News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Sharky's picture
Sharky

Shark Tank

More posts | Read bio

October 4, 2006 - 8:42 A.M.

Shark Tank: Just one thing missing

6 comments

Strolling past a row of user cubes during his lunch break, this IT guy notices something odd: One PC's monitor has a full-screen DOS prompt with lots of commands already entered, reports a pilot fish on the scene.

"Looking at the commands, he realized that somebody was uploading an executable file to another machine," fish says. "The target was a company VIP's notebook, the name of the uploaded executable surely did look ugly, and the file was uploaded successfully.

"He called an IT manager to the place, HR was notified, and a security investigation was started."

The VIP's laptop is in his locked office, so its connection to the network is promptly yanked at the network switch. Then the IT guy and IT manager storm into the VIP's office and explain what happened.

But the VIP won't let them remove the computer for proper investigation or even allow them to look at the machine. He doesn't care about this technical stuff, he tells them; he's heading home with his laptop.

Meanwhile, the HR manager is going by the book: Local police are called, the uploading user is escorted from the premises, user's PC is seized for proper investigation.

"Turns out the user was browsing some newsgroup and stumbled upon step-by-step directions for how to upload a file from the command line," says fish.

"There were also suggestions on how to seduce a co-worker into enabling file sharing, as well as a short review of keyloggers -- even suggestions on how to find the name and IP address of a target machine.

"This user followed the cookbook, step by step.

"However, he didn't know how to close the DOS prompt -- that wasn't mentioned in the cookbook."

Submit your own true tales of IT life to sharky@computerworld.com. If Sharky uses it, you'll snag a snazzy Shark Tank shirt! You can also add comments by using the form at the bottom of this page.

What People Are Saying

Add new comment

I wonder what was on the

Submitted by Jonathan on October 4, 2006 - 7:41 P.M.

I wonder what was on the VIP's laptop that he wouldn't let the IT folks see it?

Was the VIP congressman Foley?

Report this comment

What this does is flash a

Submitted by Anonymous on October 4, 2006 - 6:14 P.M.

What this does is flash a big sign over the IT Department saying "I Seen A Fella Run A Network Once". Users are able to set up shares - security holes exist on multiple machines allowing remote access and program execution - And the Tech guy thinks his problem is the VIP? I'm betting the VIP already knew IT didn't have clue number one about computers.

Report this comment

I would call the VIP's boss,

Submitted by John on October 4, 2006 - 5:20 P.M.

I would call the VIP's boss, and inform him or her that there was a serious security breach that was being taken care of -- and I would go into detail on it -- and the VIP was refusing to cooperate. With any luck, this will get the VIP to cooperate.

If that didn't work, I would yank the VIP's access on ALL servers (including company e-mail). When he complained, I would tell him that there was a serious security breach, and until I could examine his laptop, I could not trust it.

If, say, the VIP were an accountant, I would say that it was as if there was a case of embezzelment which involved his bank account, and the account was frozen until we were sure that it was all right.

Report this comment

Second thing missing is

Submitted by Anonymous on October 4, 2006 - 10:31 A.M.

Second thing missing is getting the affected user(s), no matter how important, to let IT do their jobs. Wanna bet the follow-up is that the VIP calls his secretary to arrange to pick up the laptop and deliver it to IT because now it's behaving strangely? A shame that it looks like somebody's title trumps proper security procedure at that company.

Report this comment

I'm kinda disappointed...I

Submitted by Anonymous on October 4, 2006 - 9:26 A.M.

I'm kinda disappointed...I expected to find out that the whole dos prompt thing was actually the users wallpaper and that he kept no on screen icons - something I have done in the past - and the IT guy was new & had jumped the gun.

Report this comment

It sounds like this company

Submitted by Anonymous on October 4, 2006 - 9:12 A.M.

It sounds like this company DOES have an incident hanling policy (HR went by the book) but, it seems it may be lacking in mentioning that ALL devices involved must be examined for potential damage... (or whatever)

Report this comment

Related Posts

Linux's dirty little secret: Uninstall
Mumbai terrorists' most powerful weapon: VoIP phones
MSNBC Spam-O-Rama
Indian police: Terrorist attack used U.S. citizen's WiFi

Editor's Picks

Attacks likely against Windows, PowerPoint, researchers say

Google Buzz takes the fight to Facebook, Twitter

Micron acquires flash memory maker Numonyx

Judge dismisses Windows anti-piracy software lawsuit

New Russian botnet tries to kill rival

Microsoft e-health research taps Xbox, mobile phones

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.