HFX Forum

Neophyte Section => Ethics => Topic started by: wilnix on March 04, 2002, 02:39:11 PM

Title: Just Checking
Post by: wilnix on March 04, 2002, 02:39:11 PM
Is it unethical to check for simple vulnerabilities in every single network you deal with? Should I tell the Admins? Should I care?

I have root / administrator accounts in just about every network I've touched due to Lazy/Ignorant Admins. The ones that I havent added myself to are ones I am already trusted in. Is that wrong?

Wilnix
Title: Re:Just Checking
Post by: Metgod on March 04, 2002, 09:41:44 PM
Nope ! :)

I should do it more often
hehehehe
but the feds scare me big time...
hrmm.... It'd be fun to go on a rooting spree
no canned scripts, just good ole fashioned rooting...
hehe

Overall, I don't think it's unethical if one doesn't cause damage...
I know maddy very well and he wouldn't do that.... I know I wouldn't, as tempting
as a defacement might sound hehe.

Title: Re:Just Checking
Post by: Uneek on March 05, 2002, 03:00:49 AM
Yes Wil... it is! You are going to hell!!!  >:(

Oh... but don't worry... I'm driving the bus there and I just filled up the gas tank! h0h0h0  ;D
Title: Re:Just Checking
Post by: wilnix on March 05, 2002, 12:09:21 PM
Thanks Metty

I am totally innocent  ::) <==See?

Uneek, on the other hand, is a complete looney!!!  ;D

Wilnix

Title: Re:Just Checking
Post by: Metgod on March 05, 2002, 04:26:52 PM
lol @ Neek and Will

hahaha

good thread...

Title: Re:Just Checking
Post by: wilnix on March 05, 2002, 04:31:03 PM
Uneek should buy me a mocha freeze....  :'(
Title: Re:Just Checking
Post by: Tazinator on March 07, 2002, 03:40:24 PM
Hey will, could be worse man. You could have my job. You sit there and find holes, but when you bring them to the attention of those in charge of the (ekkk ;P) NT Domain they dont listen to you until its too late. Recently we had an instance where a contracted company came in to install survey and inventory software on all the workstations. They decided to circumvent the dillemma of having to install thier client software manually per machine by putting in the login scripts. All fine and good with one exception, they made all the domain users Administrators on all the domain machines including the servers and never said anything. About a week later some curious users found it was possible to get into User Manager and add themselves to any group they wanted to. Took me all day to make them realize this was a big problem.
Title: Re:Just Checking
Post by: Metgod on March 07, 2002, 07:25:00 PM
hahahaha
that's too funny

oh man... why do we have these 'experts' on the job ? ugh...
I don't claim to be an NT guru but uh.. that was stupid...

I'd rather tighten down a UNIX box any day...
Title: Re:Just Checking
Post by: wilnix on March 08, 2002, 03:57:41 PM
hrmmm....

Sounds like something our help desk would do. And: It's the exact reason I hate R&D. They are made to be users that are dangerous. Since they get paid more then us, they think they know more. Funny, I found six exploits on the R&D Director's side business website and a way into the ISP's 2k Domain (they added his box as a domain controller). Stupid morons. Then they wonder why I dont have an NT boxes in my DMZ.

Wilnix
Title: Re:Just Checking
Post by: Uneek on March 11, 2002, 05:20:30 PM
That is EXACTLY why I'm glad that nothing gets added/deleted/changed on my network unless I approve it first! I swear I'd have to kill someone if that happened on our network. Plus with only a handful of peeps here with admin privs, it makes it easy to track who did what.
Title: Re:Just Checking
Post by: wilnix on March 12, 2002, 02:06:20 AM
I iwsh we could lock down local admin rights on R&D, but they need them to test their software. Damn them...

Wilnix
Title: Re:Just Checking
Post by: Uneek on March 12, 2002, 12:45:07 PM
Uhm... Not sure why this topic was locked, but I unlocked it. If someone locked it for a reason please let me know.

Anyhoo, Wil... do they HAVE to be on the production network? Can't you guys put them on their own network or at the very least a seperate VLAN or child domain where they don't have admin rights to the whole network?
Title: Re:Just Checking
Post by: wilnix on March 12, 2002, 10:19:36 PM
NO, no, no...

They only have local admin rights to their machine. I'd leave the company if I had to put them in the domain admin group or even network administrators group... My own helpdesk doesn't even get those rights.
I do have them VLAN'd off and I have domain admin group under their local administrators group.

So, I have full control of their machines as wellas the network, but they only have control of their machines. I just can't lock it down anymore then that (they can install anything they want on their computer...including any software that Norton Antivirus doesn't pickup on)...

Wilnix
Title: Re:Just Checking
Post by: Uneek on March 13, 2002, 12:38:02 AM
Heh... In that case, make them admin their own machines and fix whatever they fuck up, as long as it doesn't affect the production network. They'll learn real quick not to install crap or change system settings which they aren't supposed to fuck with.   ;D
Title: Re:Just Checking
Post by: wilnix on March 13, 2002, 12:56:01 AM
Fortunately, if they have issues, they call help desk first. They suck, I fell for the help desk...wait...nevermind. I lied.

I couldn't care less.

Wilnix
Title: Re:Just Checking
Post by: Cobra on March 25, 2002, 04:00:15 PM
I blame Uneek for the world issues.
Title: Re:Just Checking
Post by: Uneek on March 26, 2002, 12:23:33 PM
Me too... that Uneek guy is an asshole...
Title: Re:Just Checking
Post by: Tazinator on March 26, 2002, 10:04:43 PM
Yeah, hes always around when disaster strikes, i'll tell ya...

;)
Title: Re:Just Checking
Post by: Metgod on March 27, 2002, 09:17:04 PM
*rofl*
Title: Re:Just Checking
Post by: wilnix on April 03, 2002, 04:45:46 PM
That's because he's a hacker. One time, he hacked into the circle-k and got a pepsi...


Really. He did.

Title: Re:Just Checking
Post by: Metgod on April 03, 2002, 06:11:30 PM
LOL
Title: Re:Just Checking
Post by: wilnix on April 03, 2002, 07:55:10 PM
Uneek could himself into mocha freeze machine running netbsd running only the freezed service...

Wilnix
Title: Re:Just Checking
Post by: Zerored on August 21, 2002, 01:04:19 AM
And i heard he smell funny too....
Title: Re:Just Checking
Post by: Uneek on August 22, 2002, 03:04:25 AM
And I have but one thing to say to you all...


"YO MOMMA!"

;D :P