General discussion

Locked

Network never patched

By zlitocook ·
I am a contractor who was hired to a small bank. I was brought in to migrate and fix things, I did good and was hired. Now they want me to manage the network among other things. They have a Symantec hard ware fire wall all in one device. They think it is enough to protect them from the bad guys. With Windows 2000 and XP pro work stations, XP came with SP1 and the 2000 workstations are at SP3. Even the servers are not updated past last years patchs. I was told that auditers are coming in soon to look at the whole system from the ground up. My boss a general office manager who picked up his IT skills as he went along thinks that the contractors they hired to set the network up two years ago are perfect. And his boss also self taught thinks the network runs fine, dose not need any updates or patches. I had my problems with them as a contractor now if I am in charge of the network but not really will I be a scape goat after the audit? I ran a few quite programs I can not do too much they did not give me full rights as a administrator, and have my concerns about things that I found on the severs. Should I cut and run?

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by maxwell edison In reply to Network never patched

I might consider giving them my own written report of my own evaluation of their present network infrastructure, to include hardware, software and procedures. I'd include a worst case scenario outcome should one of those factors fail, and make my own recommendations to avoid it. The report would be compared to the auditor's report, however, so you might have to either defend yourself if it differs too much, or be "humble" enough if you missed too much.

But by providing your own report, you'd be covering yourself in case of some sort of failure or breech, and you might also be solidifying you position with them.

Don't be hesitant to call things the way you see it, do what you believe to be the right thing, and just let the chips fall where they may. If you do, they'll usually stack up in your favor.

Collapse -

by zlitocook In reply to

Poster rated this answer.

Collapse -

by maxwell edison In reply to Network never patched

I might consider giving them my own written report of my own evaluation of their present network infrastructure, to include hardware, software and procedures. I'd include a worst case scenario outcome should one of those factors fail, and make my own recommendations to avoid it. The report would be compared to the auditor's report, however, so you might have to either defend yourself if it differs too much, or be "humble" enough if you missed too much.

But by providing your own report, you'd be covering yourself in case of some sort of failure or breech, and you might also be solidifying you position with them.

Don't be hesitant to call things the way you see it, do what you believe to be the right thing, and just let the chips fall where they may. If you do, they'll usually stack up in your favor.

Collapse -

by zlitocook In reply to

Poster rated this answer.

Collapse -

by CG IT In reply to Network never patched

sometimes patches and updates can do more harm to a network and servers than security threats from the Internet. Case in point XP SP 2. The firewall is turned on by default and in a network environment can cause problems with connectivity to DCs. So no critical patches on networked computers aren't a bad thing unless they are to fix critical problems not security related provided that workstations don't access the internet.
Being a sacrificial lamb, theres really no place to run even if you leave the company, if they have pegged you as the sacrifice, your it.

Collapse -

by zlitocook In reply to

Poster rated this answer.

Collapse -

by zlitocook In reply to Network never patched

I have submitted a over all server and work station review to my boss. And his eyes went blank looking at it, I tried to explane the items that should be addressed and what needs to be done. His first anwser was this was taken care of by the network consultant a few years ago. I said that there have been alot of things that have changed sence then and should be looked at. I need to become the BOHF to change things here:)Well I have tried to tell the boss and his boss. His boss talked to me for three hours and did not say a thing about what needed to be done! He needs to be a Politician. I love the IT side of the job but now it seems that I can not do what else is needed.

Collapse -

by zlitocook In reply to Network never patched

The Register.uk needs to get into this. The new software is grim, I can compleat a end of day and every thing will be right! I mean it adds up ok on my end but the other people who need to find problems, it dose not let them find what they need. I am not going to say what softtware yet so they can fix it. If I am to stay here they need alot of work.

Collapse -

by TechieRob In reply to Network never patched

It would pay; if anything to have a base "standard" in an update level. When I first started at work we had an average of 37 critical updates missing; though the network was "stable" it was almost knocked over completely by the DCOM vulnerability earlier this year. Since then I have implemented Microsofts SUS (software update service) and a few registry tweaks in the GPO to push out all neccesary updates. Now the average is one missing patch - being SP2. The network has been as stable as anything.

Personally if it's a situation like a bank; or a company that deals in private information - security is king and you have increased responsibility to keep everything up to date as you possibly can - and dont forget your documentation.

Collapse -

by zlitocook In reply to

Poster rated this answer.

Back to Security Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums