Full Disclosure mailing list archives
Re: Removing FIred admins
From: "Volker Tanger" <volker.tanger () detewe de>
Date: Fri, 13 Feb 2004 08:50:45 +0100
Hi!
We are working on something called "The Button", which is nothing but small script that activates a series of scripts that change all root, local and domain administrator passwords on our Unix and Windows servers when run.
The ex-admin had ROOT access to "his" servers, right? So he can change ANYTHING, right? Including the script, e.g. like NOT changing passwords or adding secret admin-level accounts, right? You said "script", so it uses BASH, PERL or something. ROOT can change anything, right? So he could have changed the BASH, PERL interpreter or something, right? There is no technical solution to a social problem - well, except in this case maybe reformatting the disks and reinstalling from scratch and clean media. Sorry Volker Tanger ITK-Security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Removing FIred admins, (continued)
- RE: Removing FIred admins James Patterson Wicks (Feb 12)
- Re: Removing FIred admins gadgeteer (Feb 12)
- RE: Re: Removing FIred admins Steve Wray (Feb 13)
- RE: Re: Removing FIred admins Michal Zalewski (Feb 13)
- RE: Re: Removing FIred admins Steve Wray (Feb 13)
- Re: Re: Removing FIred admins Valdis . Kletnieks (Feb 13)
- Re: Re: Removing FIred admins Benjamin Schweizer (Feb 14)
- RE: Re: Removing FIred admins Steve Wray (Feb 14)
- PC/DRM Turing-completness (Re: Removing FIred admins) Martin Mačok (Feb 14)
- Re: Removing FIred admins gadgeteer (Feb 12)
- RE: Removing FIred admins James Patterson Wicks (Feb 12)
- Re: Re: Removing FIred admins Valdis . Kletnieks (Feb 13)
- Re: Removing FIred admins Gerhard den Hollander (Feb 13)
- RE: [inbox] RE: Removing Fired admins Curt Purdy (Feb 13)