Forgot your password?
typodupeerror
IT

+ - Searching for Backdoors from Rogue IT Staff->

Submitted by WHiTe VaMPiRe
WHiTe VaMPiRe (87507) writes "When IT staff are terminated under duress, there is often justification for a complete infrastructure audit to reduce future risk to a company. sysadmin1138 recently answered a question on Server Fault that provides a through exploration of the steps necessary to maintain security. Read more at How do you search for back doors from previous IT?"
Link to Original Source

Comment: Re:Take some time and think (Score 1) 537

by George Beech (#32036182) Attached to: Juror Explains Guilty Vote In Terry Childs Case

"At one point he was concerned about the security of the FiberWAN routers in remote offices, so he had them set up without saving the config to flash. "If they go down, I'll get alerted, and connect up to them and reload the config." Great, except we have power outages all the time in this city, some of those devices aren't on UPSs, and what happens if you're on vacation? And what about the 15 to 60 minutes it might take you to connect up and reload? He eventually conceded and (ahem) decided that disabling password recovery was sufficient security."

After reading that would you reboot any of those routers? Source

Comment: Re:Not trying to be a troll here, but... (Score 4, Insightful) 418

by George Beech (#32022870) Attached to: Rough Justice For Terry Childs
No that's a twist on what happened to suit the ideas of slashdot. What happened was he was locked up and said "I'll only give these passwords to the Mayor" Now what he was required to do by the state policy was provide the passwords to Information Security for inclusion in the central password management database due to them being production passwords. He obviously did not do this as none of this would have happened if he did.

Comment: Re:Poor jerk. (Score 1) 982

by George Beech (#32009618) Attached to: Terry Childs Found Guilty
... Actually he expressly did NOT follow policy.

All production system-level passwords must be part of the security administered global password management database.

In fact, if the passwords had been in that database, then he would A) probably never had been asked for them and B) would have been able to say "you need to request access from the security department" Now HE may have thought they were "user" passwords because the system was his baby, but if you truly agree with that ... then well this is going to be like arguing with a religious person about the existence of god.

Comment: Re:Depressing, but not uncommon (Score 1) 1251

by George Beech (#28941211) Attached to: Student Sues University Because She's Unemployable
They actually do track these things. It's reported under "Alternative measures of labor under-utilization" Here's the latest report I can find right now

So In July 09 it seems that the "count everyone" unemployment rate was 16.5% with the "official" rate was 9.5% That includes discouraged workers, Those who took part time job and anyone else classified as a marginally attached worker.

Comment: Re:See also: The classic answer to computer proble (Score 1) 214

by George Beech (#27325357) Attached to: How To Prevent Being Hacked Via Backups?

>>What sort of security do you put on your backup infrastructure?

It depends.

I guess it depends how valuable the data is, how current it needs to be. Does it need to be kept secret or simply kept uncorrupted? How fast do you need to access these backups. The harder for you, potentially the more secure.

For starters let's have a copy off-line in a location where the servers are not. Heck, choose another location for more security. I am thinking: A tape and a DVD in a safe with a lock on it. And another somewhere else.

If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

I think you are missing an even bigger problem. How many of your servers does your backup infrastructure have admin access to - or if not admin elevated access? Are your backups a push or pull? If they are a pull you now have INBOUND firewall rules from your backup segment into your other network segments allowing the backup server to talk and start the pull. Or if you have a backup segment, there is not firewall protection, except host based firewalls, which have rules to allow the backup server to talk.

Yes having multiple copies is a good idea, but backups are a very dangerous thing security wise if not done right and secured properly.

Comment: Re:How Many applications? Re:Who reboots? (Score 1) 440

by George Beech (#27122685) Attached to: Quick Boot Linux Hopes To Win Over Windows Users

I don't have any issues with boot time in windows 7. It's up and running in about 20 seconds ... of course this is on an i7 proc w/ 6GB or ram and 15k Velocerapter drives

And how many applications are installed? Unless MS does something amazing, once you finish installing Office, windows boot times traditionally go out the window. And every application thereafter makes it worse. Also, keep in mind that what people are perceiving as boot time is from off to a useable state. For a server this means off->services running. For a user PC this means Off-> Fully Logged in and can launch applications.

Actually quite a few - I use it as my main work machine now with an XP laptop as backup. The full office suite, all of my remote admin tools, VMWare Client, Im, etc. using your definition of usable: fully logged in and can launch applications, my machine is usable in about 30-45 seconds from off and this includes the time it takes me to enter my username/password at 9am before i've finished my first cup o joe. I'm actualy working in about 3-5 mins from boot, outlook up, im up and possible a few ssh sessions and RDP sessions going, depending on what i need to check in the morning.

Comment: Re:Servicedesk+ (Score 1) 321

by George Beech (#27008791) Attached to: Best FOSS Help Desk Software For Small Firms?
I second this, We have two instances, one for Ops and one for Development. Especially with the new release it is a decent product for Small to medium sized shops. The free version only lets you have one tech though, but it's a cheap product to buy between 1k and 5k/year depending on which version you buy and how many techs you need.

To avoid criticism, do nothing, say nothing, be nothing. -- Elbert Hubbard

Working...