Re: Hacked Workstations

From: megascout29 (megascout29_at_discussions.microsoft.com)
Date: 03/01/05 

Date: Mon, 28 Feb 2005 16:09:02 -0800

One of the problems is that they do this to a computer off in a corner. Then
load a packet sniffer on it and just let it run all night. Or they will do it
to an often used workstation and put a keystroke logger on it.

They don't seem to mess with the computers that they do their work on.
Instead they mess with other computers that either nobody uses or that other
people use. So if it is denied access to domain resources they don't care,
they already put their keylogger or sniffer on it.

"Steven L Umbach" wrote:

> There is nothing you can do as long as they are allowed to boot from these
> devices. Now depending on what they are doing you still may have ways to
> control them, particularly if this is an Active Directory domain and you can
> upgrade to XP Pro which allows the use of Software Restriction Policies
> which can also restrict a local administrator as long as the computer
> remains a member of the domain. A local administrator could always unjoin a
> computer from the domain, but you could make sure they can not rejoin it to
> the domain which could deny them to domain resources they may need and show
> them how smart they really are. If the school is making over ten thousand
> dollar profit per student I am sure they could afford the upgrade to XP
> ro. --- Steve
>
>
> "megascout29" <megascout29@discussions.microsoft.com> wrote in message
> news:A5453D39-5A91-4868-B22C-BDD540806F12@microsoft.com...
> >I work at a school where students have been booting off Linux CDs and
> > deleting the SAM and booting off NT password reset floppies to delete the
> > admin password.
> >
> > For reasons beyond my control we have to give the students the ability to
> > boot off of floppies and CDs.
> >
> > My question is how can we stop this from happening?
>
>
>

Relevant Pages

  • Re: Hacked Workstations
    ... > I work at a school where students have been booting off Linux CDs and ... > deleting the SAM and booting off NT password reset floppies to delete the ... > For reasons beyond my control we have to give the students the ability to ...
    (microsoft.public.win2000.security)
  • Hacked Workstations
    ... I work at a school where students have been booting off Linux CDs and ... deleting the SAM and booting off NT password reset floppies to delete the ... For reasons beyond my control we have to give the students the ability to ...
    (microsoft.public.win2000.security)
  • Re: Hacked Workstations
    ... There is nothing you can do as long as they are allowed to boot from these ... >I work at a school where students have been booting off Linux CDs and ... > deleting the SAM and booting off NT password reset floppies to delete the ... > For reasons beyond my control we have to give the students the ability to ...
    (microsoft.public.win2000.security)
  • Re: Hacked Workstations
    ... >>I work at a school where students have been booting off Linux CDs and ... >> deleting the SAM and booting off NT password reset floppies to delete the ... >> For reasons beyond my control we have to give the students the ability to ...
    (microsoft.public.win2000.security)