Slashdot Mirror

← Back to Stories (view on slashdot.org)

Searching For Backdoors From Rogue IT Staff

Posted by CmdrTaco on Tuesday August 24, 2010 @09:43AM from the i-left-you-a-present dept.

WHiTe VaMPiRe writes "When IT staff are terminated under duress, there is often justification for a complete infrastructure audit to reduce future risk to a company. Here is an exploration of the steps necessary to maintain security." Of course the first piece of advice is to basically assume you've been rooted. Ouch.

1 of 328 comments (clear)

Min score:

Reason:

Sort:

Re:the work involved.. by arth1 · 2010-08-24 10:02 · Score: 5, Interesting

It's fairly impossible to audit all systems to the extent needed. You can easily burn enormous amounts of money and time doing that, and the remedies can disrupt production more than the damage the disgruntled employee would do.
There are so many ways to hide what you're doing that even rebuilding all systems isn't enough. Dangers can hide not only in backdoors, but dead man switches built in to compilers, stored procedures in databases, backups, or the Boss' PC, for that matter.
So instead of sending good money after bad, it can be immensely sensible to let things be and instead try to ensure that the employees don't leave disgruntled.