[UNCLASSIFIED]RE: [clug] Detecting malicious former employees
Basil Chupin
blchupin at tpg.com.au
Mon Sep 11 14:05:44 GMT 2006
Michael Still wrote:
> Antti.Roppola at brs.gov.au wrote:
>> Hi all,
>>
>> Also consider what *other* accounts said person might have had su
>> access to.
>> For example: ISPs, hosting providers, telcos, generic system logins
>> (i.e. "oracle"),
>> un-documented/defunct/departed/stupid user accounts, cronjobs, web
>> interfaces,
>> databases etc. etc. etc.
>
> And machines that there might be sessions on from before the employee
> left your employ. Screen, ssh tunnels from home, that sort of thing.
>
> Mikal
I think that caution is necessary here.
The original poster did NOT say that it was an (ex)empolyee of his but
he was rather asking about a hypothetical situation occurring in "an
organisation". However you are now very specifically stating that what
is being discussed here is an (ex)employee rather than a hypothetical
situation. This *is* a public forum.
Cheers.
--
This computer is environment-friendly and is running on OpenSuSE 10.1
More information about the linux
mailing list