Re: Unspoken Subject
- From: HACKED-OUT <HACKEDOUT@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 21 Oct 2006 11:19:02 -0700
You are correct, it was poorly documented and does sound "Out There"....
I do have the logs, History of changes and all manner of proof.. I
specified SMS
Console because I am Microsoft person, It should have stated SMS like
abilities.
As for he Linux part, There I am weak. I did have that part looked at by
someone
who does know. As for the Windows part, it gets into legal issues that
cannot be
answered here. A very basic one is Even if your Company Supplies you with
a Pc
and you have a DSL or whatcver of your own that you use for this
connection, do they have the right to "Check all the PC's on that Home Net
for their Basic Security reasons, Virus Software Etc... How Far are they
allowed to go? Can they install
Auditing software on a Private Home System to ensure the protection of
their systems.. Questions like this are at the "Root", if you will
excuse my use of the term, of the problem.
I do thank you for your honesty in your answers, What I wrote left to
many holes
and questions for anyone to answer. I will say that I was correct about
what was
happening, just didnt give all the information I should have to get a
workable solution. Since my last post, I did have an evaluation done by
someone with more knowledge and ability to use the correct software to solve
my problem. More often that not, its the PERSON behind the monitors and
keyboards that are the problem... Not the Systems. I appriciate you taking
the time to answer a dubious sounding inquiry and how to correctly post a
problem for a solution.. I can hoestly say that if I had read the post, I
would have had the same reaction. It was poorly written and sounded "over the
edge" a bit...
--
HE WHO DARES WINS
"Shenan Stanley" wrote:
HACKED-OUT wrote:
Sarb-Oxl.... Does anyone want to breech the unspoken subject and
tell me how I can block intrutions by an SMS Console to your Home
PC???
I have tried every Firewall, and Software i can get my hands on.
The biggest problem comes from the first time I get on the I-Net,
they access via just about any
port they want. It goes through Firewall like paper. I have been
told, that it can us a Tunnel in a Tunnel on 80.. Dont really
know. Once in , they take over all privledges, and then that it. I
re-load my lap-top twice a week, it takes a while for all there
stuff to load up via background x-fer.I put a program on here once
that did
verbose logging on all changes...Unbelievable...
I tried 4 different types of Linux.. Same thing...The only thing
that really slows them
down is Deep-Freeze. It takes a while to get around that one.
Suggestions??? I'm not going to get into the legality on this,
other than to say, if you
are an IS employee, have access from home via whatever.They can
access THAT PC, not all.
I have 2 broadband conns, 1 for work and 1 for home.. My Laptop
is on my Home system. Any brave soles out there wish to take this
on.And jsut so you
know, I am the only
IS person in a company of about 8,000, that has found this little
peice of artwork. Because it is high tech, but its still run by
Humans, which is where they messed up with me.. You dont assume
anything about anyone's ability.I can hold my own, but I want a
permanent solution. This ihas been going on for 5 Months, and it
is a fight, to be sure. Understand if no-one wants to touch this,
thanks for looking. I do think that too much ability was given on
this.
HACKED-OUT wrote:
I guess I need to clarify some things so you will understand better.
Clarity would be nice.
First, it is my PC, my License, I am refering to.
Okay - not a company-owned machine. Clarity.
No, I dont think something is just rebuilding my PC's from the ground up
Hmmmm.. really? You state you have tried 4 flavors of Linux and yet SMS
still takes over your machine. Assuming you mean "Systems Management
Server" and not "Short Messaging Service"... Well - that is a Microsoft
product and does not have any way to control a *nix machine.
http://www.microsoft.com/smserver/
and I also know I am not the only IS person.
True.. You posted here - I expect you wanted help from other Information
Systems' people.
What is going on is at my home, on my private PC's, on a
seperate Broadband conn.
Again - not your companies connection, computer or software...
As for how I find out how its done, is by reloading my PC 2 times
a week, watch how its done, till I get all the peices.
As for how "what" is done? Reloading your PC would be initiated by you or
someone on your home private network you have clearly stated you have -
unless you have some permanent VPN tunnel that is allowing this to happen
through the Internet and any router/firewall devices you have.
My rights are taken away on some areas and I have no control
over that Service or function.
Sounds like group policies - for sure - in Windows anyway. Do you install
some company VPN on your private machine to remote into your company
systems? If so - it is *possible* that they may gain some control in that
way.
How it gets installed is different depending on the situation. The most
common is by the Updates... A pre-arranged template or list is used to
ensure that all the right software is installed on the first couple of
updates.
Done by whom?
Unless you connect somewhere and usually initiate this (by turning on
automatic updates - for Microsoft direct updates - or running a third party
application, etc..) this is being done by you or someone behind/within your
private network.
Very common to ensure that the Volume License Holder may need
something added to their PC's that they want to make sure gets
updated . What you get is all the right parts and a small runonce file
and Ports are opened, your IP get sent to the right server and
your on your way to a totally different PC...I set up logs and all kinds
of stuff to show the process. I even have a Forenic Program that let
me see what they are putting where. The first thing that gets done is
an image is made for situations that may call for a rapid FIX.... Hard
to believe or denial is the first reaction from anyone who works with IS
....My point is that it can happen all kinds of ways, unless you just
shutoff
your PC I-Net Access....
What you describe has to be initiated by you and it would not cover all of
the operating system you have claimed to have installed on your system at
one point or another.
There are forums out there that address this all the time.
Is it right or wrong for a company to be able to do this on an
Employes's PC that has outside access.
Is it right? Well - as you would have to give them not only permission to
do so (more than likely written) and then have to connect to their system
and run something of theirs to initiate it unwisely... Right or wrong
depends on what you decided to do about all that.
Doesnt matter, they have the legal right to do so now.
But, should they be allowed to access every PC
on your Home Net to make sure that your
teen age daughter is not dragging in Viruses or whatever.
If you are connecting to my systems using your personal computer - your
rights will be greatly reduced as to what you will have access to do for the
very reason you suggest. And to find out what is being done on other
systems on your network - you HAD to install something from the company in
order to give them the rights to do so.
I have a private and a Company only Conn. I still get hacked on my
home PC's.
That sounds like a weakness in your security - not some mystery.
You ever seen a RFBluetooth program? Picks up any instance of
Bluetooth within range not matter what its on. Cell Phone, Cordless
Mouse, Keyboard... Open access's to be used
to gain entry.
....
What I was looking for was way to hold all
authority to my PC to on my account only. Can it be done?
Yes - do not install anything on it from your company - do not connect to
your company's stuff in any way from any of your privately owned systems if
it requires you to install third-party software you are not sure of. If you
do connect to your company servers in some way complaint with that - do it
as a LIMITED user on your computer - with no install rights.
I can hold the Namespace Authority, but cant hold the System or Net
Authority accounts. I know its not supposed to be done, but can it
be done? The best protection for any PC that I have found is Deep
Freeze with No executables working together. About 50 dollars for
both. Nothing will execute that you dont authorize yourself and
Deep Freeze returns the PC to the same config that it was in when
you put Deep Freeze into FREEZE Mode. Again thanks for taking the
time to read this.. Nothing stated in here is false, and I have all
kinds of Log files that show this to be honest.
Good - put them on a web page - because as it is, this sounds like a troll.
If you need to know the Why is this being done... Its because I didnt
allow my Private PC's to be accessed.
According to the Sarban-Ox risk factor Guide, that makes me a
Security risk.
Only if you decided to access company resources with said systems - you do
not have to do this.
I dont want to take this to any other Authority ... I am looking for a way
just to do this without causing problems. I you need more detailed info,
I will be happy to provide it.
Do so - on a web page with these logs and such. Again - this doesn't sound
feasible at all.
Thank you again for even taking the time to read this.
Yes - it is long.
Overall - if what you stated originally and in your repost is
happening/truthful - you are beyond your own skill level and beyond the
ability of anyone in a newsgroup to help you from here. You need someone
who can see/touch the systems in question to show you where your weaknesses
are and where the mistakes allowing this to happen to you are occurring...
What makes it difficult to believe is the lack of facts, logs, proof...
Also - the way in which it is presented reminds me of another poster on
these groups (Andrew E.) --> but I could be stretching it.
A calmer, more specific post would get better attention and have a higher
belief factor.
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
.
- References:
- RE: Unspoken Subject
- From: HACKED-OUT
- Re: Unspoken Subject
- From: Shenan Stanley
- RE: Unspoken Subject
- Prev by Date: Re: User Accounts
- Next by Date: Re: Group Policy question
- Previous by thread: Re: Unspoken Subject
- Next by thread: Re: Toggling between security configurations
- Index(es):
Relevant Pages
|
