RE: cracking local admin account

B

bradm

There are plenty of "bootable" CD's and floopies allowing a local user to
reset the password.

If the 'admin' password has been changed, then you know it has been messed
with. Since the actual machine is not his property, the company should
establish a policy prohibiting any means or method of gaining access by any
means where they are not authorized.

What you must first realize, is not only his disregard to authority, but how
much danger he is putting your network in danger. Once a policy is in place,
ensure everyone knows about them by signing a statement of awareness in order
to gain computer privileges. It's one of the first thing we do with new
hires.

Then if anyone goes against policy, have management establish punishments.
Anything from counseling to termination. Because of the hazards and
vulnerabilities someone can unknowingly cause by bypassing network security,
where I work it is grounds for immediate termination.

Good luck
Brad




"spence" wrote:

> I have an employee who apparently has a way of cracking local administrative
> passwords. I just learned of this and he has thus far been using this trick
> "for good" (e.g. to by-pass corporate buracracies that impede productivity.)
> Regardless, I've asked him to cease this practice. However, I'd like to know
> if there's a way to make sure he's no longer able. The problem is that I
> don't know how he's done it except that I was told by a coworker that a
> floppy disk of some sort was invovled. I realize that's scant information to
> go on, but I was hoping that someone might be able to offer some guidance on
> shoring up the security on my PCs.
>
> thanks,
> spence
 
Back
Top Bottom