Michael,
Thank you for the excellent suggestions. I will look into tripwire immediately.
As for feeling the pain by the DBAs, that will take some time, thinking and discussion with the other admins. I would appreciate it if people could share their policies/procedures if they have them.
Any other advice by you or others would be most welcomed.
Thank you,
Sharon
On 8/20/06, Michael Tiernan <[EMAIL PROTECTED]> wrote:
On 8/20/06, Sharon Nagao <[EMAIL PROTECTED]> wrote:
> I was informed last week by my manager that the DBAs is to have full root
> access to all Dev and Test servers in our environment.
As quick as a bunny in hunting season I'd get tripwire running on the
systems. You can skip doing MD5 sums for most of the files (it
consumes a lot of time and cycles) just a reality check of
permissions, ownership, change/modify/access times, and simple
checksum will leave you lots of breadcrumbs to follow.
Second thing to do is to figure out how to get them to feel the pain
when something goes wrong (not that we're expecting this to
happen.....) Maybe devise a plan where any changes they've made have
to be reviewed and either approved or challenged. If it's challenged,
they have to account for the reaons or switch it back. Make sure they
get paged for errors too. ;)
--
<< MCT >> Michael C Tiernan.
Is God a performance artist?
EGO hack vivo quod ago accido.
_______________________________________________
bblisa mailing list
[email protected]
http://www.bblisa.org/mailman/listinfo/bblisa
_______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
