I'd also disable his ability to download ANYTHING from the internet, and
disable the local floppy and CDROM so nothing can be installed without him
using his network permissions - which should be tightened like a thumbscrew.
----- Original Message -----
From: "Brian Steele" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 09, 2000 4:41 PM
Subject: Re: [OT] L0pht crack policy
> What surprises me is this doofus is still working for your company!
>
> Do the PCs remain under IS control? If so, personally I'd configure his
NT
> account so he can only log on at his PC - then retrieve his PC until an
> explanation is forthcoming FROM HIS MANAGER about his practices.
>
> And how come he's able to log on to your servers to install software?
> Aren't those locked away from such access? If not, shouldn't they be?
>
>
> Brian Steele
>
>
>
> ----- Original Message -----
> From: "Jesus Gonzalez" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, June 09, 2000 3:27 PM
> Subject: [OT] L0pht crack policy
>
>
> > Hi All,
> > please excuse this message since it's a bit off topic, but I could use
> your
> > expert opinions to give me some backup.
> >
> > There is a programmer in our company who seems to think that he is above
> all
> > of our policies and procedures. Yes, he is a new guy but has endeared
> > himself to his manager (as the Director of IT, I report to someone else
> > entirely). He's continusouly installing applications on his machine and
> the
> > servers because he says he needs them, even though policy clearly states
> > that only IT is allowed to install authorized applications on all
> > workstations, and certainly the servers. He even changed the local
admin
> > password and refused to give it to us, and he's password protected his
> bios.
> > That stunt earned him a fresh image and a CMOS clear and OUR password in
> the
> > bios.
> > So we finally had no choice but to lock his system down (a Win2K box)
and
> > not give him the local admin password so he can't install anything.
> > Naturally we were well aware of programs like l0phtcrack and others to
> break
> > the admin password, but never though he'd resort to it. Sure enough,
he's
> > downloaded it, and while he's been out of town, he's yet to use it.
He's
> > also downloaded the Win2K high encryption pack, my guess is that he
> intends
> > to crack and change the local admin password, then install the HE pack
in
> > hopes of preventing us from doing what he just did (can you say
REimage).
> > It's stupid, I know. And I can't believe I'm having this battle.
> >
> > I would like to know what policies people have in place for users who
> > attempt to crack passwords using such tools? When I spoke to HR and
spoke
> > in general terms, the Director said she would fire anyone who did that.
> > When I told her who it was, she backed off and said 'oh, that will be
> > tough'. I guess I'm just looking for others who have dealt with this,
or
> > who have clear and tested policies in place so that I may have something
> to
> > back me up when push comes to shove.
> >
> > Thanks in advance!
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
