A friend told me an interesting tale from his last place of employment.
The IT department were poor - actually that's probably being exceptionally diplomatic. In one of the offices, the only PC that had the normal office apps/email installed broke (all the rest of the PCs were actually specialist workstations, which ran only a single specialist app. Everything else, including notepad, was blocked.)
Anyway, the shared 'general' PC for e-mail, office work, letters, presentations, etc. died from a failed hard drive. IT was called and gave a ticket. 1 week passed. The computer was still dead. The IT ticket was escalated, but no ETA. 2 weeks. 3 weeks. 1 month. Still no ETA. 2 months. Still no ETA.
People were getting really pissed now. They were having to stay late because they were having to do the work on other people's private office PCs, or they were bringing in personal laptops, or taking strictly-confidential paperwork home.
After 3 months, one of the staff decided to try to repair the PC themselves. They couldn't open it, the case was chained shut. However, they were able to boot an Ubuntu live CD. And this was sufficient to run a browser to access the company e-mail, as well as provide open office, and access to the company shared drives.
Much to the delight of everyone in the office, this ubuntu live CD worked great. Everyone could get work done, access e-mail, and their shared files.
But there were a couple of interesting findings:
1. They could access the internet and browse anything they liked, completely unfiltered. No ad blocking, no over-zealous filter blocking access to legitimate sites.
2. The file sharing was 'interesting'. There appeared to be no user restriction or need to enter a user name and password. It was a total free for all. Every file on every file server in the entire company could be freely accessed (including internal IT documents and the CEOs personal files).
3. The ubuntu machine appeared to pick up a public IP address, with absolutely no port filtering or firewall whatsoever. People could SSH or RDP into the ubuntu machine from home (much to the delight of people who were on the 12 month waiting list for VPN access - the company had run out of secureID tokens, and refused to order more. So no employees could get VPN access, until old tokens were returned when people left).
My questions are:
1. I thought that on a Windows network, the file share security was server side. When accessing files from an windows machine, appropriate user restrictions were adhered to. So, how could the ubuntu machine completely undermine everything?
2. What was the company doing wrong to enable web filtering to be bypassed so easily?
3. Lack of a firewall also appears to be rather interesting. I don't really understand how they had managed to configure their network, as it appears that the workstations were on their own LAN which was firewalled from the main company LAN. Any ideas?
The IT department were poor - actually that's probably being exceptionally diplomatic. In one of the offices, the only PC that had the normal office apps/email installed broke (all the rest of the PCs were actually specialist workstations, which ran only a single specialist app. Everything else, including notepad, was blocked.)
Anyway, the shared 'general' PC for e-mail, office work, letters, presentations, etc. died from a failed hard drive. IT was called and gave a ticket. 1 week passed. The computer was still dead. The IT ticket was escalated, but no ETA. 2 weeks. 3 weeks. 1 month. Still no ETA. 2 months. Still no ETA.
People were getting really pissed now. They were having to stay late because they were having to do the work on other people's private office PCs, or they were bringing in personal laptops, or taking strictly-confidential paperwork home.
After 3 months, one of the staff decided to try to repair the PC themselves. They couldn't open it, the case was chained shut. However, they were able to boot an Ubuntu live CD. And this was sufficient to run a browser to access the company e-mail, as well as provide open office, and access to the company shared drives.
Much to the delight of everyone in the office, this ubuntu live CD worked great. Everyone could get work done, access e-mail, and their shared files.
But there were a couple of interesting findings:
1. They could access the internet and browse anything they liked, completely unfiltered. No ad blocking, no over-zealous filter blocking access to legitimate sites.
2. The file sharing was 'interesting'. There appeared to be no user restriction or need to enter a user name and password. It was a total free for all. Every file on every file server in the entire company could be freely accessed (including internal IT documents and the CEOs personal files).
3. The ubuntu machine appeared to pick up a public IP address, with absolutely no port filtering or firewall whatsoever. People could SSH or RDP into the ubuntu machine from home (much to the delight of people who were on the 12 month waiting list for VPN access - the company had run out of secureID tokens, and refused to order more. So no employees could get VPN access, until old tokens were returned when people left).
My questions are:
1. I thought that on a Windows network, the file share security was server side. When accessing files from an windows machine, appropriate user restrictions were adhered to. So, how could the ubuntu machine completely undermine everything?
2. What was the company doing wrong to enable web filtering to be bypassed so easily?
3. Lack of a firewall also appears to be rather interesting. I don't really understand how they had managed to configure their network, as it appears that the workstations were on their own LAN which was firewalled from the main company LAN. Any ideas?
Facebook
Twitter