Jeff,
>It's far more probable that the attack is happening over the network.
But not impossible. Let me add one thing to the came-in-the-door
theory. Just a few years back when we were in another building we had a
bunch of stuff stolen from several offices and labs, all behind locked
doors with no sign of forced entry. It was clear the bad guys had keys, or
even a master key. So we actually had every lock in the building rekeyed,
and not more than a week later the thefts continued as if nothing had
changed. It seems the bad guys got their new keys just as quickly as we
did. And since the move, to two other buildings, stuff keeps getting
stolen behind locked doors. So I have come to the conclusion that door
locks on campus are just decorations to the serious bad guys. The serious
bad guys already have keys to go anywhere they want, and they probably get
their keys before we get ours.
I admit it's wierd for someone to go through all that trouble just to get a
machine to house movies and stuff. But anyone who breaks in to a computer
at all is pretty wierd, and I wouldn't put anything past them after
that. Criminals are not known for their rational behavior, just watch any
episode of those Cops shows.
As always, thanks for your comments. I suppose it really is just an
ordinary network breakin, but I sure wish I had something unequivocal to
settle that. I've got a lot of suggestions of what *might* cause a logon
type 2, but so far no known facts to support an alternative theory.
I'm going home now...
-- David
|