Announcement

Collapse
No announcement yet.

Administrator Leaving

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Administrator Leaving

    Hi. The system administrator of my consulting firm is leaving for a new job. There are no hard feelings either way, but we do need to change passwords for security's sake. My question is, what passwords should be changed? I'm new to this job, so I don't really know much about the network, but my boss asked me to make a list of passwords that need to be changed, so in general, what passwords should be changed?

    Thanks in advance.

  • #2
    Re: Administrator Leaving

    For the most security? All of them. Even emails sent from a standard user account could be detrimental to a business.

    For minimal? All service, all domain admins, all Ent admins, all schema admins, all local admins.
    Then you need to look at routers, switches, VPN, all remote access, door access codes, mobile phone provider support codes even.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Administrator Leaving

      Our company supports 2,500 servers over our entire organisation most of which are (as they bloody well should be) in secure rooms in secure buildings in secure sites. Without physical access to the servers we access from internal machines using our own individual admin accounts (see: BEST PRACTICES) and the root "Administrator" accounts have their credentials locked in a safe and only like 3 people have access to the safe. Service accounts and non-individual accounts with privileges have NO remote access rights.

      If we're outside the site, we use a VPN with separate, two factor authentication.

      In these circumstances, all you need to do is (a) disable his VPN token and RAS account, (b) change the password of, and disable, his admin and humble accounts, and (c) remove his physical access to buildings.

      No service accounts, no "other" admin accounts, need be changed.


      Tom
      For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

      Anything you say will be misquoted and used against you

      Comment


      • #4
        Re: Administrator Leaving

        Didn't LC5 (and probably other progs) allow reading of accounts and then brute force cracking? I know what you are saying Stonelaughter but in theory any account is at risk which is why Admins have to be the most trusted people in an org. I would err more on the thought he could even have setup a wireless AP plugged into a socket hidden away somewhere if he really wanted to.
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Administrator Leaving

          Thank you very much for the quick and clear response. I'll bring this list to my boss and see if this is good. I'll be sure to check back here if I need anything else.

          Thank you,

          The BigBadBaz

          Comment

          Working...
          X