Larian Studios Forums General Chat Chat (Anything) Harddrive stolen, consequences?

Yesterday one of our hard drives was stolen out of the library. Just out of one of the public access PC, so I hope, the data in there won't allow the thief to gain access to security info of our township.

Questions =>
We have network PC - is it possible to hack into the passwords, even if these PC have no admin account, so they can't be looked up as they don't exist there?
Is it possible to get the major IP/gateway info and if - what use could that be?
PC content is Win 2000 and a sort of internet access (only intranet for security reasons). Our catalogue data are not stored on these hard drives, but on a main one in our electronics department. In any case, this is not security info IMO.

Could anyone of you tech cracks explain this a bit to me in simple Orc English? Please?
Kiya <in a really bad mood>

PM

This answer from Tech Support Guy.......

If you have a domain network, I doubt any useful information is on the PC as far as cracking your network. It's not a bad idea to simply change the domain admin passwords and the like periodically anyway, maybe now would be a good time?

Find more answers here... Techguy.org

Hope this helps! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

if data is stored via network instead of locally on the hard disk, then that particular data won't be stolen.

but i feel that since it's for public access (i mean the pc), i don't think there's much worry on security issues (i may be very wrong) as IT techs should have ensured that critical data or info isn't stored there. unless employees store file in there which may contain info or data which is sensitive to public.

kiya, u may have to ask the library techie about the security policy in that pc to know more. only he knows the actual setup, that is if he's the one who set up the pc.

hope that helps.

How could anyone steal a harddrive from a library? Amazing.
IMO thieves wouldn't get any possibility to steal your passwords or data, if it's stored on your server, but they'll learn about your IP addresses and open ports, so they could perform a DoS (Denial-of-Service) attack.

I wish I knew, Moonbear <img src="/ubbthreads/images/graemlins/puppyeyes.gif" alt="" /> (I checked all hiding places, but the alarms were on - we don't know) - the trouble is: we're not informed exactly about what was on that drive (though my colleague and I are system admins). Passing on security info is done in a very restrictive way.

We already lost a TFT monitor 3 months ago in the youth library and have to lock up rooms now, all TFT are secured with steel cables now (yuck) - yesterday we locked up all PC in safety cases, probably leading to our next prob: where are the damn keys! Yeah, we're good at losing them <img src="/ubbthreads/images/graemlins/shame.gif" alt="" /> And this was the reason, why the other system admin decided against locking up the PC - and I didn't know, the cases had been delivered already.

It's not easy to patrol, accomplish information duty, keep youngsters at a moderate noise lvl and check all the time. Since we've got those PC, we only have trouble. <img src="/ubbthreads/images/graemlins/cry.gif" alt="" /> Kids try to hack them constantly - but imagine this:

you're a lawful member, want to research in peace and quiet and have a dragon librarian breathing down your neck all the time, eyeing you suspiciously and asking all the time: what the heck are you doing? This distrust would aggravate me terribly. And some PC are in distant corners, so members don't have to walk the long way, overcome dangerous stairs, avoid spiteful shelves to research.

i can tell u this isn't new, even here in malaysia.

we also have people who would steal from public facilities. a friend who works in an education institute always complain to me about how stuff get stolen from his labs even when he can look through the glass panel to see the entire lab! those thieves are level 20 rogues, i can tell u. <img src="/ubbthreads/images/graemlins/suspicion.gif" alt="" />

happened to me as well. not that it's necesarry, i installed a freshener in a lab for students benefit but within a day, it was stolen. <img src="/ubbthreads/images/graemlins/cry.gif" alt="" /> now i let them stink in that lab without care.

i know this won't help much, kiya, but one can also try double-tape the monitors down to the table to frustrate the would-be thieves. as for the hard disk issue, maybe u should invest in lockable computer cases. i'm seriously thinking of it as well for my labs.

Well, if harddrive had been taken out of the PC, than it must have been shut down. Than it must have disappeared from the network. Possibly you should search for some kind of software which would ping all the PCs and alert you.

Of course you should change passwords. If the harddrive had the admin profile on it than this is the onle way. If the profile was loaded from network than it's ok.

well, it's quite a good idea, razor. by disallowing the system to shutdown by all but the administrator, one can have a monitoring program that sends out signals every particular interval to let the server know that system is still connected. when it misses an interval, an alarm can be issued which i guess can be sent via e-mail to administrator(s).

most motherboards now have hardware intrusion capabilities. meaning it can detect if the computer case is securely closed or opened. audible alarm will be issued should that event occur & the alarm feature is active. meaning that system must be switched on for that to happen.

No chance to change PW. Config was set to "never change" - convenience to start them up faster - our "admin permission" is very restricted. The security department is puzzled about the thief (same as I am). Thief only took harddrive and went through the trouble to loosen 4 screws, but left RAM and Radeon 9200 in the PC.

Wish I could mindread.
Kiya

Public PC are now in security cases. I asked for a nice cable leading to the electricity power supply (just for a nice bolt) - but ... hmph, my colleagues think I'm too cruel. Only one male colleague supported my idea - SISSIES!

Ooh see the "Dragon" coming out of the Angels sleeve <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

<img src="/ubbthreads/images/graemlins/ROFL.gif" alt="" /> i think kiya is being fair to expect the thief to repeat his/her performance. can somebody sing Electric Dreams? <img src="/ubbthreads/images/graemlins/evilgrin1.gif" alt="" />

kiya, is the PC limited in web-surfing rights? what OS is that pc running? can a user simply run any executable file although not to install? too many possibilities. too many ifs. <img src="/ubbthreads/images/graemlins/confused.gif" alt="" /> that thief can be after anything & i don't think it's the hard drive. the hard drive is only a medium for what he/she want.

the old times when all cases came with a lock :s well I might still have such case here somewhere. workstation cases should ALWAYS be provided with a lock. For more reasons than theft alone, network admins know what is most unlikely to happen will happen.

it might also be just a malevolant act just like someone getting out from a library with 60 books... or performing DoS attacks for so called fun...
unfortunatly there are always people for just doing that!!!
well i understand you can't count on that, kiya...

Yeah, maybe the person has a huge overdue book fee and they want to 'erase' it!

One consequence of the hard drive stolen, is one less hard drive!!

Nah but seriously, move all the computs into the centre with a velvet rope (hmmmm...velvet rope) to section it off and ya can keep an eye on them. Maybe with a camera that can see all the computers too.

The same person might try it again.

nevermind the "velvet rope....make it a cow fence with enough juice to dim the lights in the whole building....that will get someone's attention i'm sure, either that....or the smell! <img src="/ubbthreads/images/graemlins/tongue.gif" alt="" /> <img src="/ubbthreads/images/graemlins/ROFL.gif" alt="" />

But how could that be? Admin is to posess godlike rights in his realm. Maybe you should reinstall the OS? Sounds nasty, but.. as for me I have to reinstall my WinXP almost every month. Too curious about it's core <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

Another suggestion - why not authoirise the physical acess to the PC? Or just log everyone who uses it..

Do you back up you network? If it has some valuable information, than it's a good decision.

Let's hope that man (or maybe woman) won't come again. What if he takes the hardrive back, full of viruses. Or with a backdoor which is the worst.

That's all I can think about right now <img src="/ubbthreads/images/graemlins/stupid.gif" alt="" /> Good luck!

Why you have to reinstall your XP almost every month? I don't have to do that, my is about 6 months installed and i didn't got any problems with performance or configurations and i have a lot of things installed and never used the XP defrag or another defrag at my HD.

Kiya about your problem, the person who stolen the computer can learn about your network using the ip adress and the netmask with this he can discover broadcast adress and some other information - not much danger - just an knowledge about your network - about the passwords - he/she can recover your passwords of emails if the IE was able to keep it and about admin passwords just if some admin was using the machine - if your network is secure as you said, with sure the computer have security policies - what isn't much but make a bit harder to get some informations - depends only how it was implemented.

Like jang said: "to many ifs".
About the steeling thing: Here we have a lot of these troubles too, even more with big people(companys, and others of the business circle).

As I've said I am curious about WinXP core processes, how it works on the lowest level. I hack into it's resourse files (mainly in /windows/sytem32 folder), experiement with RegEdit (choose 'Run' from the Main Menu and type 'regedit'), try to increase it's performance and weight on the hard drive. As a result I get my own personalised OS, which is not very stable (still working on it) but runs much faster than the under the default configuration

COuld you tell me some Xp tweaks then? I have my XP heavily tweaked but I still htink there is some hidden checkbox of miraculous performance increase somewhere!