Full Disclosure mailing list archives
Re: Removing FIred admins
From: "Paul J. Morris" <mole () morris net>
Date: Fri, 13 Feb 2004 13:38:30 -0500
If you rely in the integrity of information in databases, I would also advise reviewing all trigger code present in your databases and examining how you assess the integrity of your data. There are some very nasty things that someone able to write code within a database could do to make your data gradualy degrade over time (or leak). More broadly, assess what sorts of executable code you might be restoring from backups as part of your data after you have reinstalled all of your operating systems. -Paul On Fri, 13 Feb 2004 16:54:21 +0100 Benjamin Schweizer <besh () gmx net> wrote:
I think you need to do some risk management. There are some steps to keep in mind (from a security-point of view), I'd follow this order: 1. change the logins 2. ensure that he has no more physical access 3. inform his colleques (protect against social engineering) 4. check your logs / increase the log level / install additional ids 5. reinstall the affected systems from scratch (run an audit if not possible) 6. fix security holes that he could/should know 7. ensure that your other admins are upright (be fair) 8. watch your competitors if he sold information 9. break his password, if you have no access to your data 10. prepare for the future
------------- Paul J. Morris Biodiversity Information Manager, The Academy of Natural Sciences 1900 Ben Franklin Parkway, Philadelphia PA, 19103, USA mole () morris net 1-215-299-1161
Attachment:
_bin
Description:
Current thread:
- Removing FIred admins Michael T. Harding (Feb 12)
- Re: Removing FIred admins Cael Abal (Feb 12)
- Re: Removing FIred admins Raymond Lillard (Feb 12)
- Re: Removing FIred admins Volker Tanger (Feb 13)
- Re: Removing FIred admins Benjamin Schweizer (Feb 13)
- Re: Removing FIred admins Paul J. Morris (Feb 13)
- Re: Removing FIred admins gadgeteer (Feb 13)
- Re: Removing FIred admins Cael Abal (Feb 12)
- <Possible follow-ups>
- RE: Removing FIred admins James Patterson Wicks (Feb 12)
- Re: Removing FIred admins gadgeteer (Feb 12)
- RE: Re: Removing FIred admins Steve Wray (Feb 13)
- RE: Re: Removing FIred admins Michal Zalewski (Feb 13)
- RE: Re: Removing FIred admins Steve Wray (Feb 13)
- Re: Re: Removing FIred admins Valdis . Kletnieks (Feb 13)
- Re: Re: Removing FIred admins Benjamin Schweizer (Feb 14)
- RE: Re: Removing FIred admins Steve Wray (Feb 14)
- PC/DRM Turing-completness (Re: Removing FIred admins) Martin Mačok (Feb 14)
- Re: Removing FIred admins gadgeteer (Feb 12)