Re: Consultant PC on your network

+1 Sent from my Verizon Wireless BlackBerry -Original Message- From: Jeff Johnson jjohn...@hydraflowusa.com Date: Mon, 7 Dec 2009 09:04:24 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: RE: Consultant PC on your network I have set up a completely independent

Re: Consultant PC on your network

To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: RE: Consultant PC on your network Is there really a concern if the user never authenticates with a domain controller and thus doesn't have permissions to do anything? -- Dennis Krebs 610-696-7700 x193 From: David Lum

Re: Consultant PC on your network

(Desk) 971.222.1025 // (Cell) 503.267.9764 From: Dennis Krebs [mailto:dennis.kr...@advancedav.com] Sent: Monday, December 07, 2009 1:30 PM To: NT System Admin Issues Subject: RE: Consultant PC on your network Is there really a concern if the user never authenticates with a domain controller

Re: Consultant PC on your network

+10 --Original Message-- From: Kurt Buff To: NT Issues Subject: Re: Consultant PC on your network Sent: Dec 7, 2009 5:33 PM Heh. I don't. I get paid to do the best job I can, given the resources at my disposal. If they want perfection, they'll have to look elsewhere, I sure ain't

Re: Consultant PC on your network

Techie Rule #64 You must always set expectations lest they be erroneously set for you. --Original Message-- From: Charlie Kaiser To: NT Issues ReplyTo: NT Issues Subject: RE: Consultant PC on your network Sent: Dec 7, 2009 5:32 PM I didn't say we were. Just that they expect it from us

Re: Consultant PC on your network

We have a guest wireless access point in our DMZ for this, all they get is internet access from the DMZ and nothing on our network. Guest ID's expire at the end of the work day. On Mon, Dec 7, 2009 at 10:44 AM, David Lum david@nwea.org wrote: What process do you guys use for allowing a

RE: Consultant PC on your network

Do you issue them ID's individually? How does that work? From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Tuesday, December 08, 2009 5:50 AM To: NT System Admin Issues Subject: Re: Consultant PC on your network We have a guest wireless access point in our DMZ for this, all they get

RE: Consultant PC on your network

+1 The only exception is our security auditors for our computers and network. From: jjohn...@hydraflowusa.com To: ntsysadmin@lyris.sunbelt-software.com Date: Mon, 7 Dec 2009 09:04:24 -0800 Subject: RE: Consultant PC on your network I have set up a completely independent network

RE: Consultant PC on your network

Is he just checking his email or is there more to it than that? I little more context would be good. -- Mike Gill From: David Lum [mailto:david@nwea.org] Sent: Monday, December 07, 2009 8:45 AM To: NT System Admin Issues Subject: Consultant PC on your network What process do you

RE: Consultant PC on your network

Patch level and AV. If his does not meet your level issue him one of your workstations or laptops to do his work. Mike Original Message: - From: David Lum david@nwea.org Date: Mon, 7 Dec 2009 08:44:34 -0800 To: ntsysadmin@lyris.sunbelt-software.com Subject: Consultant PC on

RE: Consultant PC on your network

my network. Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax -Original Message- From: mse...@ont.com [mailto:mse...@ont.com] Sent: Monday, December 07, 2009 8:57 AM To: NT System Admin Issues Subject: RE: Consultant PC on your network Patch level and AV

RE: Consultant PC on your network

We have to have Laptops for them, we are not allowed to let equipment from outside our org to attach to our wire without great exception. We currently have one multi-million dollar project and those consultants each have a Project Laptop to use. They hate that because they usually have their

Re: Consultant PC on your network

We did what Terry did with spare desktops. Also setup wired and wireless internet only access outside our firewall. So far, no exceptions have been required. Our policy is very strict and we have separate labels on the conference jacks for company equipment and for outside equipment - also have

RE: Consultant PC on your network

I don't allow it. I provide a 4-5 year old laptop for them and a user account that is LOCKED DOWN. :) From: David Lum [mailto:david@nwea.org] Sent: Monday, December 07, 2009 11:45 AM To: NT System Admin Issues Subject: Consultant PC on your network What process do you guys use for

RE: Consultant PC on your network

EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Monday, December 07, 2009 8:52 AM To: NT System Admin Issues Subject: RE: Consultant PC on your network Is he just checking his email or is there more to it than that? I

Re: Consultant PC on your network

I don't. Period. End of story. On Mon, Dec 7, 2009 at 08:44, David Lum david@nwea.org wrote: What process do you guys use for allowing a consultant to put their PC on your “wire”? Surely there are some questions needing to be asked, like does it have AV and is patched, probably need to

Re: Consultant PC on your network

I have a wireless router out in the DMZ for this type of thing. - Original Message - From: Kurt Buff kurt.b...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, December 07, 2009 2:46 PM Subject: Re: Consultant PC on your network I don't. Period

Re: Consultant PC on your network

, 2009 2:46 PM Subject: Re: Consultant PC on your network I don't. Period. End of story. On Mon, Dec 7, 2009 at 08:44, David Lum david@nwea.org wrote: What process do you guys use for allowing a consultant to put their PC on your “wire”? Surely there are some questions needing to be asked

RE: Consultant PC on your network

Message - From: Dennis Krebs [mailto:dennis.kr...@advancedav.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Mon, 07 Dec 2009 13:29:32 -0800 Subject: RE: Consultant PC on your network Is there really a concern if the user never authenticates with a domain

RE: Consultant PC on your network

) 971.222.1025 // (Cell) 503.267.9764 From: Dennis Krebs [mailto:dennis.kr...@advancedav.com] Sent: Monday, December 07, 2009 1:30 PM To: NT System Admin Issues Subject: RE: Consultant PC on your network Is there really a concern if the user never authenticates with a domain controller and thus doesn't

RE: Consultant PC on your network

: Consultant PC on your network Is there really a concern if the user never authenticates with a domain controller and thus doesn't have permissions to do anything? -- Dennis Krebs 610-696-7700 x193 From: David Lum [mailto:david@nwea.org] Sent: Monday, December 07, 2009 11

RE: Consultant PC on your network

To: NT System Admin Issues Subject: RE: Consultant PC on your network Yes. If they're running a DHCP service it could cause havoc, for example. Your machines suddenly get IP's and DNS from this rogue machine and presto, no more name resolution for those machines which will break plenty

Re: Consultant PC on your network

ROFL! Dude, bots and worms on infected laptops are one of the biggest infection vectors on company networks. Those things are just *looking* for other machines to hammer on. And that's aside from the issue of moronic consultants and such who will surreptitiously scan your subnets - just looking

Re: Consultant PC on your network

... *** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *** -Original Message- From: Dennis Krebs [mailto:dennis.kr...@advancedav.com] Sent: Monday, December 07, 2009 2:30 PM To: NT System Admin Issues Subject: RE: Consultant PC on your network

RE: Consultant PC on your network

, December 07, 2009 2:34 PM To: NT System Admin Issues Subject: RE: Consultant PC on your network Yes. If they're running a DHCP service it could cause havoc, for example. Your machines suddenly get IP's and DNS from this rogue machine and presto, no more name resolution for those machines

RE: Consultant PC on your network

[mailto:kurt.b...@gmail.com] Sent: Monday, December 07, 2009 2:56 PM To: NT System Admin Issues Subject: Re: Consultant PC on your network IPSec is all good, until you get someone on the network with a weaponized worm that spreads through unpatched machines - like slammer, or anything that talks

Re: Consultant PC on your network

info being passed out. -Original Message- From: Charlie Kaiser [mailto:charl...@golden-eagle.org] Sent: Monday, December 07, 2009 4:34 PM To: NT System Admin Issues Subject: RE: Consultant PC on your network Or even better; DNS for google or internet now goes to some malware site

Re: Consultant PC on your network

...@golden-eagle.org Kingman, AZ *** -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, December 07, 2009 2:56 PM To: NT System Admin Issues Subject: Re: Consultant PC on your network IPSec is all good, until you get someone

Re: Consultant PC on your network

On 7 Dec 2009 at 9:04, Jeff Johnson wrote: I have set up a completely independent network for outside guests. This is a completely unsecure network that I waste NO time maintaining. All I do is tell them the non-broadcast SSID. Agree that this is a good way to. A segregated VLAN can also

RE: Consultant PC on your network

: Consultant PC on your network On 7 Dec 2009 at 9:04, Jeff Johnson wrote: I have set up a completely independent network for outside guests. This is a completely unsecure network that I waste NO time maintaining. All I do is tell them the non-broadcast SSID. Agree that this is a good way

RE: Consultant PC on your network

, 2009 4:23 PM To: NT System Admin Issues Subject: Re: Consultant PC on your network On 7 Dec 2009 at 9:04, Jeff Johnson wrote: I have set up a completely independent network for outside guests. This is a completely unsecure network that I waste NO time maintaining. All I do is tell them

RE: Consultant PC on your network

Subject: Re: Consultant PC on your network It only takes one slipup... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~

RE: Consultant PC on your network

Admin Issues Subject: RE: Consultant PC on your network I had an employee plug in a Linksys wireless device once... brought down a whole office due to wrong DHCP info being passed out. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com

Re: Consultant PC on your network

? :-) *** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *** -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, December 07, 2009 3:18 PM To: NT System Admin Issues Subject: Re: Consultant PC on your network It only

RE: Consultant PC on your network

Subject: RE: Consultant PC on your network Save to flash drive and have someone else print it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~

RE: Consultant PC on your network

Admin Issues Subject: Re: Consultant PC on your network Heh. I don't. I get paid to do the best job I can, given the resources at my disposal. If they want perfection, they'll have to look elsewhere, I sure ain't it. Kurt ~ Finally, powerful endpoint security that ISN'T a resource

Re: Consultant PC on your network

...@golden-eagle.org Kingman, AZ *** -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, December 07, 2009 3:34 PM To: NT System Admin Issues Subject: Re: Consultant PC on your network Heh. I don't. I get paid to do the best job I can, given