Security Basics mailing list archives

RE: Desktop Support Access

From: "Gross Barry D." <bd.gross () hosp wisc edu>
Date: Mon, 20 Oct 2003 09:53:58 -0500

Have you looked into SNMP.  Not for certain, but its possible a script could be written to issue a SNMP command to 
disable the port.  Then you could just give them rights to the SNMP writeable password and the SNMP script you created. 
 Not sure if that is any better of a solution then giving the admin rights to the box or not.  The best solution might 
be to make the network team always "reachable"  port enables and disables should rarely be an emergency.



-----Original Message-----
From: Thomas Graf [mailto:tgraf () swmail sw org]
Sent: Friday, October 17, 2003 9:23 AM
To: security-basics () securityfocus com
Subject: Desktop Support Access


Hello everyone, 
Thanks for all the information last time I submitted an email.   A new
situation has risen in my organization.  The desktop support is
requesting access to (Cisco) routers and switches to enable/disable
ports.  Their reason is that they can't get a hold of some the network
team to do this for them.  This will limit their time working at the
desktop by not having to hunt down a network team member.  I know that
they are going to get it and it is a big risk,  but is there any way to
limit there access to just enabling/disabling ports?  

Thanks for all the help.

Thomas Graf
HW/SW Technician


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------

Current thread:

Desktop Support Access Thomas Graf (Oct 17)
- Re: Desktop Support Access David Nichols (Oct 17)
  - Re: Desktop Support Access khayes (Oct 20)
- <Possible follow-ups>
- RE: Desktop Support Access John Canty (Oct 17)
- Re: Desktop Support Access Thomas Graf (Oct 17)
  - Re: Desktop Support Access Tim Syratt (Oct 20)
- RE: Desktop Support Access Halverson, Chris (Oct 20)
  - RE: Desktop Support Access JGrimshaw (Oct 20)
- Re: Desktop Support Access Ivan Coric (Oct 20)
- RE: Desktop Support Access Gross Barry D. (Oct 20)
- RE: Desktop Support Access Wilcox, Stephen (Oct 20)
- RE: Desktop Support Access Tucker, Jason (Oct 20)