Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Handling Sysads resignation/termination
From: Michael Sierchio <kudzu-sf () tenebras com>
Date: Thu, 04 Aug 2005 10:50:15 -0700

Irvin Temp wrote:
> I've been working as a security consultant for a
> financial company.
>
> a system administrator handling the several of the
> critical servers will be retiring. before he leave the
>
> company the management wants me to interview him and
> in
> "certify" that he did not leave any timebombs,
> malicious
> programs on the pcs.
>
> Since i have no experience in handling pre-termination
> of
> a systems administrator, i would appreciate you
> insights
> and suggestions on how to go about this.
>
> Questions that needs to be asked. Steps to take to
> ensure that the systems are clean after his
> resignation.

Are you an attorney specializing in employment law?  No?
Then point that out to your client.  If they want the
retiring employee to attest that he hasn't done and will
not do anything malicious, tell them that they need their
counsel to draft a document.

If you are asked to perform a due diligence check for
timebombs, malware, etc. then that's certainly something
you can do.  BUT -- the most you can promise is that you
didn't find anything using the standard tools and methods.
You can't certify the absence of anything.



------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]