Hacking

DaveH

Hi,
Just wanted to share a story, interested is there any way of catching someone with this scearnio.
A pal of mine is a network admin in a small company. He is the only network admin, but he is having a lot of issues with his manager.
Twice he has came in and his pw has been changed. He is convinced this is his manager. As he has had to go to the PDC to change is p\w, and it is only his p\w that is being changed.
Also he has an issue with the manager with regard home drives. He said that only the network admin's should have access to the home drive..but the manager wants access as they believe since its on company properity they can view what people have saved. That sounds a bit illegal to me.

anyone got any advice??

ike

The password issue seems a bit dodgy, one way to find out would be to prevent his manager's account from changing password. The really should only be one domain admin account and only used when necessary. One part of my work is AD design for about 6k users, I have a full domain admin account but rarely use it.

Regarding the home folder, the manager probably has a right to see what's there, users don't own any data on company's computers, if it is their own personal stuff it should'nt be there. Chance's its probably full of Gb's of music which at the very least is taking up storage and thereby increasing backup time.

We're currently moving away from the home folder scenario and setting it up based on department and function within that department. There should be no personal files on the network, private yes, personal no.

layke

Tell your mate to check the logs for the last time he logged in, if his manager is changing his password chances are he's logging in as him and going through his stuff. I assume, as it's company property they can request it but tbh he'd want to speak to a solicitor before that as it may come back at him. I'd say at least he'd need a letter of conecent from the person he wants to spy on (and it is the reason he wants it).

/edit

Sorry, yes they are entitled to view the home drive as it's still stored on company servers.

Static M.e.

His password is probably being changed by the manager every time he wants to look through peoples home folders.

If I was the Admin, I would give him access to the folders at the end of the month and send out an email to all staff that as of Monday management have access to your home folders, please remove any personal data, its not company policy etc

and/or if a certain manager needed a lesson, I would cause havoc the next time my password had been changed, saying that WE HAVE BEEN HACKED in the board room should do the job, start getting some figures for new security software, reviews, implementation costs, chaning all the passwords, nothing is safe etc.. Do that infront of the board and/or all the senior managers and things will change quickly one way or the other bit childish though

celt2005

Internal Company Auditing is a grey area in Law, why does,nt your mate use a USB Drive with Encryption for his data ??

Capt'n Midnight

ike wrote:

Regarding the home folder, the manager probably has a right to see what's there, users don't own any data on company's computers, if it is their own personal stuff it should'nt be there. Chance's its probably full of Gb's of music which at the very least is taking up storage and thereby increasing backup time.
...
There should be no personal files on the network, private yes, personal no.

you could run spacemonger on the drives - yer man gets a picture of who is using space and no need to go drilling down

The manager would most definitely not have a right to access HR/Payroll stuff.

If his password is changed, then he can't be held accountable for anything that happens to the system. Check the contract - perhaps the manager is in breech of it.

hmmm

DaveH wrote:

Also he has an issue with the manager with regard home drives. He said that only the network admin's should have access to the home drive..but the manager wants access as they believe since its on company properity they can view what people have saved. That sounds a bit illegal to me.

anyone got any advice??

Yes, your friend needs to get a bit of cop on because if he worked for me he would be well on the way to being fired - just because network admins have significant privileges on a network does not make them immune from the rules that govern other employees. There's no grey area here - the computer is company property and with proper notice given management have every right to view what is on it, no company can turn a blind eye to what is stored on their network.

USB key with encrypted partition? How do I as a manager know you are not walking off with our databases or storing child porn on it? If he wants to keep information personal, do it at home.

Mary-Ellen

As far as I know in Irish law employees have a reasonable expectation of privacy, however most employment contracts sort that right out :eek: and state employees have no privacy right when using company hardware

A reason for this is if anyones up to anything naughty the IP address is register to the company and it could be them that gets in trouble if they can't pin it on the particular individual. (harder than you'd think):rolleyes:

Encryption by employees is also limited in many security aware companys so your friend might want to look up company policy before using it.

If your friend wants to store stuff securely why can't they use a removable drive?

harney

It would really bother me if a manager was, for lack of a better term, sneaking around the network drives by resetting my password.

If I were your friend I would track down when and where the password changes were made. I would then try and track what their account was doing and have a chat with HR.

Same with requesting to gain access to monitor what people have on their drives. Get it cleared via HR and then grant the access the manager requires. Always make sure it is via email so nothing can come back on you mate.