Work tracking internet history?

Heh, they certainly keep me on my toes, but it definitely helps you improve your GPO knowledge quickly when you have to figure out how to lock everything down so securely!

And I'm the clueless one? If you're talking like GPO is the be all and end all and infallible then I'd suggest that moniker fits you better.

http://blogs.technet.com/b/markruss...4/30/circumventing-group-policy-settings.aspx

This bit is especially interesting given all the hot air you've been puffing...

Group policy settings are an integral part of any Windows-based IT environment. If you’re a network administrator you use them to enforce corporate security and desktop management policy, and if you’re a user you’ve almost certainly been frustrated by the limitations imposed by those policies. Regardless of which you are, you should be aware that if the users in your network belong to the local administrator’s group they can get around policies any time they want.

This demonstration highlights the fact that networks that run with users as local administrators have no way to police the usage of their computers.

Hence, granting myself as a local admin makes your GPOs effectively useless.
 
Last edited:
Hence why the group is usually very highly protected in most environments where security is of real importance, not just because of a precious sysadmin :)
 
I work in Network Security and have done for many companies (and I'm not talking about those with say <200 employees). Yes your browsing is logged - normally by a proxy which will have a whitelist/blacklist setup with the options of manually opening up the odd site on request (normally these are 3rd party subscriptions installed on the devices). These catagories are updated by some of the big content inspection companies and generally stop you from visiting stuff you really shouldnt be (not on work kit anyway).

so heres the thing - logs exist that can implicate you if you have been naughty which as people point out nobody generally looks them. The day some manager takes a dislike to you or has some reason to ask if there is a problem with your browsing habits then a quick report will tell them.

If you get your job done then I dont see a problem - everybody surfs the web (if available). But given as part of your employment you would have signed up to some form of acceptable use policy if someone wants to dig out your network habits they normally can
 
Last edited:
And all this other nonsense with GPO and admin accounts. Many people have found ways around security implemented in a corporate environment - nothing is that secure that someone doesnt know the local admin password or have a work around for GPO etc etc

the reality is - you make a change or circumvent your privileges and cause a problem large enough for someone to have to apportion blame then you can hand in you badges at the reception.
 
yes it is a bit boring - what ever barriers a company puts up to tie their users down that acceptable IT usage policy will bang anyone to rights who is clever enough to get round them.
 
And all this other nonsense with GPO and admin accounts. Many people have found ways around security implemented in a corporate environment - nothing is that secure that someone doesnt know the local admin password or have a work around for GPO etc etc

the reality is - you make a change or circumvent your privileges and cause a problem large enough for someone to have to apportion blame then you can hand in you badges at the reception.

Fully agree, but the odd thing is whenever a hacker is featured in the news the first thing people say is how many jobs he'll get as a result. So it seems ironic that in this cases so many people are clambering for people to be fired.

If any of the former company's IT departments had dobbed me in for having and Admin account, I would have simply made sure their bosses knew how weak their security was in the first place and ask then how well they are doing their job.

There was a brilliant line on TV the other day, "When a thief breaks into a warehouse whilst the manager is out taking a dump which one of those two isn't doing his job?" The thief whose job it is to steal or the manager whose job it is to protect the warehouse?
 
Last edited:
I agree with your thinking that anyone with "hacker" grade skills is normally picked up to help develop security

Nothing in this thread suggests that this level of skill is achieved
 
I agree with your thinking that anyone with "hacker" grade skills is normally picked up to help develop security

Nothing in this thread suggests that this level of skill is achieved

The principle is the same though.

If Head of IT tells the board he has implemented all the security they need and their network is super secure only for it to transpire than some guy has in fact had an admin account for months and been installing all manner of software on his PC do you just sack the guy and carry on believing the IT manager's word again (despite being proven untrue) or do you fire the IT manager and hire the guy who beat his security?

Don't forget, we're all PC enthusiasts so it's easy to joke about how upgrading a windows account isn't "real" hacking but to a layman (like most Managing Directors are unless the company itself is an IT one) all they know is someone with geeky skills has managed to do something that someone with supposedly superior geeky skills said couldn't happen.
 
Fully agree, but the odd thing is whenever a hacker is featured in the news the first thing people say is how many jobs he'll get as a result. So it seems ironic that in this cases so many people are clambering for people to be fired.

If any of the former company's IT departments had dobbed me in for having and Admin account, I would have simply made sure their bosses knew how weak their security was in the first place and ask then how well they are doing their job.

There was a brilliant line on TV the other day, "When a thief breaks into a warehouse whilst the manager is out taking a dump which one of those two isn't doing his job?" The thief whose job it is to steal or the manager whose job it is to protect the warehouse?

1) Your not hacking, your a script kiddy. Sticking in a CD/USB to boot a few programs written by soemone else is not hacking anymore than me ordering a pizza is making me an itallian chef.

2) Back to the original topic. Everything you have mentioned is a sackable offense at pretty much any company with any sort of IT. And some of it, down right illegal.
 
1) Your not hacking, your a script kiddy. Sticking in a CD/USB to boot a few programs written by soemone else is not hacking anymore than me ordering a pizza is making me an itallian chef.

I've never claimed I was a 'hacker' :confused:

But, given the media regard anyone who can phone a mobile and try the default password to get into their voice mail as 'hacking' then the word has a pretty low level of entry.
 
The principle is the same though.

If Head of IT tells the board he has implemented all the security they need and their network is super secure only for it to transpire than some guy has in fact had an admin account for months and been installing all manner of software on his PC do you just sack the guy and carry on believing the IT manager's word again (despite being proven untrue) or do you fire the IT manager and hire the guy who beat his security?

Probably fire both as business relationships are based on trust.
 
I've never claimed I was a 'hacker' :confused:

But, given the media regard anyone who can phone a mobile and try the default password to get into their voice mail as 'hacking' then the word has a pretty low level of entry.

You hinted at it when you said hackers get job offers.

No competent IT manager would say their network is inpenetrable. Obviously physical access will almost (baring thin-clients and dumb terminals) always trump remote. That is why the company always makes it clear in agreements, employment contracts and handbooks that you can't do that stuff.

What the news reporters say to the general public and what is said within corporate environments are very different. Just because the BBC call someone a phone hacker doesnt make it true.
 
The principle is the same though.

If Head of IT tells the board he has implemented all the security they need and their network is super secure only for it to transpire than some guy has in fact had an admin account for months and been installing all manner of software on his PC do you just sack the guy and carry on believing the IT manager's word again (despite being proven untrue) or do you fire the IT manager and hire the guy who beat his security?

Don't forget, we're all PC enthusiasts so it's easy to joke about how upgrading a windows account isn't "real" hacking but to a layman (like most Managing Directors are unless the company itself is an IT one) all they know is someone with geeky skills has managed to do something that someone with supposedly superior geeky skills said couldn't happen.

Unfortunately it will go like this - Head of IT had made a promise to the board everything is in place, someone has a local admin account and tries to "fix" something locally but in the meantime changes a setting which causes a problem. After some troubleshooting and when the Head of IT finds out - you will be frog marched to the door and those loopholes closed after the IT team analyse what you have done. You need to know your place in a company - no one at the managerial level is going to fall on his sword for someone who has given themselves a backdoor into the IT system and broken something
 
When someone has physical access to a machine you always presume its insecure, hence why data is kept on network servers locked away (hopefully!!) among other reasons. Linux servers are unbelievably easy to gain root access, does that make them insecure?

that aside, local admin means nothing, come back when its domain admin.
 
Quick question for the guru's reading this

oph crack , is there something better than this for retrieving windows passwords ?

I tried it yesterday on a Xp machine , it was able to read out simple passwords
but it could not crack any accounts with complex ones 7 or 14 random chars
 
You hinted at it when you said hackers get job offers.

No competent IT manager would say their network is inpenetrable. Obviously physical access will almost (baring thin-clients and dumb terminals) always trump remote. That is why the company always makes it clear in agreements, employment contracts and handbooks that you can't do that stuff.

What the news reporters say to the general public and what is said within corporate environments are very different. Just because the BBC call someone a phone hacker doesnt make it true.

Well technically the media are more right than you. Only in geek circles does the word 'hacker' become a word only to describe super high level system manipulation. In reality, the word 'hacker' just means anyone that has gained unauthorized access (regardless of the method used).

Definition of hacker
noun
1a person who uses computers to gain unauthorized access to data.
informal an enthusiastic and skilful computer programmer or user.
 
Back
Top Bottom