[ale] Network security question

James Taylor James.Taylor at eastcobbgroup.com
Mon Apr 2 22:07:16 EDT 2007 

The safest thing to do would be to build new servers in a "clean" environment and format the one's he's worried about.

It's probably a lot of trouble, but if there really is a likelihood that the soon to be former admin could be a problem, then it might be the fastest, most cost effective path.
I'd be willing to bet there's not reliable documentation on the current systems in any case.

-jt
 


James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com










>>> On Mon, Apr 2, 2007 at  7:38 PM, in message
<93519C9B-8829-4C70-84E7-97220664BE7F at speedfactory.net>, Mark Wright
<mpwright at speedfactory.net> wrote: 
> Hi folks,
> 
> I have a problem my boss dumped in my lap.  He is going to let go our  
> network admin because he is dishonest.  He is also pretty good and  
> has bragged about how he hacked his former employer (hp) for mischief  
> when he was terminated.  My boss wants me to tell him what he should  
> do before he fires this guy to make sure this guy can't disrupt our  
> business after he's gone.  We don't know that he will but my boss  
> thinks so.
> 
> The office is in Chicago (me in Woodstock).  There are about 5  
> windows 03 servers and 5 AIX, a Cisco router and a Cisco firewall.   
> My boss is not worried about the AIX as that is our expertise.  One  
> of the windows boxes hosts RDP and one is a webserver using Cold  
> Fusion.  Those are the ones he worries about.  He had trouble before  
> when he tried to change the Cold Fusion password.  The web site  
> stopped working so he is afraid to do that even though he knows he  
> needs to.
> 
> I suggested to him that all the account passwords should be changed  
> on every box for every user and possibly disable email ports on any  
> system that doesn't need email.  I was wondering about root kits that  
> may have been left behind or code that could email out the new  
> passwords in a week or so.
> 
> I know there are some excellent security experts out there.  Any tips  
> would be greatly appreciated.
> 
> 
> 
> 
> Mark
> 
> 
> 
> 
> 
> 
> 
> 
> 
> The box said "Windows98 or better" so I installed Linux.

More information about the Ale mailing list