Re: Granting Admin rights to non administrators
From: times enemy (timesenemy_at_gmail.com)
Date: 4 Feb 2005 11:58:09 -0800
i must agree, that you should CYA as much as possible here, and that
you should verify that your resume is up-to-date, and then use it to
perhaps find a better work environment.
Some other suggestions:
* Ensure that the backups are running clean and with 100% integrity.
* Review logs to see where tinkerbell wanders off into. If you do not
have such logging in place, then there's another project to add to the
list, for total network security of course.
* If you are paranoid that tinkerbell is just an accident waiting to
happen, then lock his account out of system critical areas. From the
description you gave, it does not seem as though he will be able to
circumvent even the simplest security mechanisms. Also, this ties in
with the logging ... if you find he is intentionally trying to get to
such areas, where he most likely has no right to even know they exist,
then the logs could come in handy.
* If you are curious ... setup a honeypot/net on the network.
* You said he has attempted to gain network admin access since day one.
If you mean just politically that is one thing. If you mean by
attacking the network, that is an entirely different matter. If
anyone, apart from an authorized pen-tester or such, hits the network,
that should, amongst other things, shortly follow-up with some HR
and/or Legal counselling.
* Pray for an out.
I sure do not envy your situation. Good luck!