Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Damn users

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    257

    Damn users

    As I wake up this morning I find I have 12 messages from two coworkers, all subjected as hi, and containing an attachment. Then 12 more messages from my mail server telling me it quarantined an attachment. So I think, 'these coworkers get their mail from the same server and it seems to block the virus, how could they have gotten it?' Lousy users are getting mail from outside e-mail addresses, and are probably going to need me to fix their computers when I arrive at work today.

    I guess that's not a big deal, until I removed one of the attachments from quarantine so I could download it to my computer and the real-time scan picks up the virus immediately. Which means these two people must have turned off the virus scanning on their workstations (since they have the same software and it is updated at the same interval).

    Now I've always been an advocate of letting people have control over their machines and allowing them to use the internet how they please, but this level of irresponsibility is really starting to change my opinion.

    Anyone out there have any insight for me, which is less of a nuisance, fixing the mistakes of users with too much access or dealing with a hundred people complaining they can't sign on to icq?

  2. #2
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584

    Cool

    Talk to your network administrator.. and tell him/her your problem.. suggest da admin to create groups (perferably global and local) and use an NDS tree like protocol...

    by sepparating users by groups and giving rights only to groups and not to individual users.. security of the network is more reliable.. and no one can bloody access your network unless he/she is in the global/logical group..

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post

    I had a similar problem with Tiny Personal firewall. My users kept turnining it off, or they would give permissions to any and all programs.

    "Why does this Sub7 thing want to connect to the internet? Well I better create a permissable filter rule for it so that it stops bothering me."

    Is there a way to it set up so that only the user with a password could change the permissions.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    677
    I think someone here mentioned a program called DeepFreeze... it won't stop users changing stuff, but it will revert to saves settings on the next restart. This is only a partial solution... the only way to use a firewalll and not have users change it is to make it a physical computer to which only you have administrative access.
    One Ring to rule them all, One Ring to find them.
    One Ring to bring them all and in the darkness bind them.
    (The Lord Of The Rings)
    http://www.bytekill.net

  5. #5
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Well, I'm not sure if your running any type of E-mail Gateway, but here I filter/block any e-mail attachment that is executable. (eg. .com, .exe, .vbs, .scr, .pif.....etc). This keeps the virus code from even getting into the mail box of a 'Dumb User'.

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    742
    Originally posted by DjM
    Well, I'm not sure if your running any type of E-mail Gateway, but here I filter/block any e-mail attachment that is executable. (eg. .com, .exe, .vbs, .scr, .pif.....etc). This keeps the virus code from even getting into the mail box of a 'Dumb User'.
    I do the same thing.. All executable attachments not caught in the virus scan are transfered to a quarantine zone.. The users gets a pop-up message when they opens the mail which notifies them to get the attachment from me when I have checked that it's a clean attachment. It's like a prison but it helps my users from making bad misstakes.

  7. #7

    Re: Damn users

    Originally posted by shkuey

    Now I've always been an advocate of letting people have control over their machines and allowing them to use the internet how they please, but this level of irresponsibility is really starting to change my opinion.

    You can have the best security in the world but it's no match for peoples stupidity.


    Perhaps education is the answer? Companies spend thousands of dollars on security but very little on education. As The Preacher pointed out some people don't even know how to configure a software firewall..

  8. #8
    Member
    Join Date
    Oct 2001
    Posts
    88
    My company has a `tough **** you can't use irq, irc, or whatever, that is not what we pay you to do anyway..' security policy. I know it is harsh, but it works quite well. The trouble you are in is that it is difficult to take priviledges away once people are used to having them. Depending on who the Luser is( mgmt etc..), it can be a real pain in the ass.

    It sounds like you already have some kind of anti-virus application on the exchange server. I would recommend password protecting the anti-virus software if you can so users can not turn it off. I might even suggest making it a hidden process or something like that depending on what the software is and what it can do.

    Hope you figure it out. I don't envy you one bit.

  9. #9
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    I recommend killing all users.... its not like they fulfill any useful purpose anyway..

    ThePreacher: I believe that you can set Tiny to use a password for various things... Double Click on the tiny firewall icon in your system tray...
    Under Miscellanious, there are options for setting passwords for Administration... Also stuff for allowing remote administration, nice..

    Hope that helps.....
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  10. #10
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post

    Originally posted by Matty Cross

    ThePreacher: I believe that you can set Tiny to use a password for various things... Double Click on the tiny firewall icon in your system tray...
    Under Miscellanious, there are options for setting passwords for Administration... Also stuff for allowing remote administration, nice..

    Hope that helps.....
    I have a password set for the firewall, but it still pops up a warning when there is no filter rule in place, and asks to create a filter rule. For my idiot users they permit everything and create rules so anything, including trojans, have perminant access. I disabled remote administration because I have a fear that some hacker would use this to tamper with my system.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •