >>> > >>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp. > >>> <bcoffman@xxxxxxxxxxxxxxxx>: > >>> > Scheduled task can run in System context & allow someone to launch a > >>> > cmd > >>> > prompt or something with basically full control of the system. > >>> > > >>> > -----Original Message----- > >>> > From: windows2000-bounce@xxxxxxxxxxxxx > >>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin Srbu > >>> > Sent: Wednesday, March 25, 2009 3:39 AM > >>> > To: windows2000@xxxxxxxxxxxxx > >>> > Subject: [windows2000] Re: How to tighten up your network - suggestions > >>> > > >>> > Could you please elaborate on the scheduler thing, what's that about? > >>> > Thx. > >>> > -- > >>> > /Sorin > >>> > > >>> > > >>> >>-----Original Message----- > >>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000- > >>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton > >>> >>Sent: Tuesday, March 24, 2009 9:38 PM > >>> >>To: windows2000@xxxxxxxxxxxxx > >>> >>Subject: [windows2000] Re: How to tighten up your network - suggestions > >>> >> > >>> >>Oh, turn off the scheduler. Keep your patches up to date. (That's the > >>> >>one that caught me) > >>> > > >>> > > >>> > ********************** > >>> > To Unsubscribe, set digest or vacation > >>> > mode or view archives use the below link. > >>> > > >>> > //www.freelists.org/list/windows2000 > >>> > > >>> ********************** > >>> To Unsubscribe, set digest or vacation > >>> mode or view archives use the below link. > >>> > >>> //www.freelists.org/list/windows2000 > >> > >> > > > > > > > ********************** > To Unsubscribe, set digest or vacation > mode or view archives use the below link. > > //www.freelists.org/list/windows2000 _________________________________________________________________ Quick access to Windows Live and your favorite MSN content with Internet Explorer 8. http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0701A