Got root? I do.

[{P²P}Apocalypse]

I had an interesting thing happen today. I went to the campus of one of the local community colleges today. They have an area setup that has several computers that access the web for students as well you can access the states own network. It's used for jobs, unemployment, student affairs, welfare, corrections, all state services. Anyway, since I used to work for the state I just had to check out the security. What a joke. I was sitting around looking at the IT job postings around the state to try and get a jump on some outsourcing. So this one lady that works in this office logs in next to me. She's talking to someone else the whole time. So she leaves. She did'nt log out. I was like a kid in a candy store. I just scooted over and went to work. Their main network is Netware. So anyway they must have two kinds of users because this person's access gave me shell access. Oh boy.... So I sit here and pull up Extra for Netware. Then I set the ip I want after running a netstat -an from the cmd line. Set my terminal/device. (still the same as it used to be IBM-3278) good ole' port 23. So I connected. Entered the system command for what used to be the general services login directory. My old User ID and password are not any good. I figured this. So I made one up. Then I typed in the old admin reset to start new logins with. Still the same after all these years "letmein". So anyway I get my access and I'm sitting here looking at this. I laugh and think to myself, "It's a good thing I don't want to screw things up". So I passed lurking around and typed in a message to the syswide drop line. Which is a small line bellow the terminal window they have setup on the state computers to send messages between admins in real time. Then I logged out of everything. Then I left with a grin on my face......The moral to this story. A network, server, workstation or any device thats accessed by anyone is only secure as the users are in their individual security practices. So for all you Admins. Keep those users in check....

[gold eagle]

haven't used letmein since our isp was a netware dialup. cute. good job and btw - glad you did not do mischief

[KorpDeath]

We had an interesting user problem today. You know what a smartbits is? Well do you know what smartbits does to a live network? Not good things, let me tell you. I had to pull out the destructive packet filter device and *snip* *snip*, and then one last *snip*. Turns out I snipped his palm pilot cable on accident. Oh well.

[gold eagle]

didn't you have this problem with him before in one of your security stories? fire the dude.

[bucket]

HeyApocalypse:
By any chance was the community college in question Nashville Tech?

[{P²P}Apocalypse]

Originally posted here by bucket
HeyApocalypse:
By any chance was the community college in question Nashville Tech?

LOL...You know what I'm talking about heh. Well, it's not the right school but it's the same system (the one they're all on). The Alex database and all that good stuff. They realy need to beef up security.

[Vorlin]

Goes to show you what happens when people just don't really know what can happen when they leave a terminal window open or some such... Back in SF, I wrote a perl program that would lock the screen, void the control/alt keys (no suspend, break, or interrupt, and no switching screens) so that when I had to go fix something or whatnot, nobody would fux0r around and even if they tried, I'd be back shortly enough to see their futile attempts and commence to breakin' some chairs!

Security is something that people don't really want to implement. Good implementations take skilled professionals to install/configure and then it's a daily maintenance routine to make sure things are ok and nothing's amiss. That and the cost is what kills it for most places. Case in point: Marriott Vacation Club International doesn't want to encrypt their credit card transaction database end-to-end or do any other kind of encryption scheme to at least keep some people out. What's the result? A couple of employees at one of the call centers were busted for credit card theft, which isn't related to the encryption but the phone could be used for input of the card number/expiration after ID verification. This happened for a few months and I'm just waiting for someone who had their card used illegally to find someone else who had the same thing happen and then they sue the crap out of MVCI. But they've got an InfoSec guy who's been pushing to resolve these things for the past year+ but they won't do it. Guess those execs have to have their payraises and the managers have to have their bonuses eh? After all, they don't take the fall, it'd be the poor InfoSec guy... dumbasses...

Such is life...

[Mankan]

The moral to this story. A network, server, workstation or any device thats accessed by anyone is only secure as the users are in their individual security practices. So for all you Admins. Keep those users in check....

Utterly true.
I still have db-access on three different servers I used to work on several years ago.
Maybe you should've passed the admins the user who just left her terminal open. Just to be evil

[litmus]

logs........honeyPOT.........sysadmin there could just be a smart arse, ..........or almost as lax as me.........

[litmus]

shhhh, i did'nt inhale.....