Administrator's Responsibilities

[Tiger Shark]

Spurred on by this thread That I didn;t see until after it was closed I have the following to say:-

The most basic principle of computer security is that if it isn't Explicitly Denied then, ergo, it is Implicitly Allowed.

Therefore, any administrator who allows anything to occur on his network that he didn't want to have happen has no-one to blame but himself.

An admin who has no-one to blame but himself yet goes ahead and lies and makes up "issues" in order to hide his/her own screw up/inabilities is more akin to the twelfth grader he is trying to screw over.

The kid issued a command, (a non-malicious command at that), on a system which, per the admin's policy, executed it....... If it did cause network issues it wasn't the kid who caused them - it was the admin himself.... he needs to take a serious look at his network. The sad thing is, from this story, I get the distinct impression that the admin won't have the skill set required to determine if his network is running correctly in the first place.

Sephiroth: I agree with others in the other thread that you shouldn't have been messing about in class. You are there to learn - if you don't learn you won't be working for me or many other of the professionals that haunt these forums. OTOH, feel free to show this to your dean or whatever if you like, but they should probably know what kind of a network admin they have.... Less than competent, unable to accept their own shortcomings, prone to bending the truth with a heathy dose of imagination thrown in. He/she needs some counselling and some professional development.

People like him/her bother me..... Why?..... It is this kind of admin that leaves his boxes unpatched and then doesn't even recognize that his boxes are attacking the whole world constantly... for months..... like many still do.... Then he/she will lie about it...... That's why he/she bothers me!

[Soda_Popinsky]

I agree 100%, its so easy these days to throw lingo around about "serious network latency" and such, but hopefully when the young tech saavy generation grows up, stupid little human errors such as the command line being enabled would occur less. But then the exploits may become more complex and harder to handle, givin that this generation will be smarter than the last. So situations like this would just get more and more complicated.

[nihil]

"serious network latency"



I haven't pulled anything like that since 1982............and that was on a CEO, not a schoolkid!

Where are his logs to prove it?..................if he hasn't got them, how can he call himself an administrator?............he obviously runs "Microsoft somthingorother"? Where are his certifications, his previous job references................or is he related to someone

Would he know what a log was? the sailing records of HMS Bounty perhaps?

You may have freedom of choice (well we do if the parents can afford it).........but one thing we DO have is public accountability in education..........the dean would be fired, his sidekicks as well, and the administrator would be throwing trash for the rest of his life.

"Vox populi, vox Dei" is a nice concept..........until the lynch mob comes along?

Well said Tiger..................I would give the guy a red card for a professional foul, a true professional either would not need to, or would do it so he would not get found out

Cheers
l

[MURACU]

The problem with an administrator like that is they are dangerous both for the company(school in this case) as well as for the end users. They know that as they are seen as the experts their word goes.
I have had the experiance where I had to suspend two techniciens on one of my teams because of an administrator like that. The basic story was I sent them out to put in place a remote Desktop on a very sensetive site. They talked a bit too much to the local admin about how many security loopholes he had. The admin the same day updated Norton.
The two techniciens came back to the central saying every thing was in place, tryed a couple of tests and went on to the next project.
In the middle of the afternoon I got my ass hauled up before the IT director who was screeming about firing the two techniciens for having hacked the site. the local admin was on the other side of the line screaming about someone taking controll of his work stations and opening windows and copying files. I managed to convince the director to only suspend the techs till I figured out what was happening. They got escorted out of the building by the security. The case was closed very quickly after i went to the site with the IT security chef. The admin kept saying someone was attacking the machine while I was standing in front of him with the network cable in my hand. We downloaded the proper updates for Norton afterwhich everything worked fine.
All that to say a little knowledge in the hands of an incompetent is a dangerous thing.

[MrCoffee]

Gotta say,

"Therefore, any administrator who allows anything to occur on his network that he didn't want to have happen has no-one to blame but himself."

Is in general a crock. So you are saying that, I as admin, didnt want my IAD to fail, so putting it in a locked room, on it's own breaker, while good ideas, it was still my fault that we lost voice/data for two hours the other day because a guy from Maintence decided to unpull the unit, then go to lunch. Surely the DO NOT TOUCH sign was for everyone BUT him. :O

We as admins, walk into new jobs everyday, and find a wild mix of OS's, hardware, and software, that have been tacked onto our networks since long before we ever worked at a location. I have been at my current job 18 months, and I am slowly but surely getting everything locked down.
Case and Point. about a month ago, I had a major database app to upgrade on my apps server, requiring the server be accessable, BUT the app could not be used during the upgrade period. At each tracking station I unpluged the workstation, unplugged the NIC from the network, posted a 8x11 sign saying the app was down and not to try and access the tracking app. As I was running the update, a user reconnected the machine, removed the sign and proceeded to log in and crash the update, resulting in a day of restore and rebuild time.
The company owner proceeded to tell me it was my fault. I told him the same thing I will tell you about that statement: Kiss my fuzzy oversized butt.
Admins write procedures, email and tell everyone how to operate, lockdown what they can, but in the end, the USERS make it or break it, as well as the 2 or 3 guys that worked the job before them and left it in such a mess that it was amazing it ran at all. If people dont follow the admins recommendations, procedures, and rules, then no amount of work on the admins part will make a difference.
My network here has no less the 7 servers, workstations running, 98, NT3.51, Dos, NT 4.0, Win2k, RedHat 9, Lantastic, Advantage database, Exchange, Genesis CAM, AOI, and a number of other elements that make life interesting all the time. Not even including the remote offices. Between users that dont listen, past Admins not knowing what the heck they were doing, vendors leaving wholes in there products, and supervisors/owners that do not want to pay for updating/upgrading, you can NOT just blame the admins.
Sloppy work, and carelessness will destroy any job you do, network admin or not. So will lack of knownledge, understanding, and foresight. Doesnt matter if you are a network admin, or the guy changing the tires on a car at Wal Mart, sloppy work will get you every time.

In general, I agree with most of your post, and yes, reading what the 12th grader had to say, he got screwed. Curiousity is often rewarded with a slap in the face (just as my ex-girlfriend). If he facts were straight, then indeed, his network admin, is scared of his own shadow, and ill informed. And of course, probably gun shy, since highschool computer labs are a hackers heaven. Or so the media and press have lead the world to believe.

There is my $.22 cents worth. It is easy to blame "the lousy network" the "stupid admin" the "PC guy", and admins to blame everyting on I/O error (Idiot Operators). A lot of times Admins take it on the chin, take the blame and do the best they can to fix the problem.

Cheers!

[Tiger Shark]

MrCoffee:

>>Is in general a crock.

If you are going to call what I have to say "a crock" please, at least, have the good sense to use an example that is relevant. Having a maintenance man enter an area he is allowed into _and_ ignore a "policy", (the do not touch sign), is in no way the same as an admin applying an "unbreakable" policy enforced by the operating system that says that you can't run cmd.exe. If you had not allowed him a key he couldn't have got in, could he?

>>I had a major database app......

Had you been smarter you would have unplugged the cable from the switch _not_ the user's computer. You prove my point really, don't you?

>>The company owner proceeded to tell me it was my fault.

He was right..... See above

>>Kiss my fuzzy oversized butt.

"Oversized"...... Maybe we sat on it too long during your 18 months..... You could have your network locked down by now.......

If you are going to flame someone please make sure that you are wearing your retardant suit rather than the highly inflammable bikini you are currently wearing, (looking cute is one thing but you should think more before you do things......)

Kids.........

[Sephir0th]

Thanks for the replies guys... Im saving this to show a few people.....

[dinowuff]

Everything is the admins fault. After requesting another 60amps and a new UPS in one of my server rooms - Company purchased another AS/400, I was told that the cost was not justified. When the newly installed 400 brought total power usage to 59.9 amps, the UPS blew up and all servers were "Off Line" The reason this was my fault: I knew exactly what was going to happen and did not prevent it. (I did have a disaster recovery plan in place that worked perfect)

When luser A booted with a floppy disk and pulled his workstation off the domain, disabled antivirus and proceeded to F**K with the network - That was my fault. I'd been watching this guy for weeks as he tried to bypass security and said/did nothing. Didn't think the guy was smart enough to do what he did.

When I started working at my current job there was no AUP, Firewall (T-1 Connection) and antivirus was on a few workstations. The mail server was nothing but a spam relay.

The moment I accepted this position - all of the above became my problem/fault - responsibility. Blame the users or the guy before you but as the admin - It's all your fault.

I'm sure that this network is not secure. I know that users can access things on the network they shouldn't. I'm working on this and many other projects. When luser A tells me luser B read their review. It will be my fault.

[Tiger Shark]

Dino: Can you see the difference between the admin in the original thread, MrCoffee and yourself?

The admin of he original thread and MrCoffee both placed the blame firmly at someone elses door when clearly it was the two of them in the wrong. You aren't blaming anyone and you are working to fix or have already fixed the issues you have inherited. Ok, you had a lapse of judgement re: the luser who booted with the floppy disk. You admitted it was your fault - Bravo..... Next time, log it all - remove his connection at the switch and wait for his supervisor to call. When they do simply tell them that it is your responsibility to protect the network and that is exactly what you are doing. After some negotiation you can let the luser back on the network with the strict rule that if he "plays" _once_ more he is off for good.

Don't worry, you'll be a fine admin......

[dinowuff]

Tiger Shark:

I guess that was my point. Every admin makes mistakes and has to own up to them. I've been working in this field for almost 25 years. The admins/managers/directors I've come into contact with - that placed blame on someone else; did not have even the basic networking knowledge or skills needed to prevent or fix what ever issue arised. There wern't many but everyone runs into at least one blamer.