In NYC for a few days doing an audit

You are here: Home › Blog

In NYC for a few days doing an audit

Tags :Technical

This site had an administrator 'removed' some months ago and have been hanging on with some basic skills from other IT folks. What they soon came to discover was that the 'removed' admin left a mess in some areas. Apparently there was no change control or structure. Basically the person was able to do what they pleased. Even in terms of debugging, logging and journaling mail.

The scary part always comes out though. The admin that left had a copy of the default system id that not only signs a lot of the agents, but has Full Access to all files and even encrypts the mail journals. With no audit trail of that id usage, it is impossible to tell if someone outside of the current team has used that id recently. They also do not run password checking/digest so it leaves a nice gaping hole.

blog comments powered by Disqus

On Tuesday, October 11th, 2005 by Chris Miller

Next Document

Previous Document

IdoNotes (and sleep)

Blog

Blog Search

Advertisements

Everything Else

Sponsor

Google Custom Searches

Subscribe

Recent Tweets

Hosting by

In NYC for a few days doing an audit

On Tuesday, October 11th, 2005 by Chris Miller

About Me

Feed & Subscribe

Contact

Random Flickr Photos