[UNCLASSIFIED]RE: [clug] Detecting malicious former employees

Basil Chupin blchupin at tpg.com.au
Mon Sep 11 14:05:44 GMT 2006

Michael Still wrote:
> Antti.Roppola at brs.gov.au wrote:
>> Hi all,
>> Also consider what *other* accounts said person might have had su 
>> access to.
>> For example: ISPs, hosting providers, telcos, generic system logins 
>> (i.e. "oracle"),
>> un-documented/defunct/departed/stupid user accounts, cronjobs, web 
>> interfaces,
>> databases etc. etc. etc.
> And machines that there might be sessions on from before the employee 
> left your employ. Screen, ssh tunnels from home, that sort of thing.
> Mikal

I think that caution is necessary here.

The original poster did NOT say that it was an (ex)empolyee of his but 
he was rather asking about a hypothetical situation occurring in "an 
organisation". However you are now very specifically stating that what 
is being discussed here is an (ex)employee rather than a hypothetical 
situation. This *is* a public forum.


This computer is environment-friendly and is running on OpenSuSE 10.1

More information about the linux mailing list