How to show problems with bad security???

[fraggin]

The sad/informational part about this post is that this is an issue that many people face daily.
Generally it happens when an upper manager leaves and has to be replaced and HR is looking for someone that will have a good attitude and keep moral up as they roll in for the first day. But this is usually mistaken first off by "Well, He's a great guy, Very outgoing and intelligent" Well, duh, he was in a ....Job....Interview. So then you have a kiss ass at the top with no technical skills running the show. Generally, the guys with the skills under him will usually just kind of "give up" and just come to work to make a paycheck instead of being proactive in anything anymore. We face this type of situation because not only is the IT market soft (picking back up though) you have people from all fields trying to get in IT and it's becoming a market that is saturated with Idiots and Paper Tigers. Now days, those who can kiss ass the best and dress the best and those who hob knob it with the upper management are the ones that get the big bucks. The people with the skills are the ones that make these kinds of people look good. (In most cases of course, There are still a handfull of REAL IT Depts. out there) But this post is truly a type of scenario that many face daily and it is one that will cause someone to quit there job even if they cannot afford to. I had a co-worker that was an excellent technician that quit his job for reasons such as this. They re-organized the dept. and he wasn't the tech in the lime-light anymore and he got a really really nasty attitude and he quit just because he felt so much rage at work. Sad, but True.

[dinowuff]

I work in the same environment. New MCSE hired in with political guns at full blast. I just left the guy alone and he blew up the exchange servers and brought one domain to it's knees. Thought that WIS and DNS were no longer necessary. Guy still works here but he proved himself an idiot and I was directed to remove all admin rights from his account. Just give the new guy plenty of room - he'll hang himself

[bpiedlow]

Just give the new guy plenty of room - he'll hang himself...

Thats what I thought too, at first...

But he's now already caused me to have to do a preservation install of UNIX once (because he wrote over my backup tapes the same week our ODM became corrupted).

He's brought our warehouse printing to a stop for most of a day because he decided he was going to run something on the server despite the fact that both I and the manager had asked him not to run it (which is big deal to not be able to print packing slips when your sending out thousands of orders each day).

Etc, Etc, etc...

Yet the manager just keeps letting him barrel through it -

So then you have a kiss ass at the top with no technical skills running the show. Generally, the guys with the skills under him will usually just kind of "give up" and just come to work to make a paycheck instead of being proactive in anything anymore.

Ain't that the truth, I'm so close to giving up and letting it all just break around him - but I'd really rather not have to pick up the pieces once he's done... What makes it worse, is that I truelly 'like' the company I work for and what we do here, and I don't want to see it suffer due to this idiot...

RRP

[fraggin]

Originally posted here by dinowuff
Just give the new guy plenty of room - he'll hang himself

True. I've seen this happen first hand. When you have someone in your Dept. that is always quick to "pull the trigger", you find that when you step in and interviene, not only are you saving the company from a hardship, but you are also helping that certain someone not look like an idiot and hence they keep their job longer. Eventually this becomes a frustrating cycle and you will find that if you continue to do things "in the best inerest of the company" you will always face ridicule, confrontation and technical arguments. Sometimes it is just easier to let people break things and then fix them. I'm really disapointed that this type of scenario happens more oftent than it used to.

Originally posted here by bpiedlow
What makes it worse, is that I truelly 'like' the company I work for and what we do here, and I don't want to see it suffer due to this idiot...
RRP

I've watched others deal with a situation like this and usually the best thing to do is to get a job lined up before you get disgruntled. Once you have a job lined up, you can either move on, or jump the chain of command and see how much you can get done, and if you face ridicule at that point, at least you can roll out.......

[S3cur|ty4ng31]

Ok the most interesting part of this thread for me at least is the 13 year old with an external key logger...

"The external keyboard logger he used was an entire keyboard, similiar in make to one I use,,he didnt use the 3 inch external keyloggers that you attach to keyboard..."

#1 what the heck is that?????? I thought loggers where generally software to log your keys, what did he have another keyboard that when you pressed a key it mimicked it?

#2 what are they teach 13 year olds now adays? even though he flamed on the response it was still rather technical, and the fact that he assigned negative points to people and had spelling and formatting perfect are amazing

are you sure you werent having a bad day and flamed and then felt bad? its ok if you did, we all do it

[nihil]

Oh Dear,

It has descended to that has it..............it usually does: professionals versus politicians...........I have just polished my bayonet and fixed it after annointment with garlic.


bpiedlow.................just tell me where you want the "thin red line"...we're in Iraq with you, I see no reason to stop there?

Seriously, you might try sounding out the Users ( yeah, yeah I now go to wash my mouth out with soapy water)............I once had a beautiful experience (and I was stone cold sober!)...EVP Finance turned to the guy and said "if Johnno had been in charge, it would have been done six weeks ago and done properly"................

Sometimes the pains in the ass are a help, because they respect the years of duty, not the BS


Bloody good luck to you mate.........that's all I can say

cheers

[SodaMoca5]

I am going to say a couple of things.

First, all those posting, there is still the possibility that this is a Social Engineering attempt to get information from us on how to hack/crack a server (no offense Pie, I merely mention the very real possibility). For this reason I am most pleased to see the two pieces of advice that make the most sense: Vulnerability Scanner and Research from Respected Sources.

First get documentation on known vulnerabilities from respected sources. SANS institute is excellent and also from Microsoft themself. They openly publish procedures to secure their servers, warn against unsecured servers, and have tools to help out (i.e. iislockdown). Have these prepared.

Then, if possible, run a vulnerability scan. Present these to your manager in a supportive manner but make sure the documentation is delivered and that he is a signatory that it has. Keep one copy to CYA. If he fails to see the danger from the other failures of this guy and does not accept industry standard then, since he is your boss, all you can do is document your warnings. Saved E-mails, the affore mentioned presentation, etc. all can go to ensuring that if something happens you are as covered and protected as possible. However, he is the decision maker and probably controls your raises and promotions so I would be very careful about openly defying him.

One last thing, if he is taken in with certifications then get some. Get an A+, MCP, or work towards a Sec+. I am not saying certifications will make you a better employee or more knowledgeable (although you may learn something studying for them) but they may make you more credible in his eyes and in the eyes of his bosses. A few letters after you name never hurt.

[Fred Brown]

dpiedlow,
I know I pm'd you before, if I'm reading you right,
'He's brought our warehouse printing to a stop for most of a day because he decided he was going to run something on the server despite the fact that both I and the manager had asked him not to run it '
Maybe your boss isn't so buddy, buddy after all with this guy. Maybe he's waiting for you to do your job and show this guy wrong, so he can take it to his boss and say this brother-in-law you gave me is an idiot and he's fired. So, get in there and get it done and come back and tell us how it went. Good Luck and let AO be with you or is that the force. I never could that right.

Freddy

[nihil]

Hey Guys, I must be the biggest cynical old fart on AO?

But I believe this guy is genuine..............he talks "too good a job" for someone wanting to hack a server..............hell I could go on the "darkside" and get a shedload of tools/bots/viruses etc........................we all could.

It is my personal belief that this is a genuine request for help, from a fellow professional, and I think that Fred Brown might have a better insight as to why..........................not often you see senior people like his boss, hell bent on professional suicide?..................."after a while he will get tired and the Colt .45 auto will fall from his hand"..........................??????????????

Also, his objections are "professionally correct" IMHO..........he is not a "jobsworth" complaining about being replaced by a newer model..........his objections are legit....and if they are not the truth, then the answers we have been giving are totally useless???

This one sounds spot on to me.............but I have been there so maybe I am prejudiced?

I still believe in supporting him to the best of our collective ability................and I now have the bayonet in horse droppings

Good luck to all

johnno

[bpiedlow]

Dang, I didn't realize just how open he really left this server...

After running MS's baseline security analyser (thanks again catch) it shows;
- not only has IISlockdown not been ran
- Telnet is installed and running on default settings
- SMTP is installed and running on default settings
- multiple critical security updates are missing
- etc
- etc
- etc

It was enough for the new manager to comment - but I don't think its helped much more then that... I guess I can to wait and see if he creates any kind of action item from it, but I'm having my doubts these days...

RRP