Reply to post: Net Send

Beware the trainee with time on his hands and an Acorn manual on his desk


Net Send

Not so much the victim than the unlucky detective who had to trawl event logs and compile the evidence.

Early Noughties I was helping out second line doing desktop support for a large financial organisation, using my server skills to remotely fix issues users had logged for XP without having to actually get out my seat and visit them. Since I had admin rights I could remote load Event Logs on Windows and was checking one such log when I came across a "net send" entry that even in those days was unacceptable.

The log file included the source machine, so I was able to load that log too, and started to find conversations between about 10 tech savvy people, some banal ("Coffee?"), some a bit disparaging of managers ("X is a dick!"), some totally homophobic, sectarian and racist.

Showed my boss who set me the task of compiling the entire history. After two days I had about three months of history and we called a stop. Details were passed to the Executive first to pass on to HR. I don't think anyone actually got fired, but I do know some final warning letters were issued.

And the moral of the story is - beware of having fun with the simple tools, even they can leave an audit trail.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020