Hi! > We are working on something called "The Button", which is nothing but > small script that activates a series of scripts that change all root, > local and domain administrator passwords on our Unix and Windows > servers when run.
The ex-admin had ROOT access to "his" servers, right? So he can change ANYTHING, right? Including the script, e.g. like NOT changing passwords or adding secret admin-level accounts, right? You said "script", so it uses BASH, PERL or something. ROOT can change anything, right? So he could have changed the BASH, PERL interpreter or something, right? There is no technical solution to a social problem - well, except in this case maybe reformatting the disks and reinstalling from scratch and clean media. Sorry Volker Tanger ITK-Security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
