Printable View
I must say that the last post by gunit was the most entertaining of the entire thread. Give my congradulations to your nephew. I laughed my ass off when I read that. As for the security threat just let it be, and take credit for it when it is hacked. A totaly open install of win2k running on a direct line to the net with no firewall will probably be killed before you even figure out what crack your going to attempt. If not, the security scanners should do nicely.
deaflamb
I gotta check in here humm looks like I'm the old fart again LOL. The work place always is a challange. First off an MCSE is a hunk of paper (costly) and with each release it is also outdated quickly now days. I'd say watch the logs on the server print them out and oh go to that person and say BTW I'm busy you did the install can you correct it? You made no mention of any sort of firewall or I may have missed that part. But this person may think if there is one there is no need to do anything but a default install (a newbie MCSE thinking seen it many times). Manage the firewall right and the risk to the server is small from the outside. But being a work place you have to take into account the lame users and how they might exploit the server. Say access those files they should not or directories, only takes one lame user to have the wrong access to a server to really mess a network up.
One thing I have found in some 20 years in IT is yeah there are people smarter, and at my age now to damn quick they can hit re-start faster then I can say WAIT! My advantage over these people 30 years supporting the business, knowing it all. Sometimes out geeking a geek is simply a matter of knowing the operations and functions of the business you support better then they can. Like I know A/E inside and out maybe there is a better geek then me to do it but I know what the end users need and what A/E operations are about, an MCSE knows well MCSE...dah lets re-boot and not tell anyone..or humm lets Fdisk and re-install to fix that problem cause I have no clue. Forget the MGR and brown nose stick with business operations and what functions are needed on the network, the newbe will hang himself.
The mcse comments above are a sad bit of stereotyping. Just like any other area, some are good,s ome are mediocre, and lots don't have a clue.
Slightly off topic, but Gunit did raise it in this thread.................I once worked on a high security (defence) site and wondered why the base unit, screen, AND KEYBOARD for each individual workstation had the same unique inventory number.
I hadn't thought of a physical keylogger :confused: ............that has just explained and taught me something................thanks.
BTW I have seen TWO guys get 11 years for trying to sell military secrets, so it does happen.
One last thing which you might use to support your argument Pie, new gov. regulations.
Now I work for a Financial Institute and we are bound by the Graham Leach Bliley Act (GLBA) which has imposed far stricter controls on the protection of customer information. The Patriot Act has far broader regulations that are not as specific or restrictive as the GLBA but still hit the area of protection of customer information and customer identification very strongly.
If this server contains customer data and is open to the net then your company is most likely in violation of some very severe Federal Regulations. The compromise of that data would force your company to notify any potentially affected customer, could lead to civil and criminal prosecution (no criminal cases have been brought yet although there is provision for it), and would cause a severe loss of confidence in the corporation. BTW a manager knowingly ignoring warnings about a danger borders on criminal prosecution but probably doesn't cross the line unless he informs outsiders so they can take advantage of the breach. It does, however, open the company up to huge civil claims.
Maybe bringing this up in casual conversation or in a planning meeting would spark some interest.
It is interesting to note that the dweeb who built a ticking time bomb server (TTBS) is probably the safest from Federal repurcussions because he would be deemed merely incompetent and the ultimate decisions were made by the manager.
Again, I urge you to make sure to CYA because if this TTBS does blow up you don't want to be in the blast radius. E-mails, memos, and documentation are your bomb shelter.
P.S.
And if you couldn't tell from the use of Acronyms I too spent 8 years working for the gov. on Secret and TS weapon's programs. There 80% of you job was to CYA. I think every missile fired has more plausible deniability behind it than rocket propellent.
CYA...CYA...CYA...always CYA
If your manager lets this new guy wreak havoc on your companies network and you have some documented proof that you disagreed with some of the things going on and discussed them with your manager and he did nothing. Depending on your background, you may find yourself presented with the opportunity to become the manager. If **** hits the fan and you can show that you discussed the fact that industry standard security practices were not being followed, that will make you look good(or at least better).
On a bit of a side note: I worked this one gov contract and over the course of 2 months, I had to go in and clean the exchange server 4 times. Some bonehead officers had "sneaker-net'd" some docs off the secure network and mailed them on the unsecured network. Not a thing happened to any of these people and on 2 of the occasions it was the same officer!