[UNCLASSIFIED]RE: [clug] Detecting malicious former employees

Alex Satrapa grail at goldweb.com.au
Mon Sep 11 23:47:33 GMT 2006

On 12 Sep 2006, at 06:28, Michael Still wrote:

> I would expect any organization to have an "exit checklist" that  
> ensures that someone in a trusted position has their access revoked  
> properly. We're talking about what should be on that checklist.

Thanks for pointing out the one about persistent connections.  
Disabling a user's account won't close off their SSH tunnels or  
OpenVPN connections.

How disruptive would it be to close all SSH/OpenVPN connections when  
disabling/deleting accounts? I guess that really depends on whether  
people are actively using the connection at the time - but OpenVPN  
seems to be pretty robust when it comes to dealing with network  
outages or server restarts.


More information about the linux mailing list