[UNCLASSIFIED]RE: [clug] Detecting malicious former employees
Alex Satrapa
grail at goldweb.com.au
Mon Sep 11 23:47:33 GMT 2006
On 12 Sep 2006, at 06:28, Michael Still wrote:
> I would expect any organization to have an "exit checklist" that
> ensures that someone in a trusted position has their access revoked
> properly. We're talking about what should be on that checklist.
Thanks for pointing out the one about persistent connections.
Disabling a user's account won't close off their SSH tunnels or
OpenVPN connections.
How disruptive would it be to close all SSH/OpenVPN connections when
disabling/deleting accounts? I guess that really depends on whether
people are actively using the connection at the time - but OpenVPN
seems to be pretty robust when it comes to dealing with network
outages or server restarts.
Alex
More information about the linux
mailing list