Jump to content

Task Tracking


Navy IT

Recommended Posts

Good day to all, I am an Network admin In the Navy and I am responsible for 250 seats and 25 wintel, unix, linux and solars servers. We have 300-350 people to support. I am having trouble keeping up with Trouble calls put in buy the users. Being the Navy They will not let us load Track-it software. Currently we are using Outlook task list to keep track of the trouble calls. The users will send an email to a group list that sends an email to all the IT folks. Its really hard to keep track and keep good records of problems on certain boxes. So I need a way to track and follow up on trouble calls placed. Any help would be great. Thanks and have a fine Navy Day. IT2

Link to comment
Share on other sites

Good day to all, I am an Network admin In the Navy and I am responsible for 250 seats and 25 wintel, unix, linux and solars servers. We have 300-350 people to support. I am having trouble keeping up with Trouble calls put in buy the users. Being the Navy They will not let us load Track-it software. Currently we are using Outlook task list to keep track of the trouble calls. The users will send an email to a group list that sends an email to all the IT folks. Its really hard to keep track and keep good records of problems on certain boxes. So I need a way to track and follow up on trouble calls placed. Any help would be great. Thanks and have a fine Navy Day. IT2

There are products made specificlly for help desk tracking that use Outlook and Exchange together. I can't imagine how the Navy wouldnt already have something in place, let alone allow this info to be discussed on an open public forum for risk of divulging sensitive information.

I don't know that I feel comforatable with my governments military getting its IT advice from public forums either when half the people on here are 1, in high school, or 2 sysadmins who would question the validiity of your post in the first place. The "Network Admin" should have some training and experience with this sort of thing and I would hope follow protocol in such a situation as specified by his training and authoritive personell.

If they dont allow the installation of tracking software (not to mention that the DoD, Navy and any military departments for that matter REQUIRE encryption ala Outlook and certificates for tracking already) its probably because its not safe with the needs of what is in place and not approved for the purpose of keeping sensitive data protected.

With questions like this its no wonder government laptops, HDD's and Thumb Drvies end up in places they arent supposed to. Don't they have any sort of security and sysadmin training in place before you people get your jobs as Sytem Administrators? Ive also never heard of System Administrators being the ones doing Help Desk calls.

Edited by digip
Link to comment
Share on other sites

Thank you for replying to my post but you were very vague with your answer. For the matter that I should have the training is irrelevant to the situation. I was given what they thought I needed/ had the funding for. Yes we have processes in place but there is always room for improvement. Also the fact that there was no classified information was given or even that there were no specifics disclosed there is no problem with what I posted. I would not jeopardize my clearance over a tasking question on the net. If you have a problem with what your Government does with its IT infrastructure and you disapprove, either join to fix it or let your senate know. So it was a simple question and still no answer was given.

Furthermore products that are used are based on the price not vulnerabilities with the software. If you realize we are in a war and have limited funds. So instead of coming off looking smart you look like an A$$. So if you reply please just answer the question to the best of your ability. But I am not here to argue why or why not I should post this question. If you help me you help yourself and every American. I just would like an answer that could make my job easier and make the IT side of the Navy run better.

Thanks IT2

Link to comment
Share on other sites

digip is correct. I'm sure there are better ways to find the information you seek.

I use HEAT at work, but it's a horrid piece of shit and I doubt it would be up to government standards.

Thank you. It’s not about being up to government standards. I just need it to handle what I am dealing with. Just because we are the Navy/ DoD it does not mean that we don’t use regular programs like civilian businesses. All suggestions are great. I need to exhaust all my options. I might find a gem and make the whole system better. Thanks again. IT2

Link to comment
Share on other sites

Thank you. It’s not about being up to government standards. I just need it to handle what I am dealing with. Just because we are the Navy/ DoD it does not mean that we don’t use regular programs like civilian businesses. All suggestions are great. I need to exhaust all my options. I might find a gem and make the whole system better. Thanks again. IT2

I think you miss my point, and even though you dont think you have disclosed any important info, you certainly have to someone who would want to find a way in, hence, knowing a flaw in outlook, windows, etc, maybe even getting info out of you down to the version of the software you are using (Such as your Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022 from norfolk va), or social engineering you into something you didnt even see coming, like getting you to visit my profile so I can confirm your IP address (which is a .mil address, thanks) but more than that, if you know anything about computers then you must know there are solutions to fix your problem. One of which(and is old and boring but I must repeat for shear lack of patience) is the use of google.

http://www.google.com/search?hl=en&sou...re&gs_rfai=

Now, what I would do if I were you, check out a few of them, then come back with your questions about which one you think would suit your needs best. Then I'm sure people will reply with their opinions on what they would recommend over a certain product or even what they use themselves. But again, knowing what you use publicly, if they did contain a flaw known to some group, does put things at risk, even if you can't see it on the surface. For instance, its not hard to find navy helpdesk contact info online, and even easier to find email addresses for the navy .mil space.

You've come to a site visited by hackers from all over the globe, many of whom are NOT registered with the site, and yet still use info found here for good and bad purposes, so limiting exposure of things like what the military is using I think is an important thing in my mind. Maybe I come from a different philosophy than you and I'm sure there are people on these forums who will more than disagree with me on my points of view, as we get into these kinds of discussions all the time, but I just don't feel comfortable with seeing my military publicly disclosing any kind of info I find sensitive, even if irrelevant in the eyes of most people.

You see, by coming here from a .mil address and being able to confirm your browser, one fo which is flawed and weak on security, I could recommend a piece of software and give you a link. You could visit said link and I could harvest your IP address, you machines OS, browser version, etc, and form some sort of attack to get into your machine, then use it to launch an attack into the navy's machines, however far up the chain your credentials get you in, and then some more, if there are other flaws found in your organization. Don't believe me? Ask google how the Chinese got into their system a few months ago, and then tell me I'm the one who looks like a ass!

Want some serious help, don't disclose everything to people. Ask relevant questions, like "My work needs to add some tracking software to our help desk procedures, what can you recommend." Stating info like, "I'm from the navy supporting this many potential nodes to compromise with this specific software, known to have this specific flaw, and oh, by the way, here is my IP address, and the browser I'm using, etc, etc, etc". Can you see my point? Please tell me my rant isn't falling on deaf ears...

Edited by digip
Link to comment
Share on other sites

Let me just add another scenario to drive my point home a little more. Lets say i set up a site, stating to be helpdesk software. "Hello Navy IT, don't listen to that Digip guy, he doesn't know what hes talking about. My name is John, I run a company who doest IT Helpdesk Software and we work with government agencies. We're GSA Certified and a large supplier to the US ARMY in general. We have several solutions which work with Microsoft Server 2003/2008, Exchange and Outlook specifically. Here is a link to our PDF brochure with all the details and contact info. Please share with your personnel and the people in charge of procurement/purchasing so we can give them a quote on the different levels of pricing and software tiers."

Now, not saying you would do this, but lets say you then went and downloaded this PDF and emailed it to your co-workers. The brochure is classy, information is decent and prices are just what you are looking for. You and the other system administrators decide this is the package for you. But in the meantime, the compromise has already happened. The PDF contained a meterpreter backdoor to anyone who opened it(undetectable to virus scanners), the sysadmins who viewed this brochure were all higher up sys admins with access to databases, file servers, email, etc, that may or may not have have sensitive info, but either way, each of those people have now had their machines compromised, all because you followed a link and opened a PDF sent by someone who you believed to be helping you find a solution.

I often get people tell me I go overboard or that I'm anal about security, but I tell you this, if you aren't worried about security from all angles, then you haven't seen the tip of the iceberg. I may seem like I'm being extreme in my scenarios, but thats because its when you least expect to be compromised that you already have been. I know shit about security and I am not a system administrator, but I have worked around this stuff long enough, had enough training and have enough friends who ARE security professionals, watched and seen this sort of thign happen and know it is possible and does happen on a daily basis.

Edited by digip
Link to comment
Share on other sites

I don't want to know what is out there. I want to know what works. As for what the Navy uses, I am just a small small part of the whole Navy and I can not speak for everybody else. It don't matter what company I work for I just need a better/faster way to accomplish my goal. I m sure we can go back a fourth proving each other wrong but that defeats the purpose of posting. I do however see where your coming from with the sensitive info. But really, any website can get your info. It dose not matter how secure you are someone will always be able to find a way in. I would not suggest getting into government networks if that's what your implying. If that's not what your implying, cool beans. But all in all Thanks for the Reply. IT2

Link to comment
Share on other sites

Let me just add another scenario to drive my point home a little more. Lets say i set up a site, sating to be helpdesk software. "Hello Navy IT, don't listen to that Digip guy, he doesn't know what hes talking about. My name is John, I run a company who doest IT Helpdesk Software and we work with government agencies. We're GSA Certified and a large supplier to the US ARMY in general. We have several solutions which work with Microsoft Server 2003/2008, Exchange and Outlook specifically. Here is a link to our PDF brochure with all the details and contact info. Please share with your personnel and the people in charge of procurement/purchasing so we can give them a quote on the different levels of pricing and software tiers."

Now, not saying you would do this, but lets say you then went and downloaded this PDF and emailed it to your co-workers. The brochure is classy, information is decent and prices are just what you are looking for. You and the other system administrators decide this is the package for you. But in the meantime, the compromise has already happened. The PDF contained a meterpreter backdoor to anyone who opened it(undetectable to virus scanners), the sysadmins who viewed this brochure were all higher up sys admins with access to databases, file servers, email, etc, that may or may not have have sensitive info, but either way, each of those people have now had their machines compromised, all because you followed a link and opened a PDF sent by someone who you believed to be helping you find a solution.

I often get people tell me I go overboard or that I'm anal about security, but I tell you this, if you aren't worried about security from all angles, then you haven't seen the tip of the iceberg. I may seem like I'm being extreme in my scenarios, but thats because its when you least expect to be compromised that you already have been. I know shit about security and I am not a system administrator, but I have worked around this stuff long enough, had enough training and have enough friends who ARE security professionals, watched and seen this sort of thign happen and know it is possible and does happen on a daily basis.

Thanks, that is a real good scenario. I def see where you are coming from. IT2

Link to comment
Share on other sites

Unfortunately my post will have no relevance nor help the Navy. However I simply find it odd that a supposed government employee is looking for help in this public forum...

Yes, I found it odd too, hence my rant, but he does appear to be from the navy.mil domain space. Not something I think one could try to forge easily. I am just surprised no one else has really come forward with ideas to help him with, we have lots of sysadmins here, but maybe they kind of took the same view I had in my first post and decided not to step into those waters. I know my work used Heat as Charles mentioned above, but they also bitch about it, so I guess it has its ups and downs. I also reccommended CCS, which I hear people talk about because of its integration with Exchange and SQL server for keeping an organized database within outlook and office products. I can't personally endorse anything as I do not run a help desk, but I think my posts were from a different point of view than whether or not he should use product A vs product B.

Link to comment
Share on other sites

I am just surprised no one else has really come forward with ideas to help him with, we have lots of sysadmins here, but maybe they kind of took the same view I had in my first post and decided not to step into those waters.

Your assumptions are most likely correct.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...