Author Topic: You are BLINDLY put in charge of a network...  (Read 365 times)

Offline JB73

  • Plutonium Member
  • *******
  • Posts: 8780
You are BLINDLY put in charge of a network...
« on: August 15, 2007, 10:38:11 PM »
you know next to nothing about, worried about sabotage from the fired former head of IT and after 6 days this is your findings... what do you do?


After oh, $2000 approx. in consultant fees (he knew the former IT guy, and had an idea of the network), a VERY helpful guy doing implementation on our new software, and our IT guy from Michigan we have come to realize that basically we are screwed.


The helpful guy has masters in information technology, and served (supposedly) in the special forces as communications and IT officer. He really does know more than I can even explain, and the consultant we brought in to help read and lock down the network....well they are both baffled / amazed we are still running.

With a maximum of 10 concurrent logged on users I have know to me 13 physical servers, and 2 that we can ping, remote into, but physically can not find. We also have , by using a combination of an IP sniffer and MAC sniffer, 7 addresses we can not identify.

Our internal DHCP address range is from .51 to .255 yet we have 5 known static IP's, some routed through the firewall directly to that are IN our DHCP range. 3 are actual servers.

Our "domain" is only for a name, no credentials are verified through our ONLY PDC, not a single BDC or anything.

Oh and licensing..... I shat bricks.


Did I mention during our mapping we found no less that 55 different vulnerable access points open to the general public?

I was not kidding when today with the owner, the consultant, the implementation guy, and our other IT guy from Michigan I said:
Quote

Kill it with fire from outer space, it's the only sure way.


it got a cursory laugh, but in all seriousness it is THAT bad.

We are looking into a full rebuild from start of the entire network including 5 out of state locations with 2 dedicated lines, and others on VPN. We are talking an entire network infrastructure rebuild. Everyone is in total agreement, and the owner is freaking at the possible costs. It does NOT make me look bad, in fact with what I personally have discovered about the licensing makes me look like a hero. We could have been in really serious trouble if audited.

They all had an idea the old guy was not being legit with things, but “we spent $3000 to make sure we were up to date with our licenses”….

Bueller, Bueller, Anyone, Anyone? $3000 gets you what? Oh yeah 13 M$ 2003 server enterprise edition, 35 WinXP Pro, 35 M$ office 2003 full editions, and a myriad of other things.ROFLMFAOPMPASTC!

You know what that *** hat did before me? He joined the M$ development team, got reseller licenses, and proceeded to use those for actual deployment.




Starting tomorrow morning I am designing a 5 state, 8 physical locations, 3 separate company network infrastructure. I will have help, but basically with all the implementation going on the guy from the other company has his hands full. He will be hosting the APP, we will be remoteing in via terminal services and authenticating on his active directory, yet holding each our own companies identities.
I don't know what to put here yet.

Offline 68Wooley

  • Silver Member
  • ****
  • Posts: 931
You are BLINDLY put in charge of a network...
« Reply #1 on: August 15, 2007, 11:12:12 PM »
You could do what a certain client of mine did:

Don't pay your T1 fees, and you'll soon find you don't need to worry too much about being hacked

Of course, the problem was actually reported to us as 'Your****in servers are down and  no one can connect. We've got a service contract - fix it like NOW or we're gonna sue your tulips into next year'. :huh

That'll by $1000 for a false call out please - ka-ching :D

Offline Vulcan

  • Plutonium Member
  • *******
  • Posts: 9917
Re: You are BLINDLY put in charge of a network...
« Reply #2 on: August 16, 2007, 01:32:48 AM »
Quote
Originally posted by JB73
Starting tomorrow morning I am designing a 5 state, 8 physical locations, 3 separate company network infrastructure. I will have help, but basically with all the implementation going on the guy from the other company has his hands full. He will be hosting the APP, we will be remoteing in via terminal services and authenticating on his active directory, yet holding each our own companies identities.


Need help :D ?

Heres something to kick off: http://www.sonicwall.com/us/Secure_Remote_Access.html
go here for a live demo: http://www.sonicwall.com/us/products/resources/2612.htm


Ideal from multiplease ADs/remote access, including full tunnelling and webified Terminal Services sessions.