I had an interesting thing happen today. I went to the campus of one of the local community colleges today. They have an area setup that has several computers that access the web for students as well you can access the states own network. It's used for jobs, unemployment, student affairs, welfare, corrections, all state services. Anyway, since I used to work for the state I just had to check out the security. What a joke. I was sitting around looking at the IT job postings around the state to try and get a jump on some outsourcing. So this one lady that works in this office logs in next to me. She's talking to someone else the whole time. So she leaves. She did'nt log out. I was like a kid in a candy store. I just scooted over and went to work. Their main network is Netware. So anyway they must have two kinds of users because this person's access gave me shell access. Oh boy.... So I sit here and pull up Extra for Netware. Then I set the ip I want after running a netstat -an from the cmd line. Set my terminal/device. (still the same as it used to be IBM-3278) good ole' port 23. So I connected. Entered the system command for what used to be the general services login directory. My old User ID and password are not any good. I figured this. So I made one up. Then I typed in the old admin reset to start new logins with. Still the same after all these years "letmein". So anyway I get my access and I'm sitting here looking at this. I laugh and think to myself, "It's a good thing I don't want to screw things up". So I passed lurking around and typed in a message to the syswide drop line. Which is a small line bellow the terminal window they have setup on the state computers to send messages between admins in real time. Then I logged out of everything. Then I left with a grin on my face......The moral to this story. A network, server, workstation or any device thats accessed by anyone is only secure as the users are in their individual security practices. So for all you Admins. Keep those users in check.... :D

haven't used letmein since our isp was a netware dialup. cute. good job and btw - glad you did not do mischief :)

We had an interesting user problem today. You know what a smartbits is? Well do you know what smartbits does to a live network? Not good things, let me tell you. I had to pull out the destructive packet filter device and *snip* *snip*, and then one last *snip*. Turns out I snipped his palm pilot cable on accident. Oh well.

didn't you have this problem with him before in one of your security stories? fire the dude.

HeyApocalypse:
By any chance was the community college in question Nashville Tech?

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=221001#post468927) by bucket
HeyApocalypse:
By any chance was the community college in question Nashville Tech?
LOL...You know what I'm talking about heh. Well, it's not the right school but it's the same system (the one they're all on). The Alex database and all that good stuff. They realy need to beef up security. :D

Goes to show you what happens when people just don't really know what can happen when they leave a terminal window open or some such... Back in SF, I wrote a perl program that would lock the screen, void the control/alt keys (no suspend, break, or interrupt, and no switching screens) so that when I had to go fix something or whatnot, nobody would fux0r around and even if they tried, I'd be back shortly enough to see their futile attempts and commence to breakin' some chairs!

Security is something that people don't really want to implement. Good implementations take skilled professionals to install/configure and then it's a daily maintenance routine to make sure things are ok and nothing's amiss. That and the cost is what kills it for most places. Case in point: Marriott Vacation Club International doesn't want to encrypt their credit card transaction database end-to-end or do any other kind of encryption scheme to at least keep some people out. What's the result? A couple of employees at one of the call centers were busted for credit card theft, which isn't related to the encryption but the phone could be used for input of the card number/expiration after ID verification. This happened for a few months and I'm just waiting for someone who had their card used illegally to find someone else who had the same thing happen and then they sue the crap out of MVCI. But they've got an InfoSec guy who's been pushing to resolve these things for the past year+ but they won't do it. Guess those execs have to have their payraises and the managers have to have their bonuses eh? After all, they don't take the fall, it'd be the poor InfoSec guy... dumbasses...

Such is life...

The moral to this story. A network, server, workstation or any device thats accessed by anyone is only secure as the users are in their individual security practices. So for all you Admins. Keep those users in check....

Utterly true.
I still have db-access on three different servers I used to work on several years ago.
Maybe you should've passed the admins the user who just left her terminal open. Just to be evil ;)

logs........honeyPOT.........sysadmin there could just be a smart arse, ..........or almost as lax as me.........

shhhh, i did'nt inhale.....

................sniff......................well, anyway

At least this is a much better story than "I_am_a_Cracker" ever told.

Very Nice....It is amazing how often stuff like this happens though...

hahaha wow.. just reminded me of the time when i was in Centre Link (its an employment agency or somefin funded by the govt) anyway, i was skimming through their touch screen consoles for jobs.. then i just thought... what if i could make this system crash..so i started pressing everything till the program stoped and gave me an error.. and told me that the "resources" have run low and should close the programm, reboot and start it again.. and in a pop-up window says "Click OK to close program" so i pressed on OK.. then.. tada!!! i saw it infront of me.. Windows 2000 Professional.. hahaha! am like.. WOW!! so i checked if there is any sort of security.. nothing.. i could even change the settings if i want to.. so yeah.. finally i restarted the bugger and left the area.. i didnt wanna get introuble ofcourse..

So the console was basically run by Win2K but no one can see it coz what they see is the Centre Link database..

I came back after a week.. tried it again.. didnt work anymore.. my guess was they added more memory to it or somefin.. hehe

And like the time where i went to St. George Bank and outside they had a computer for the people who cant be bothered to wait in line... no one was using it so i walked up to the desk to see whats on the computer.. and i noticed the security guard is staring at me.. especially when i was about to touch the keyboard.. i was gonna use da keyboard.. but then da guard was staring at me so i just walked away.. hmm