homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums!


  New Poll  
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums!   » The Archives   » The Big Archives   » Network usage rules

 - UBBFriend: Email this page to someone!    
Author Topic: Network usage rules
Mr Bill
Assimilated
Member # 553

Member Rated:
5
Icon 5 posted March 24, 2003 20:33      Profile for Mr Bill     Send New Private Message       Edit/Delete Post 
Things have been slow at work recently (somedays 30 minutes between support calls, so most of us have either brought books or surf while waiting. I thought this would be an excellent time to catch up on the message boards, but as I was logging in to my machine last week one of the network support guys announced that we were no longer allowed to go to "inappropriate" sites, such as forums, IM or webmail.
After the initial "What the hell!?", my rational mind kicked in and I realized that with the customer info floating around the building, it's a reasonable rule.
In the past I have worked at places where as long as you didn't bring down the network, they didn't care what you did.

So here's the question:
What is the harshest|silliest|most lax network usage rule you have personally (*) experienced, and what was the reasoning behind it?


* please keep urban myths to at least two degrees of separation, thank you.

--------------------
Will work for taglines...

Posts: 378 | From: Down the hall, second door on the right | Registered: Oct 2000  |  IP: Logged
Tut-an-Geek

SuperFan!
Member # 1234

Icon 1 posted March 25, 2003 03:24      Profile for Tut-an-Geek   Author's Homepage     Send New Private Message       Edit/Delete Post 
"No, you may not change the printer to the one in the hallway, yes I know you are trying to print a project that you really need....:"
I was tryign to add the printer in the hall to one of the library computers because the library printers were down and she threataned to have my network access suspended

Posts: 3764 | Registered: Mar 2002  |  IP: Logged
Tut-an-Geek

SuperFan!
Member # 1234

Icon 1 posted March 25, 2003 03:26      Profile for Tut-an-Geek   Author's Homepage     Send New Private Message       Edit/Delete Post 
Oh, by the way, here's what you do to get arround it:
If you have a proxy server there that requires all traffic to be on port 80, too bad for you...
otherwise..
set up an secure proxy on your home computer
forward all of your web traffic to the secure proxy.
now all that the netadmin sees is a helluvalotta traffic to a secure proxy, but doesn't see what it is [Smile]

Posts: 3764 | Registered: Mar 2002  |  IP: Logged
supaboy
SuperFan!
Member # 183

Member Rated:
5
Icon 1 posted March 25, 2003 06:36      Profile for supaboy     Send New Private Message       Edit/Delete Post 
A long time ago, I helped a company change from DEC Pathworks to TCP/IP. One of the side effects was that Internet access was available to the computers which had been converted. The first thing one group of ladies asked me was, "How do you find pictures of naked people?"

So I said, "You did not hear this from me." And then I showed them how to use a search engine (probably AltaVista- this was pre-Google) with the terms "naked people". This was enough to find some images. I told them they could probably get more interesting (to them) results if they searched on "gay porn" but I wasn't about to provide that level of customer service.

Eventually, that company implemented a content filter. It was sort of a sport for me to circumvent the filter. For example, you couldn't go to www.playboy.com but you could go to playboy.com's IP address without trouble. I speak enough Spanish to bumble around web sites written in it, and interest in porn is universal, so foreign-language sites were another way. Then, there were also any number of web proxies such as Babelfish and the Encheferizer which provided the content but appeared to come from someplace not banned.

One of the other techs got mad at the filter one day. It wouldn't let him go to a Star Trek fan site, and he was a Trekker of the first degree. We asked him what the message was. He said it was banned because it was "cult related", and got his rant on. Another tech stopped him and said, "Look at yourself, man! Do you think maybe that's why they have Star Trek listed as a cult?"

Now I am a system administrator at a different place. For the most part, I don't care what the client machines do. NNTP and some IM systems are blocked at the firewall, but if IM interferes with work then that's a personnel problem not a technical one. If I see stuff like Bonzi Buddy or Gator, though, I usually uninstall it. Mostly I'm just happy if the antivirus and OS patches are updated regularly, though.

Posts: 1767 | From: Columbia, SC USA | Registered: Jan 2000  |  IP: Logged
Lex
Uber Geek
Member # 835

Member Rated:
5
Icon 1 posted March 25, 2003 13:11      Profile for Lex   Author's Homepage     Send New Private Message       Edit/Delete Post 
Yes, you can have the Administrator password for all the highschool NT domains. Yes, you can have the master keycard to the school to get into any room you want at any time. No, you may not have the web filter bypass password for such unimportant things as downloading Winzip or other utilities. Very silly. Not that it stopped me, of course, but it doesn't hurt to ask first. Generally.

--------------------
Your conviction that there is a monster under the bed would be a mere eccentricity if you weren't so heavily armed and it was your own bed.

Posts: 977 | From: University of Florida | Registered: Jul 2001  |  IP: Logged
Tut-an-Geek

SuperFan!
Member # 1234

Icon 1 posted March 25, 2003 16:25      Profile for Tut-an-Geek   Author's Homepage     Send New Private Message       Edit/Delete Post 
quote:
Originally posted by Lex:
Yes, you can have the Administrator password for all the highschool NT domains. Yes, you can have the master keycard to the school to get into any room you want at any time. No, you may not have the web filter bypass password for such unimportant things as downloading Winzip or other utilities. Very silly. Not that it stopped me, of course, but it doesn't hurt to ask first. Generally.

Hmmm
The idiot librarian wrote the "Foolproof security" password on a sticky on one of the library computers...
There are actually two proxies at our school, an old one, and a new one. The old one is a tad slower, but the new one has a filter on it, the old one doesn't [Smile]
Of course, the new software also has problems sometimes staying online, while the old one is pretty much failsafe.
hmmm... not too hard.... internet options -> connections ->advanced ->change 10.1.0.1:8080 to 10.2.1.1:80
done [Smile]

I have winzip installed in my network folder, and it can run off of it [Smile]
I also have the fully contained QT6 installer, since most of them have 2.5, and that of course, will never do for power point presentations [Smile]

Posts: 3764 | Registered: Mar 2002  |  IP: Logged
GrumpySteen

Solid Nitrozanium SuperFan
Member # 170

Icon 1 posted March 25, 2003 17:42      Profile for GrumpySteen     Send New Private Message       Edit/Delete Post 
Me - "Hello [IS Helpdesk Type Person's name]. You seem to have misconfigured our web proxy this morning and blocked our access to secure web sites"

IS - "That's intentional. We don't see the need for any of the employees to access secure websites"

Me - "Our company website has secure sections that we have to access in order to actually answer customer's questions."

IS - "Oh. We'll umm... have to look into that."


(sidenote: this was the same IS person who emailed someone to tell them that their login password had been reset)

Posts: 6364 | From: Tennessee | Registered: Jan 2000  |  IP: Logged
greycat

Member # 945

Member Rated:
5
Icon 1 posted March 26, 2003 06:29      Profile for greycat   Author's Homepage     Send New Private Message       Edit/Delete Post 
A few years ago, I was a consultant for a company here in Cleveland, which no longer exists. They had a phone number (and a fax number) which began with 765-****.

While at one of the client sites, I had to fax some information back to the consulting company's office. This required using the client's fax machine. I asked the local personnel how to go about doing this, and they were happy enough to show me how. I had to dial "9", then the phone number. Standard enough, right?

It didn't work.

It turns out that their fax machine was on a telecom system which blocked any phone numbers that started with "976", because that prefix is frequently used by pay-by-the-minute phone sex organizations. But the filter was in the wrong place -- it caught the number before the leading "9" (to reach an outside line) was stripped off. When I dialed "9-765-****", the leading "976" tripped the filter, and the call was disallowed.

Yeah, this isn't really a network policy ("usage rule") issue; it's simply a blunder. But I thought it was funny. [Wink]

Posts: 1522 | From: Ohio, USA | Registered: Oct 2001  |  IP: Logged
GameMaster
BlabberMouth, a Blabber Odyssey
Member # 1173

Member Rated:
4
Icon 1 posted March 26, 2003 11:47      Profile for GameMaster   Author's Homepage     Send New Private Message       Edit/Delete Post 
A big blunder... that would also mean that they didn't block the desired numbers.

Using Novell software, in highschool, they keeped people from accessing programs by not allowing people access to file explorer and taking everything except office and Netscape out of the start menu... Well it didn't take long for the students to open word, hit file->open and then navigate to the program and run it... It did keep the TEACHERS from using programs though, because most of them weren't exsactly with it. I just used the "Run..." dialog because I knew the paths to solitare and winmine.... [Razz] Anywho... Such tight security, eh?

--------------------
My Site

Posts: 3038 | From: State of insanity | Registered: Mar 2002  |  IP: Logged
Lex
Uber Geek
Member # 835

Member Rated:
5
Icon 1 posted March 26, 2003 13:38      Profile for Lex   Author's Homepage     Send New Private Message       Edit/Delete Post 
There is/was a program called Full Armor that is supposed to prevent access to unauthorized programs and files and that sort of thing. It would even do things like encrypt the partition table or something and install a custom bootloader or something to decrypt it at boot. Only problem is that you could run nearly any program you wanted by inserting the program into a wordpad document as an OLE thingy. So, using just a basic wordprocessor, I could run the included uninstall program (normally protected in the same way as everything else) to quickly remove it. When I demonstrated this to my computer lab teacher, I didn't have to do any work for that class at all except troubleshoot.

--------------------
Your conviction that there is a monster under the bed would be a mere eccentricity if you weren't so heavily armed and it was your own bed.

Posts: 977 | From: University of Florida | Registered: Jul 2001  |  IP: Logged
Tut-an-Geek

SuperFan!
Member # 1234

Icon 1 posted March 26, 2003 17:06      Profile for Tut-an-Geek   Author's Homepage     Send New Private Message       Edit/Delete Post 
at school they use foolproof
http://www.smartstuff.com/fps/fpswin95.html
It's not that hard to get past, until you boot up to dos, (f8) and delete the C:/SSS folder
[Smile]
I don't need to bother though, seeing as teachers have let their passwords slip to me (they've told them to me straight out [Smile] )

Posts: 3764 | Registered: Mar 2002  |  IP: Logged
Noldoaran
Geek
Member # 2003

Member Rated:
5
Icon 1 posted March 26, 2003 17:18      Profile for Noldoaran     Send New Private Message       Edit/Delete Post 
quote:
Originally posted by Lex:
Only problem is that you could run nearly any program you wanted by inserting the program into a wordpad document as an OLE thingy. So, using just a basic wordprocessor, I could run the included uninstall program (normally protected in the same way as everything else) to quickly remove it. When I demonstrated this to my computer lab teacher, I didn't have to do any work for that class at all except troubleshoot.

Don't you just love how secure windows is? [Roll Eyes]
Posts: 228 | From: California | Registered: Feb 2003  |  IP: Logged
Tut-an-Geek

SuperFan!
Member # 1234

Icon 1 posted March 26, 2003 18:23      Profile for Tut-an-Geek   Author's Homepage     Send New Private Message       Edit/Delete Post 
Just the other day playing arround with net view, we found a computer named "i_like_cheeze" hehe
Posts: 3764 | Registered: Mar 2002  |  IP: Logged
AnyoneEB
Mini Geek
Member # 1456

Member Rated:
3
Icon 3 posted March 28, 2003 21:45      Profile for AnyoneEB   Author's Homepage     Send New Private Message       Edit/Delete Post 
Windows is secure enough... if you're using a multi-user version. My school has Windows 95 & 98 on all the computers, both OS's are single-user OS's that have no idea of access rights, so you can access anything. FoolProof doesn't stop much because the system is not designed for something like that to work. If you want something secure use 2k/XP, password is easy to change with a boot disk, but someone would probably notice a boot disk and a changed password, they won't notice you hitting [Logo]+[R] and running Minesweeper and minimising it when the teacher is looking.
Posts: 50 | From: Somewhere in the 4-dimentional time-space continum | Registered: Jun 2002  |  IP: Logged


All times are Eastern Time  
  New Poll   Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

© 2018 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam