Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Who gets your trust?
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Mon, 17 Jan 2000 11:22:07 -0700
http://www.sunworld.com/sunworldonline/swol-01-2000/swol-01-security.html

Who gets your trust?

Security breaches can come from those you least suspect

  Summary
  Systems administrators have extraordinary access to all the data on
  corporate systems. What can be done to ensure that your
  administrators will not betray that trust? (3,000words)

By Carole Fennelly

In the business world you will often hear the statement "We don't hire
hackers." When pressed for a reason, the speaker usually reveals a fear
that a "hacker" will install a back door in the system. Time and time
again, however, I have seen back doors installed by employees or security
professionals whose integrity is never questioned. When confronted, they
usually say it's no big deal. After all, they have the root password. They
just wanted to set up a root account with a different environment. That's
not hacking, right? Wrong. Their intention did not matter -- the security
of the system has been bypassed.

This article discusses how administrative privileges can be abused and
suggests some methods for countering that abuse. It is not meant to imply
that every administrator abuses privileges or has malicious intent -- just
that you shouldn't assume anything.

[snip...]

ISN is sponsored by Security-Focus.COM

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]