Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Handling Sysads resignation/termination
From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa () pacbell net>
Date: Tue, 02 Aug 2005 17:39:49 -0700

What's he going to do? Say yes? Then what?


Anyone else besides me thinking of a employment leaving documentation poured over by Attorneys where he/she has to sign something to the effect?

I wouldn't want you to certify that ....that's asking a bit much on your part I think. I think you, your HR department and your firm's Attorneys need to sit down and discuss an action plan.

Normally for anyone who isn't a sysadmin the termination process involved revoking accounts, keys, devices, changing locks etc etc...

Check out Steve Riley on this topic...

http://blogs.technet.com/steriley/archive/2005/07/19/407917.aspx

The article is posted in the security management column section on TechNet and is the Viewpoint article in the July security newsletter. Check it out, and please tell me what you think. It's been generating some opinions :)

http://www.microsoft.com/technet/community/columns/secmgmt/sm0705.mspx

   Do you trust your administrators? That seemingly innocent question
   creates a serious dilemma in the minds of a lot of people. While we
   all know what we’d /like/ the answer to be, the disappointing fact
   is that, increasingly, the true answer is the opposite. This became
   apparent in discussions I had with many attendees at TechEd US in
   May—there is genuine concern about the trustworthiness of
   administrators...



Irvin Temp wrote:

I've been working as a security consultant for a financial company.

a system administrator handling the several of the critical servers will be retiring. before he leave the

company the management wants me to interview him and
in "certify" that he did not leave any timebombs, malicious programs on the pcs.
Since i have no experience in handling pre-termination
of
a systems administrator, i would appreciate you
insights and suggestions on how to go about this. Questions that needs to be asked. Steps to take to ensure that the systems are clean after his resignation.

Thanks and God bless!
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------



--
Letting your vendors set your risk analysis these days? http://www.threatcode.com


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault