Feeds

BOFH: Remote access malarkey

Don't mark yourself as a target

  • alert
  • submit to reddit

Maximizing your infrastructure through virtualization

Episode 31

"...And so you can just log in to my machine and look at it whenever you like?" our user asks indignantly.

"Uh-huh," the PFY says, fixing the user's printer settings while he's talking.

"And I don't have to give you permission or anything?"

"I'd have assumed that was implied by ringing the helpdesk?" the PFY says.

"Yes but surely you'd ring me beforehand - as a courtesy, if nothing else!?"

"No, the courtesy bit is me looking up a helpdesk call on a Friday afternoon after three lunchtime pints," the PFY says.

"I... is this the way you normally solve problems?"

"Sometimes," the PFY admits. "Although other times I find that if I leave the call open long enough the user'll go back into their printer settings and remember they stuffed around with the local printer/network printer combo and put it right themselves. But like I say - I'm feeling courteous this afternoon."

"I'd like to speak with your Supervisor!"

"Absolutely," the PFY says (courteously). "Putting you through now!"

>RING<

It never ceases to amaze me how every now and then an otherwise sane user suddenly starts believing that they, their email, and their personal files and instant messages would become so interesting for an administrator that they would forgo the worlds of computer games, movie torrents, porn and piracy simply to peruse their desktop in the hopes of finding something which could only be - let's face it - disappointing.

I mean when the world's your oyster you don't generally settle for fish paste...

"Hello there," I say, handsfree enabled. "IT... Oh... Management, I guess." (For I too have had three pints at lunchtime, plus a couple of extremely generous shots of The Macallan.)

"I was just talking to your systems person and he was most unhelpful."

"Really?" I say. "On a Friday afternoon - after three pints? I'm surprised he answered the phone at all."

"Look, this is serious. He was logged into my machine without my permission."

"Technically," I say, as the Macallan is known to fire up the pedant in me, "that would be the company's machine, however as we're all friends here we should look into it. When exactly did he log into it?"

"Just now."

"He can't have - he's been here the past hour."

"He did it over the network."

"Oh right, remote administration - you must have logged a helpdesk call then?"

"Yes - but surely you'd call me before just rifling through my desktop!"

"No not really," I say. "But give us a minute and I'll just check the job. >clickety< . . . >Pregnant pause while I check my eBay bids, order some more coffee for the espresso machine and fire up Bioshock for some afternoon boredom relief< Yes, a printer config problem. It's been... resolved by the look of it. So no harm done with the remote access."

"But then he could do it at any time!"

"True - but it's relatively simple to stop this from happening if it worries you," I say.

"How?"

"There's two ways that we commonly recommend - one's called shutdown and the other one's not logging a call with the helpdesk. But to be completely honest, shutdown's your best option."

"Why's that then?" he asks, suspiciously.

"Look," I sigh. "It's a Friday afternoon and I can see where this is going, so why don't we just cut to the chase? We get calls from concerned users like yourself upon occasion and I'll tell you what I tell them: When it comes to an administrator's interest in your affairs you're competing against the rich tapestry of the internet - and losing. The only thing that can possibly be done to engage our interest in you is for you to complain about your lack of privacy - because then we start wondering what the hell it is you have that you don't want us to see. And before you know it the administrator concerned has passed you on to someone such as myself whose sole purpose is to keep you talking long enough to fire off a backup of the contents of your hard drive."

>Scrabble<

"Oh it's too late now," I say. "By now my assistant will poring over the contents of your 'My documents' folder, skimming your instant message logs, ferreting through your browser cache and ultimately nosing through your email - which he didn't even need access to your desktop to do in the first place."

>Slam<

>Ring<

"Hello?" I say.

"What's this I hear about you rifling through someone's desktop machine?" the Boss snaps.

"Oh that!" I say. "It was just a remote administration thing - a user had stuffed up their printer settings and my assistant had connected remotely to fix it."

"Without talking to him about it?"

"No - we were just adjusting the settings - same as we did for your machine last week."

"You logged into my machine last week? You didn't ask me!"

"Technically it's not your machine," I say nodding knowingly at the PFY. "However as we're all friends here we should..."

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.