i member of the IT staff made me an administrator at my workplace. I have downloaded some freeware programs, used limewire to download some songs that i use in a work-related way and also admit to downloading some porn and looking at a few porn sites.
A couple of weeks ago the guy was fired for "Doing something he shouldn't have done." I've asked several people what he did and they won't respond.
After he was fired, he used a VPN connection to get back into the company and delete a lot of files, accounts, etc.
I'm wondering if anything that I have done will be discovered as a result of this and if anything I've done by using a porn site or the limewire program allowed this guy to have a "backdoor" into the network.
any thoughts would help put me at ease...
2007-08-01 06:45:34 · 9 answers · asked by Anonymous in Computers & Internet ➔ Security
Wow,
Sounds like your company is really lax about computer usage. 1st what the company should have done is put out a computer usage policy which EVERY employee from the sweeper up to the president needed to sign and put into their peronnel file. Most companies do this as standard operating procedure whenever a new employee is hired.This policy would have stipulated that the computers were company property and were to be used for company use only and that the employee's email and Internet usage could be monitored and violation of the policy would be grounds for immediate termination. Most large companies have a policy like this in place.
In all fairness to the employee, the company should have a program in place which blocks access to inappropriate websites. This will prevent employee from accessing those sites whether it be deliberate or by accident.
The employer also should have a tool in place for monitoring web access. We have it here where I work and again, most large companies have something in place that does this.
The goal is not to catch violaters and fire them. The goal is to identify a serious problem and address it before it gets out of hand.
Also aparently your company has no policy in place that addresses issues that need to be addressed whenever a person leaves employment. Most companies these days will escort an employee (especially someone it IT) to the door when they are terminated and they will not be allowed back into the building. Also their user accounts will be disabled along with disabling the ability to VPN into the network. Our network uses a "RSA" security device which allows the employee to VPN into the network. Without it the user cannot VPN in.
Don't wory, nothing that you are doing is giving him access to the network. He is getting into the network via things that he set up ahead of time so that he could gain access to the network should he get caught.
For your buddy, if he continues to VPN into the network and delete things he will eventually get caught and could easily find himself in jail.
For you, let this be a wake up call for you. Computers at work are meant for work. Employers are becomming more and more conscious of computer usage and abuse of it.
Your buddy was more than likely snooping in places where he had no business snooping such as payroll or other financial records when he got caught. Now that management is aware that the IT department has breached security, they will be on constant lookout to see if someone else was involved. Git rid of the porn, Limewire, MP3 files etc. they are not allowed in 99.9% of the workplaces and if they are discovered on your system you might be facing disciplinary action too.
Good Luck,
Captain Computer
2007-08-01 08:41:22 · answer #1 · answered by Captain Computer 4 · 0⤊ 0⤋
What he did is less relevant than the fact that you've been using company property for illegal activities. If your activities were tagged by the RIAA or anyone else, your company is looking at a fine of up to $150,000.00 for each song you illegally downloaded using company resources. At that point they'll probably be pressing criminal charges against you. And since you've been downloading porn, odds are good that you've let half the hackers on the internet into the company network and a bot-herder has control of many resources. Your best bet is to format the hard drives of the computers you've been using and start sending out resumes and hope you're not discovered too quickly. You'll probably also want to consult a lawyer, just to be safe.
2007-08-01 07:08:23 · answer #2 · answered by Rose D 7 · 0⤊ 1⤋
You haven't done anything most likely that allowed him to get back into the workplaces computers. He used his old password, or a password he already knew. Or he had a rootkit, trojan, etc.. running on a computer so if he did get fired he could get back in later. VPNed through everything and set stuff.
Your porn and limewire didn't play much of a roll in him "hacking" back into the network. I wouldn't keep it up, Limewire leaves ports open, and porn sites have a lot of ad-ware, spyware, etc.. Not to mention RED FLAGS on your networks Firewall/IDS will show up, and if they find all that they'll trace it back to you and your dirty desk area.
Wise up.
2007-08-01 08:36:10 · answer #3 · answered by Secure-Run 3 · 0⤊ 0⤋
I wouldn't worry, the sacked employee did not send a bit of pu*sy to open the back door. Nor did he use any dodgy software. All he did, when he was an administrator is create a remote permission. He has put a backdoor on the server and has the password for a remote connection. Once in the server, he will know many names, IDs, passwords etc. as for your dodgy porn, blame him as he created your administrator account and used it.
2007-08-01 06:58:57 · answer #4 · answered by kendavi 5 · 0⤊ 0⤋
Well, he would have to have known what sites you went to and know if they downloaded anything to the server, but I doubt it.
He simply had the information and passwords to get into the system, change the passwords so he can't get back in.
BTW, just personal, if it was your "browsing" that got this guy fired, I'd stop doing that in the offices, you could get someone else fired. I'd feel horrible if I were you and that was the case.
2007-08-01 06:52:49 · answer #5 · answered by Tony5870 3 · 0⤊ 0⤋
hacking... human beings out in the international choose to break into inner maximum centers like as quickly as this guy broke into the U. S. military employer stuff to no longer screw it up yet just to show he can, regularly hacking is breaking into yet another persons workstation without being one hundred's or perhaps hundreds miles remote from it and programming viruses or something like dat.
2016-10-08 23:54:24 · answer #6 · answered by ulberg 4 · 0⤊ 0⤋
Sounds like your next to go!
Avatarxz
2007-08-01 06:50:42 · answer #7 · answered by Anonymous · 1⤊ 0⤋
YEP. if they don't find out today, they will found out tomorrow. if I were you, I would stop. if you care about your job, Just STOP bro
2007-08-01 06:51:41 · answer #8 · answered by cmoven 2 · 1⤊ 0⤋
y would u do that ? cant u wait till u get home. they could figure out its u.
2007-08-01 06:51:08 · answer #9 · answered by Jake 7 · 1⤊ 0⤋