Is my College Sys Admin full of Himself?

[Earendil]

Everything else aside...does the college know that their Sys Admin can't write a coherent, grammatically correct sentence?

And I accidentally corrected his spelling of "vulnerabilities", which was wrong. Stupid OS X check spell

~Tyler

 

[Earendil]

I sent my sys admin an email and apologized for the misunderstanding, and he hasn't replied, so we're buddy buddy now...but I won't be asking him for anything for a while

Anyway, I have a question for the educated. Because us Linux and Mac users aren't able to install the software that will auto check that we are running all the correct anti-virus software, they will be "scanning" us to tell if we have any vulnerabilities, right system software, and running the anti-virus software. I believe a web browser will offer up most of that information, and a simple Port Scan will test for open ports. My question is, without client side software, exactly how intrusive of a "scan" is he doing in order to tell if I have anti-virus software installed or running? If I assume that he isn't lying about being able to figure that out, I would assume that he is some how hacking Mac OS computers to figure this information out. Or else he could be lying about being able to figure that part of it out. Or perhaps Symantec offers this information to probes when it is running?

Curious...

~Tyler

 

[Westside guy]

My question is, without client side software, exactly how intrusive of a "scan" is he doing in order to tell if I have anti-virus software installed or running? If I assume that he isn't lying about being able to figure that out, I would assume that he is some how hacking Mac OS computers to figure this information out. Or else he could be lying about being able to figure that part of it out. Or perhaps Symantec offers this information to probes when it is running?

I'm a sysadmin, and after all the comments here I'm a bit hesitant to jump in...

Basically all he can do is to scan for open ports that fall into the "likely problematic" group, and if he finds them he can test exploits against them just like any script kiddie. Sans getting lucky with an exploit, there's no way he can hack your Mac without an account. If you're running the OS X firewall, any general portscan he might do will more or less fail - try running nmap against a firewalled box sometime when you can sit around for a while. Scanning for specific ports is usually much quicker.

It is possible they'll also be scanning for gnutella ports and such, so if you are a peer-to-peer user you'd be wise to disable that before joining that network.

As an aside, I will say this guy sounds like a tin-pot dictator. As a second aside, I will say that users who *think* they know more than they actually do tend to eat up a disproportionate amount of any sysadmin's time. I'm not lumping you in that category earendil, I probably would've wanted to tweak the twit as well. But at a minimum people need to remember that Macs are open to the same exploits and vulnerabilities as the other *nix systems (Samba and PHP come to mind; a lot of people unnecessarilly run a webserver on their client box just for the heck of it). I do think as Mac popularity grows we will see more attempts at Mac-specific viruses.

But in any case a PC-centric admin is not going to know squat about really securing any non-Windows system, be it Mac or Linux or whatever. But it doesn't sound like he's the type to admit that; more likely he'll use bluff and bluster. I'd think for that sort of individual you'd have better results basically playing along instead of trying to show him up.

 

[jdechko]

I think that all the admin could do anyway is a port scan to see what ports are open. If he exploited any open ports, couldnt he get in a ton of trouble since basically he was trying to hack a system, regardless of the fact that it was on a network?

 

[bryanc]

I'd just like to add a few things.

1) this guy sounds like a typical ego-inflated nerd who doesn't really know enough about computers to get a job doing challenging work, and has snagged an easy gig running a small college network. Any computer literate people, especially people who are able to use systems he's not familiar with, are bound to be extremely threatening to him, and he has real power, so tread lightly.

2) I am almost certain that he can't determine what software you are running on your private system unless you give him an account. So his claim that he'll know if you're not running anti-viral software is a bluff.

3) He can scan your system to determine what ports you have open, and, unless you take measures to prevent it, he will also be able to determine what version of OS X you're running. However, if you're up-to-date and not running P2P software that opens ports he's looking for, there should be no problem here.

4) Do NOT install Norton Antivirus on your mac. It's a completely bug-infested heap of garbage and it will almost certainly screw up your machine. It's also inordinately difficult to un-install. Symantec has discontinued its development besides. If you feel compelled to run some anti-viral software, find something else (virex comes to mind).

And finally, our system admins here have made similar draconian rules, and all of us mac users just ignore 'em. They can't see what software you're running and they have no right to invade your privacy. Let 'em port-scan you, and spend their time dealing with the endless catastrophes that befall the windows users.

Cheers