On Thursday 23 October 2003 05:58 pm, Fajar Priyanto wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 23 October 2003 09:48 pm, Jack Coates wrote: > > .bash_history is cake; just kill -9 your own session instead of using > > logout or exit. wtmp is harder, that'll involve editing the logfiles. > > BTW, ssh has its own access log so check that one too for > > inconsistencies with wtmp. > > Thanks Jack, > The problem we're dealing here is the process of replacing our current > administrator because of - unfortunately - negative cause. > > So, right now he's still got his root password. Do you have any resource on > good practice how to replace administrator in safe and good way? > Thanks
Yea, walk up to him, escort him to the door while all accounts are being locked. Don't even let him stop to get his things. Allow him to come back on Saturday and have security box his things up and let him get them at the security desk. Have him give you the passwors and if he refuses, do what you can to protect yourself. Make SURE he does not have access from a modem or access point. If you are so totally compromised that you have no clue how many holes he may have, you better hire a good security expert first. :) > - -- > Fajar http://linux.arinet.org > Linux mdk91.sistek.kom 2.4.21-0.13mdk GNU/Linux > 07:50:47 up 16 min, 10 users, load average: 0.30, 0.63, 0.52 > Quote of the day: > NT (as in Windows NT) is short for "Not Trustworthy". > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE/mHlNMai9kCFqACoRAhHIAKCE/XgiBRwu4XHb5RIA2IucHOnk2gCeMehk > /NVv4bpLvvWsNm8yxYnPxrU= > =e9jo > -----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
