[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Network security question

James P. Kinney III wrote:
> All systems will have to be scanned just before and again just after the
> dismissal. There needs to be a "shadow admin" brought on immediately to
> start the security sweeps. Once the dismissal occurs, the shadow becomes
> the real admin.
> There will need to be some serious penetration testing done just prior
> to the dismissal (think same day). Basically, the systems will need to
> be locked down and secure first. Once that is done, the exiting admin
> has their passwords locked off on all machines.
> This is a seriously no fun process. The only potential upside to this is
> the ones that brag about past exploits are not very dangerous. They
> typically did "something" with some script-kiddie tools (bad enough but
> manageable.).

	I'd also add the note that a previous employer of mine stated to me
when I was let go and they thought I might do something against the
company... They simply warned me that if they saw any network
disturbance that LEOs would be notified immediately and my name given as
a probable suspect. In this case I wasn't the administrator but just in
tech support but they knew I had considerable more knowledge and had
already shown them open backdoors the previous administrator had left
that the current administrator didn't even know about.