Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Please read - my butt is on the line

All,

This may seem inappropriate but my butt is on the line, so please read on.

I have 2 developers who have domain admin rights in a windows 2000 environment. I discovered on Friday that these 2 have been creating a VPN tunnel to another companies network and having several machines on that network interact with one of our machines on the internal network.

I escalated this issue to our collective supervisor. I know what his response was and I also know what mine was.

I can guarantee that there is going to be a big turf war over this one and so I seek your oppinions.

Does this have the potential to become a large security issue?

Thanks all.

4 REPLIES

Re: Please read - my butt is on the line

You need to collect evidence against the unauthorized activities that has been going on. Logs and sniffer traces should help. This definitely have a potential to become a security issue, depending on how secure you want your network to be.

Bronze

Re: Please read - my butt is on the line

I would say there is huge potential for that to become a security issue. Is there a valid reason for the other company to access your server? You also open up the possibility if the other company is not very security aware of attacks/virus infection making its way from their network to yours. On the other hand, if there is a need for this type of setup, isolate the server on your network behind an ACL (if possible) to protect your network from any type of attacks/worms etc, that might find its way from the other company to your network.

New Member

Re: Please read - my butt is on the line

Have you considered discussing this with the developers? There could be a valid business reason for the interaction. What is your role in this company? The solution may be as simple as getting together and creating a business case, which should also include validating security issues/concerns.

New Member

Re: Please read - my butt is on the line

Hi,

From what I'm understanding your developers are logging one of your company's PC to a remote VPN server of other company. In that case you create a virtual WAN connection, that can be used:

* To access all the information on that machine.

* Via additonal terminal services on that PC, you can take remote control of a Windows 2000 session there and access your entire network.

* They can pass you a virus on that PC that can later devastate or spy your domain, as the user they use to login has domain administrator rights.

However you need to be documented to acuse them. And perhaps you should get not just technical but legal advice too.

BR,

Igor Sotelo.

169
Views
0
Helpful
4
Replies
CreatePlease to create content