[ARCHIVED THREAD] - Our IT guy, Part 2 (Page 1 of 3)
Posted: 6/22/2010 6:50:56 AM EDT
|
In the second part of the ongoing 'Our IT guy is an idiot' saga, I bring you this. I needed to retrieve a file from the computer that our IT guy replaced last week. He had deleted my user account, but left all the files intact. I could have just used a Linux live cd to access the drive and retrieve the file, but I thought I'd do it the hard way and crack his administrator password. So, I downloaded a readily available password hack program, burned it to a cd, and booted the machine with it. A whole two minutes later, I had the administrator password. This is where it proves the guy is an idiot. Every IT guy I know uses a seemingly random string of letters, numbers and symbols for a password. Usually a long string of them. Not our guy. His password, for every computer on the network, is a simple 5 letter word. If anyone wanted to hack our network, access is a simple as can be. I let the boss now what I found out this morning. The guy is on his way out anyway, so I thought management should now how vulnerable we are. |
|
Quoted: You're lucky. A lot of places would fire you for hacking - even if it was for some legitimate reason. eta: I like to use "7.62x39mm" buried in my passwords.  The bosses theory on computers - if you need it, get it. He is not too concerned with methods as long as they are legal. |
|
Quoted: eh, it only matters if the company is willing to throw tons of money at security. he could have had a 20 letter password and you still would have cracked it in a few extra minutes. Yeah, physical access = access to the filesystem, just some people don't know that. It's a valuable skill sometimes, I somehow locked myself out of a Windows machine when I changed the workgroup name. Never did figure out how that happened. |
|
Quoted: Wow - you actually told your boss that you willfully and knowingly cracked the administrators password on your network.  Yep. We try not to keep any secrets here. And I don't think he is worried about it. My signature at bid time is worth up to $20mil before I need approval from higher up. So I have that trust thing going for me. |
|
Quoted:
In the second part of the ongoing 'Our IT guy is an idiot' saga, I bring you this. I needed to retrieve a file from the computer that our IT guy replaced last week. He had deleted my user account, but left all the files intact. I could have just used a Linux live cd to access the drive and retrieve the file, but I thought I'd do it the hard way and crack his administrator password. So, I downloaded a readily available password hack program, burned it to a cd, and booted the machine with it. A whole two minutes later, I had the administrator password. This is where it proves the guy is an idiot. Every IT guy I know uses a seemingly random string of letters, numbers and symbols for a password. Usually a long string of them. Not our guy. His password, for every computer on the network, is a simple 5 letter word. If anyone wanted to hack our network, access is a simple as can be. I let the boss now what I found out this morning. The guy is on his way out anyway, so I thought management should now how vulnerable we are. What program did you use? |
|
Quoted:
Quoted:
Wow - you actually told your boss that you willfully and knowingly cracked the administrators password on your network. Yep. We try not to keep any secrets here. And I don't think he is worried about it. My signature at bid time is worth up to $20mil before I need approval from higher up. So I have that trust thing going for me. he may not be worried about it, but that's why there is separation of duties... if your IT security department catches wind of this, you can be in big fucking trouble regardless of what your "boss" has to say. unless you work at a company with like 10 people, i'd CYA |
|
he didn't crack the network password just the local machine's administrator account password. very easy to do. you're IT guy is a tard. I would have never left the old machine in an unusable state. hello? shit breaks. what if the new machine took a dive after i left? you'd be fucked. but if i left your old machine for a week or 2 in a closet in a usable state you'd be able to swap it back and work right? |
| I hate to tell you this, but most IT depts will use something simple and easy to type for a local workstation admin account. That account should only be used for diagnostic purposes and to give you admin access to join the system to a domain. I wouldn't sweat having a simple password for a workstation admin account as long as that password is not the same one that is used on servers (where any sensitive data should be stored). |
|
Quoted:
I needed to retrieve a file from the computer that our IT guy replaced last week. He had deleted my user account, but left all the files intact. I could have just used a Linux live cd to access the drive and retrieve the file, but I thought I'd do it the hard way and crack his administrator password. I'm surprised that the only copy of a file that you need is stored on a local machine. You're lucky the machine wasn't pulled out and restaged. If so, most businesses would hold you responsible for not keeping a readily accessible copy of the file on a shared storage resource or backup. So, I downloaded a readily available password hack program, burned it to a cd, and booted the machine with it. A whole two minutes later, I had the administrator password. This is where it proves the guy is an idiot. Every IT guy I know uses a seemingly random string of letters, numbers and symbols for a password. Usually a long string of them. Not our guy. His password, for every computer on the network, is a simple 5 letter word.
A common local password for machines in large and small networks is not uncommon. Once you have physical access to a machine, security is completely out the window anyway save for perhaps properly encrypted files. If anyone wanted to hack our network, access is a simple as can be. I let the boss now what I found out this morning. The guy is on his way out anyway, so I thought management should now how vulnerable we are.
If anyone REALLY wants to hack your network, access is very likely as simple as can be, regardless of the password strength used by your IT guy. In my company, and probably most with any real IT policies in place, you would have been written up at the very least and quite possibly fired for not properly storing a critical (presumably, since you needed to go through the above steps to retrieve it) file and for downloading and using unauthorized and possibly dangerous (malware/trojan vector) hacking tools. Just sayin' 
|
|
Quoted: Quoted: I needed to retrieve a file from the computer that our IT guy replaced last week. He had deleted my user account, but left all the files intact. I could have just used a Linux live cd to access the drive and retrieve the file, but I thought I'd do it the hard way and crack his administrator password. I'm surprised that the only copy of a file that you need is stored on a local machine. You're lucky the machine wasn't pulled out and restaged. If so, most businesses would hold you responsible for not keeping a readily accessible copy of the file on a shared storage resource or backup. So, I downloaded a readily available password hack program, burned it to a cd, and booted the machine with it. A whole two minutes later, I had the administrator password. This is where it proves the guy is an idiot. Every IT guy I know uses a seemingly random string of letters, numbers and symbols for a password. Usually a long string of them. Not our guy. His password, for every computer on the network, is a simple 5 letter word. A common local password for machines in large and small networks is not uncommon. Once you have physical access to a machine, security is completely out the window anyway save for perhaps properly encrypted files. If anyone wanted to hack our network, access is a simple as can be. I let the boss now what I found out this morning. The guy is on his way out anyway, so I thought management should now how vulnerable we are. If anyone REALLY wants to hack your network, access is very likely as simple as can be, regardless of the password strength used by your IT guy. In my company, and probably most with any real IT policies in place, you would have been written up at the very least and quite possibly fired for not properly storing a critical (presumably, since you needed to go through the above steps to retrieve it) file and for downloading and using unauthorized and possibly dangerous (malware/trojan vector) hacking tools. Just sayin' The file is communications protocol that allows my pricing service program to update my estimating program. It should have been dumped to the server along during the nightly backups, but for some reason it was never included. I don't know why. As for using dangerous hacking tools, the box was disconnected from the network and all the domain info was deleted last week. No access to the network at all and this comp will never be hooked back into the system. It is staying at home with me, getting reformated and turned into a home file server. |
|
Quoted: Quoted: I needed to retrieve a file from the computer that our IT guy replaced last week. He had deleted my user account, but left all the files intact. I could have just used a Linux live cd to access the drive and retrieve the file, but I thought I'd do it the hard way and crack his administrator password. I'm surprised that the only copy of a file that you need is stored on a local machine. You're lucky the machine wasn't pulled out and restaged. If so, most businesses would hold you responsible for not keeping a readily accessible copy of the file on a shared storage resource or backup. So, I downloaded a readily available password hack program, burned it to a cd, and booted the machine with it. A whole two minutes later, I had the administrator password. This is where it proves the guy is an idiot. Every IT guy I know uses a seemingly random string of letters, numbers and symbols for a password. Usually a long string of them. Not our guy. His password, for every computer on the network, is a simple 5 letter word. A common local password for machines in large and small networks is not uncommon. Once you have physical access to a machine, security is completely out the window anyway save for perhaps properly encrypted files. If anyone wanted to hack our network, access is a simple as can be. I let the boss now what I found out this morning. The guy is on his way out anyway, so I thought management should now how vulnerable we are. If anyone REALLY wants to hack your network, access is very likely as simple as can be, regardless of the password strength used by your IT guy. In my company, and probably most with any real IT policies in place, you would have been written up at the very least and quite possibly fired for not properly storing a critical (presumably, since you needed to go through the above steps to retrieve it) file and for downloading and using unauthorized and possibly dangerous (malware/trojan vector) hacking tools. Just sayin' I'm with 'The Wind' /\ If you have physical access and time, then you own the box. Rainbow tables make it child's play. Not saying your IT guy isn't a doofus - standard pw's should be 8 chars with numbers, special chars, upper and lower case alpha's, but even then it's just a matter of time. And to second the advise above - make sure you didn't grab any malware with that cracker you D/L'd. |
|
Quoted:
IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. |
|
I don't know the OP's function/level in his company, but I'll just leave this here: http://en.wikipedia.org/wiki/Randal_L._Schwartz |
|
Quoted: Quoted: IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. |
|
Quoted: "Know it all users" are IT's worst nightmare. Users that somehow think they are computer guru's are usually the ones that screw shit up the most and have the most problems with there computer. In four years, the only service ticket I have sent in was for the replacement of my computer thanks to a dead PSU. |
|
Quoted:
I hate to tell you this, but most IT depts will use something simple and easy to type for a local workstation admin account. That account should only be used for diagnostic purposes and to give you admin access to join the system to a domain. I wouldn't sweat having a simple password for a workstation admin account as long as that password is not the same one that is used on servers (where any sensitive data should be stored). Fail. |
|
Quoted: Also note that if that is the local admin password on all machines than he probably isn't the one who created it.I hate to tell you this, but most IT depts will use something simple and easy to type for a local workstation admin account. That account should only be used for diagnostic purposes and to give you admin access to join the system to a domain. I wouldn't sweat having a simple password for a workstation admin account as long as that password is not the same one that is used on servers (where any sensitive data should be stored). |
|
I only had seen the first one. I can't wait to see the other 3. |
|
Quoted: Why was the CEO's entire music collection on a company box?Quoted: Quoted: IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. |
|
Quoted: you l33t haX0r you... so you tattled to the boss that the password for an account with no real priviledges on the network was too simple for your liking? you should totally apply for his job. We have a policy around here of having employees identify problems, big and small, bringing them to management, and trying to get them fixed. It is as simple as that. If you find a problem, real or perceived, you bring to highers attention. |
|
Being the "IT Guy" does not make him an IT Security expert, Security is a field unto itself. His choice of password was poor, so was his choice (if it was his to make) to use and store lanman/NTLM hashes locally (you can force NTLMv2 and other cracking resistant settings via AD group policy). If an employee here was to do what you did I would recommend their termination, it is strictly verbotten via corporate Acceptable Use Policy (which you would have signed at time of hire). |
|
Quoted: Quoted: Why was the CEO's entire music collection on a company box?Quoted: Quoted: IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. Fuck if I know. |
|
Quoted:
Quoted:
IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. Yeah, I have women at work like that.... |
|
Quoted:
Quoted:
Quoted:
Why was the CEO's entire music collection on a company box?
Quoted:
Quoted:
IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. Fuck if I know. Wish I could say this was uncommon. I give my guys credit though, they know not to flag it to be backed up to my servers :) |
|
Quoted: LOL. Most companies don't allow that sort of thing no matter who it is. Deleting the music may not have been an accident.Quoted: Quoted: Why was the CEO's entire music collection on a company box?Quoted: Quoted: IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. Fuck if I know. |
|
Quoted: Quoted: Quoted: Why was the CEO's entire music collection on a company box?Quoted: Quoted: IBTIGFFMJFFWTIDP Click To View Spoiler I'm going to agree with this guy here. I especially enjoyed the part where you narced to your boss that your IT guy sucks. I've never been fired, but I've seen office crap like that and it never reflected well for either party involved. It guy has been on his way out for a while now. They are just looking for a replacement before they can him. And this decision was nothing I had a part in. He has fired himself through his own incompetency. For example, he deleted the CEO's entire music collection while doing a Windows update. No one can figure out how he managed to do it, but he did. Fuck if I know. Who cares if it is? As long as it is known that it being lost is not anybodies fault and it will be kept off of any company backups. Smaller businesses do not run like massive corps. |