Slashdot Mirror

← Back to Stories (view on slashdot.org)

What's On Your Network?

Posted by Zonk on from the sneaky-goings-on dept.

An anonymous reader writes "According to a Whitedust article you may currently have more on your network than you think you do. The article claims that not much security attention is generally given to one of the most elusive aspects of computer security; that of physical connectivity." From the article: "Broadcast traffic is on the rise, with more suspicious user activity in the logs every day. Then one morning you get a call from your irate boss wanting to know why he no longer has a network connection, yet the employees - or students or whoever - down the hall are able to play games and visit porn sites, at blazing speeds no less."

9 of 188 comments (clear)

  1. Maybe this is just me... by PhilipPeake · · Score: 4, Insightful

    but isn't this the sort of stuff that ANY network admin worth their salt should be completely aware of? If they need to be told this stuff they are not (IMHO) worth employing as other than apprentice network engineers. Or is this level of admin common in Windows environments?

    1. Re:Maybe this is just me... by cavtroop · · Score: 5, Insightful

      Also, try to remember that most companies IT departments are still short staffed, and pro-active monitoring like network scanning, etc. gets put way on the back burner. I agree with you, and am just playing devils advocate here :)

    2. Re:Maybe this is just me... by Homology · · Score: 4, Informative
      but isn't this the sort of stuff that ANY network admin worth their salt should be completely aware of? If they need to be told this stuff they are not (IMHO) worth employing as other than apprentice network engineers. Or is this level of admin common in Windows environments?

      Sure, where the employer can pay for it you'll have very good administrators, be it Windows or not. On most smaller sites, the administrator is not a full-time administrator, and is doing administration ad-hoc to his real job. This usually means that he does not have much training in this, nor much time for it either. Now, with all these (useful) Plug-and-Play devices you are bound to have some problems.

  2. DHCP fun by flinxmeister · · Score: 5, Funny

    if you don't run DHCP, a fun project is to throw a DHCP server out there and see who gets configured.

    It's amazing all the little devices that show up. Switches, old print servers, workstations tucked away in a corner somewhere that time forgot....now that many of these networks are starting to push 10 years, it's like archeology.

    Every now and then you find something that you just can't physically find. Lotsa fun.

    1. Re:DHCP fun by bersl2 · · Score: 5, Funny

      Every now and then you find something that you just can't physically find. Lotsa fun.

      Obligatory bash.org quote:

      <erno> hm. I've lost a machine.. literally _lost_. it responds to ping, it works completely, I just can't figure out where in my apartment it is.

  3. Tight Network by tburt11 · · Score: 4, Informative
    I maintain a relatively small network of about 50 workstations and about two dozen other devices.

    I distribute IP's thru DHCP, and I maintain an ACL via IPTABLES on my Linux router. DHCP distributes IP's based on MAC accress, and I do allow unknown MAC's to get an IP.

    The trick is, that any IP that I did not setup in DHCP, is blocked via the ACL to all Internet Access.

    Invariably, I get some VP/EXEC/VIP, call me and ask why his visiting sales rep cannot access his email. I walk into the office and the fellow has jacked into my network.

    My reply is Sorry.. You can use our WLAN for internet access. No jacking into the network.

    The WLAN is connected outside the firewall, so whatever they do there is of no concern to me.

    Yes, there are flaws in this method, but so far, it has brought every unathorized network connection to my attention...

  4. A Simple Security Precaution by Ed+Almos · · Score: 4, Informative

    Unplug unused network points.

    Three months ago we had a security audit carried out by an external company. The first thing they did was find a couple of unused offices and plug their laptops into the network points. I'm glad to say that there was no result.

    If you want to take this further then use managed switches and assign each port in use to a specific MAC address. That way if a 'visitor' pulls the plug on one of your computers and plugs their machine there will still be a nil result.

    Ed Almos
    Budapest, Hungary

    --
    The more corrupt the state, the more numerous the laws. - Tacitus, 56-120 A.D.
  5. I had to start locking my house doors by Anonymous Coward · · Score: 4, Funny

    Apparently, kids drive around with laptops looking for open network closets. These fuckers plugged in a cat5e into my switch and started leeching bandwidth for all their friends. I've recommended that my neighbors start locking their doors and change keys often just in case. Also, if you notice any unexplained cat5 going out doors into the back yard, you should investigate.

  6. Porn Sites hurt Feelings. by ebooher · · Score: 4, Insightful

    Could someone please tell me why employees browsing porn sites is such a big fucking deal? How is it different than employees browsing /.?

    IT security people at corporations are becoming porno hunters. Be proud, guys.

    You apparently do not live in the U.S. You see, here we have these things called laws that are written and voted upon by hairless monkeys that are given offices by people that can't be bothered to read and vote on these "laws" themselves.

    Some of these "laws" revolve around personal opinion and human emotions known as "feelings." They state that if you do something that hurts someone elses "feelings" you will go to jail and have to give them a lot of money.

    This has caused a rash outbreak of people "sniping" or hiding out in bushes that sometimes decorate offices and awaiting an unsuspecting employee to briefly brush past a site holding pornographic material. Google.com is a good example. In this instant they leap from the previously hidden sniping bush and proclaim that the barest hint of an unclothed nipple has hurt their "feelings"

    This results in a winning lawsuit in which the unknowing employee receives a new boyfriend at the same time that he is given to the sniper as a money slave for the rest of his life. Sometimes it even results in the closing of an entire company and results in a rise in unemployment which these people called "taxpayers" really have something against.

    A couple of years ago something that looked almost like a nipple, but clearly wasn't, caused a major change in the entire U.S. broadcasting industry because of all the people whose "feelings" the wardrobe malfunction had caused to be hurt.

    This has caused companies to be very careful about keeping anything that could possible hurt "feelings" out of their offices and off of their computers. Where I work, we usually just leave the computers turned off ....

    --
    "Genius may shine aloof and alone, like a star, but goodness is social, and it takes two men and God to make a Brother."