[clug] Detecting malicious former employees

John Fletcher fletchnet at internode.net.au
Mon Sep 11 05:22:30 GMT 2006

Hi guys,
I'm looking for some advice about precautions to take when a potentially
malicious and highly priviliged (previously had root pw) employee leaves an
organisation.  Can anyone give me some advice about precautions to take and
especially where to look to detect possible attempts to gain access or
engage in malicious activity?
In this particular case we're talking about linux firewall, PPTPD,
mailservers, and various other bits and pieces.  Most work done from remote
locations, not onsite.

More information about the linux mailing list