Locking antlers with a network Nazi
Die! Symantec Endpoint Protection, Die!
Some contracting jobs are fun. I love the sexy ones that task me with rolling my own data center or spending a week’s worth of off hours poking holes in someone else’s network.
Some contracting jobs are terrible; 14 consecutive hours of testing cables and ghosting workstations will leave me a gibbering mental wasteland. One recent job has left me feeling somewhat ambiguous.
It was simple enough; go to the site, rename and readdress up to five PCs to meet the newest conventions. Remove Office Pro and install Office Standard to ensure proper license compliance. Depending on the speed and number of the PCs, that’s maybe a couple hours’ worth of work. It could stretch to four hours in the absolute worst case.
The project started out with a misadventure. The location in question is on the other end of the city from my home; better than an hour away. I ran into a multi-vehicle accident and showed up onsite three minutes late. This was apparently too late; the individuals with the keys to let me into the building had left.
Round two saw me arrive early, only to discover that the required install media for Office was not present. Here, things got interesting. The office in question was a small two-PC affair that was part of a much larger network.
It is safe to say that this network was run by some of the darkest of network Nazis I have yet to encounter. I had in my grubby little mitts the domain administrator’s credentials – necessary for the work I had been asked to do – and yet could still accomplish nothing.
Internet access was locked down; Symantec Endpoint Security was set to <Nelson Muntz> Ha ha! </Nelson Muntz>. It was managed centrally and best of all there was nobody available with the rights to disable the thing.
USB ports and Optical drive access were locked down – even for the domain admin – and Symantec was configured in such a fashion that even if I physically added another node to the network with a share on it, it wouldn’t allow me to get the necessary files off.
Sponsored: 2016 Cyberthreat defense report