[Leaplist] Security Audit Advice
Robin (Bartow FL)
leap-cf.mailbox at gibp.com
Sun Dec 16 11:09:07 GMT 2007
> >
> > I'd find out who has the root password by changing it. Then I'd decide if they
> > actually need root or sudo.
>
> Excellent idea.
>
> But I would clear this in advance with the person that would be authorizing my compensation. And email all system users within 30 seconds after the fact. This is because some users will not speak up right away, and could waste hours of company time before they figure out the root problem.
>
> robin
I used to pull electrical wire through conduits that had live circuits.
No electrical schematics were available to show what breakers I could
turn off. The company would lose lots of money if I experimented.
robin
More information about the Leaplist
mailing list