Slashdot Mirror

← Back to Stories (view on slashdot.org)

Searching For Backdoors From Rogue IT Staff

Posted by CmdrTaco on from the i-left-you-a-present dept.

WHiTe VaMPiRe writes "When IT staff are terminated under duress, there is often justification for a complete infrastructure audit to reduce future risk to a company. Here is an exploration of the steps necessary to maintain security." Of course the first piece of advice is to basically assume you've been rooted. Ouch.

2 of 328 comments (clear)

  1. Re:Pointless by mysidia · · Score: 0, Flamebait

    No, but it will go away when you upgrade PHP and all your PHP modules, which should be at least twice a month.

  2. Re:Two words by Anonymous Coward · · Score: 0, Flamebait

    ::sigh::

    http://www.pcworld.com/businesscenter/article/149159-4/sorting_facts_from_fiction_in_the_terry_childs_case.html

    Common Practices Portrayed as Nefarious

    The documents filed by the city in opposition to Childs' bail reduction contained many vague references and claims of nefarious actions. But to those with experience in network administration, these activities seem like common practice.
    For example, the documents portrayed the fact that Childs had configured some number of routers to disable password recovery as a subversive action, when it's common to use that function to secure routers and switches that cannot be physically secured.