![]() You need to give us a good reason for needing that access, why should we have to go looking for reasons for you?Give me a good reason to have access to something and you will probably get it. We are stretched thin enough keeping your precious email and whatnot working and keeping the servers running. It's against company policy."Another side of the issue is that most admins I've known seem to look down on their users and have a hard time believing that some of them actually know something about systems and network management, sometimes even more than they do.Įxactly how much spare time and money do you think us IT departments have to "Enable" all you people? 60% easy of the staff here think they know way the hell more than they do and already have more access than they need. The best system and network admins I've known, when given a request to permit something that hasn't been allowed up until that point think "how can I help this person get this done while still protecting the company's resources?" Most admins, however, will say "no, you can't do that under any circumstances. ![]() It's all able being an "enabler" rather getting in the way of getting things done. It's not an issue of entitlement or anything of the sort. Accountability seems to be something you have no concept of. If my boss comes and tells me to give someone more access than I think they should have, I ask him if he's sure about it, ask him to email me the request so its in writing and then do it for him. Its not our problem, nor our job to deal with your issues of entitlement at the workplace. This has nothing to do with your sense of self entitlement, we are paid to do everything we can to keep the network secure and running. Quote:Originally posted by Hawkbox:I think I can safely rest my case. the only position you've probably held is a level 1 helpdesk 'eh? Maybe if you took the time to understand systems management, you'd understand Hawk's argument Case closed.Very similar, indeed, to the fact that most of the bullies I knew in high school are now in the law enforcement profession. ++ well statedquote:Originally posted by SodaAnt:You just made my point. Sorry, I have enough to do keeping the stuff that people break running, I dont need to give them more power to break things. And as much as I would love to be able to scan for updated machines that show up we dont have an unlimited budget, nor unlimited and people to implement all these great ideas to allow you to play games and download music on your work machine. Quote:Originally posted by Hawkbox:Why is that? Because we dont have the time nor the money in our budgets to set up personalized setups for each user who thinks they are to special for the standard deployment? I worked at Dell with a locked down system and for what I did it worked fine, there was no need for me to not be part of the domain, I am a sysadmin now and technically I still dont need to be part of the domain it is more accountable, easier to manage and for most "Power Users" more secure because they turn off automatic updates and bring horrendously old images onto our network. It's that attack you have to worry about. The correct policy is strong passwords, assuring they're not in the dictionary or are too large to practically brute-force.Increasing the rounds reduces the space where brute-force is even marginally feasible, but no sane person would try that without making a dictionary attack first. ![]() It doesn't matter if the password is 'dog' and it's the third one I try. I edited my last post with an example, so you might not have seen that. ![]() If they match, you're in.quote:So yeah, they will be slower. You take a potential password and run the same scheme Windows uses to generate the verifier in the first place. What are you talking about? All the attacks currently available on salted password hashes are dictionary or brute-force based. Because the number of rounds has no bearing on how you go about breaking it, only on the speed in which you do so.quote: You can't even get to the salted hash to perform the usual cracks until you get through that. Quote:Originally posted by stash:I'm not sure how a salted hash that has been through 10,000 rounds of SHA-1 is vulnerable to the same schemes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |