Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password Cracking & Consequences

From: Gary Flynn <flynngn () JMU EDU>
Date: Fri, 27 Aug 2004 12:33:28 -0400
Michael Mills wrote:


Actually is does matter.  If the IT staff "Cracks" users accounts then the
IT staff can log on as that user and do as they wish (any department for
that matter).  However if that same IT person changes that users password
and then logs on as that person, an audit trail is created.  Even if that IT
user would delete that audit trail, that deletion would show up in the audit
trail.


That may be the intention but I don't know of
too many commercial operating systems and
applications that can protect an audit trail
from a privileged user. Add-on tools could be
used to transfer events in real-time to another
system but how many people are using them? Even
if you did, you'd have the same issue about trust
in the auditors.


--
Gary Flynn
Security Engineer
James Madison University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: