I had an interesting thing happen today. I went to the campus of one of the local community colleges today. They have an area setup that has several computers that access the web for students as well you can access the states own network. It's used for jobs, unemployment, student affairs, welfare, corrections, all state services. Anyway, since I used to work for the state I just had to check out the security. What a joke. I was sitting around looking at the IT job postings around the state to try and get a jump on some outsourcing. So this one lady that works in this office logs in next to me. She's talking to someone else the whole time. So she leaves. She did'nt log out. I was like a kid in a candy store. I just scooted over and went to work. Their main network is Netware. So anyway they must have two kinds of users because this person's access gave me shell access. Oh boy.... So I sit here and pull up Extra for Netware. Then I set the ip I want after running a netstat -an from the cmd line. Set my terminal/device. (still the same as it used to be IBM-3278) good ole' port 23. So I connected. Entered the system command for what used to be the general services login directory. My old User ID and password are not any good. I figured this. So I made one up. Then I typed in the old admin reset to start new logins with. Still the same after all these years "letmein". So anyway I get my access and I'm sitting here looking at this. I laugh and think to myself, "It's a good thing I don't want to screw things up". So I passed lurking around and typed in a message to the syswide drop line. Which is a small line bellow the terminal window they have setup on the state computers to send messages between admins in real time. Then I logged out of everything. Then I left with a grin on my face......The moral to this story. A network, server, workstation or any device thats accessed by anyone is only secure as the users are in their individual security practices. So for all you Admins. Keep those users in check....