Penetration Testing mailing list archives
Re: Handling Sysads resignation/termination
From: Michael Sierchio <kudzu-sf () tenebras com>
Date: Thu, 04 Aug 2005 10:50:15 -0700
Irvin Temp wrote: > I've been working as a security consultant for a > financial company. > > a system administrator handling the several of the > critical servers will be retiring. before he leave the > > company the management wants me to interview him and > in > "certify" that he did not leave any timebombs, > malicious > programs on the pcs. > > Since i have no experience in handling pre-termination > of > a systems administrator, i would appreciate you > insights > and suggestions on how to go about this. > > Questions that needs to be asked. Steps to take to > ensure that the systems are clean after his > resignation. Are you an attorney specializing in employment law? No? Then point that out to your client. If they want the retiring employee to attest that he hasn't done and will not do anything malicious, tell them that they need their counsel to draft a document. If you are asked to perform a due diligence check for timebombs, malware, etc. then that's certainly something you can do. BUT -- the most you can promise is that you didn't find anything using the standard tools and methods. You can't certify the absence of anything. ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- Re: Handling Sysads resignation/termination, (continued)
- Re: Handling Sysads resignation/termination Michael Hammer (Aug 03)
- Re: Handling Sysads resignation/termination Thor (Hammer of God) (Aug 04)
- Re: Handling Sysads resignation/termination Michael Hammer (Aug 04)
- RE: Handling Sysads resignation/termination Erin Carroll (Aug 04)
- RE: Handling Sysads resignation/termination Solomon (Aug 03)
- RE: Handling Sysads resignation/termination Irvin Temp (Aug 04)
- Message not available
- RE: Handling Sysads resignation/termination Mark Teicher (Aug 04)
- Re: Handling Sysads resignation/termination Irvin Temp (Aug 04)