Re: Handling Sysads resignation/termination

spyteknow007_at_netscape.net
Date: 08/04/05

  • Next message: Drew Masters: "Application and Effectiveness of Pen-testing" 
    Date: Thu, 04 Aug 2005 07:53:38 -0400
To: sbradcpa@pacbell.net, znah_irvin@yahoo.com, pen-test@securityfocus.com

    Asking a systems adminstrator to certify that he has not installed any time bombs on a system is unreasonable, as Microsoft has stated in court that IE is a key component of the MS operating system.

    In jest I am making the point. Systems Administrators are often not responsible for the selection of software that is installed on the company servers. Those types of decisions are often made by management. The administrator is simply responsible for implimenting and facilitating the continued operation of such software and services. The administrator cannot certify that a product has not come with a "trojan" already installed, and for the most part, may be completely unaware of any penetrations of the existing network.

    As a Sys Admin, I would never sign such a document. I already have the threat of the law looming over me, to agree to be accountable for any additional mishaps, makes an admin a scape goat for incompetent decisions made by his superiors during his tenure as an employee for that company. Unscrupulous companies are just as common as unscrupulous employees.

    >I've been working as a security consultant for a
    >financial company.

    >a system administrator handling the several of the
    >critical servers will be retiring. before he leave the

    >company the management wants me to interview him and
    >in
    >"certify" that he did not leave any timebombs,
    >malicious
    >programs on the pcs.

    >Since i have no experience in handling pre-termination
    >of
    >a systems administrator, i would appreciate you
    >insights
    >and suggestions on how to go about this.

    >Questions that needs to be asked. Steps to take to
    >ensure that the systems are clean after his
    >resignation.

    >Thanks and God bless!

    __________________________________________________
    Do You Yahoo!?
    Tired of spam? Yahoo! Mail has the best spam protection around
    http://mail.yahoo.com

    ------------------------------------------------------------------------------
    FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

    Learn the hacker's secrets that compromise wireless LANs. Secure your
    WLAN by understanding these threats, available hacking tools and proven
    countermeasures. Defend your WLAN against man-in-the-Middle attacks and
    session hijacking, denial-of-service, rogue access points, identity
    thefts and MAC spoofing. Request your complimentary white paper at:

    http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
    -------------------------------------------------------------------------------

    __________________________________________________________________
    Switch to Netscape Internet Service.
    As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register

    Netscape. Just the Net You Need.

    New! Netscape Toolbar for Internet Explorer
    Search from anywhere on the Web and block those annoying pop-ups.
    Download now at http://channels.netscape.com/ns/search/install.jsp

    ------------------------------------------------------------------------------
    FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

    Learn the hacker's secrets that compromise wireless LANs. Secure your
    WLAN by understanding these threats, available hacking tools and proven
    countermeasures. Defend your WLAN against man-in-the-Middle attacks and
    session hijacking, denial-of-service, rogue access points, identity
    thefts and MAC spoofing. Request your complimentary white paper at:

    http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
    -------------------------------------------------------------------------------

  • Next message: Drew Masters: "Application and Effectiveness of Pen-testing"

    Relevant Pages

    • RE: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)
      ... U will probably need to "morphine" your evil apps before you run them on an AV protected machine - download morphine from hxdef.org; might as well pick up a copy of hf's rootkit while your there... ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, ...
      (Pen-Test)
    • RE: AD password Auditing
      ... Subject: AD password Auditing ... > FREE WHITE PAPER - Wireless LAN Security: ... Defend your WLAN against ... FREE WHITE PAPER - Wireless LAN Security: ...
      (Pen-Test)
    • RE: AD password Auditing
      ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, available hacking tools and proven ...
      (Pen-Test)
    • FW: AD password Auditing
      ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, available hacking tools and proven ...
      (Pen-Test)
    • RE: Handling Sysads resignation/termination
      ... when an administrator behaves badly, ... >FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... >WLAN by understanding these threats, ...
      (Pen-Test)