Hello,
I have a friend who has requested I assist him at his workplace because they are laying off their IT Manager under less than amiable terms. Essentially, he is afraid that he might have arranged some ways for him to get in after he is gone, and he wants me to see what I can do to secure things as best I can.
I have several years experience with Linux, but more from a casual standpoint. I have a Linux server, but my role is usually to add and remove users and install security updates as they come out. Another friend of mine who is really into Linux does most of the other work on my server.
What I am wondering is if you guys could give me a general idea of several of the most important things to check. I already plan on checking out /etc/passwd to see if there is anything unusual there. (Though I'm not even sure what sort of items should be considered acceptable and what ones not!) They also want me to remove his e-mail account, though I think I would like to keep it as an alias and maybe forward it to the company manger or owner. Problem is, I can't even remember how to setup aliases, it has been so long since I have done much like this. (On my server, we are using ISPMAN, so account creation is all menu-driven, it's been years since I've added users, removed users, configured e-mail, setup aliases, etc. from the command line.)
I do not expect to immediately become a Linux expert, but I am hoping that a lot of this will come back to me. I am working on getting a Linux desktop ready to experiment on tonight -- I don't want to toy with my server as I require it for many things -- so I hope to get a refresher course, as I go in tomorrow morning to get this stuff done.
In addition, they're running a GNATbox firewall, and I haven't even seen these things since they first came out 11 years ago. Fortunately, it's mainly web-based, so any obvious holes in the firewall should be easy to fix up.
I tried searching online for this sort of thing, but haven't come up with much, which is why I thought I'd say something here. Don't mean to let my newbie show through! Any help would be appreciated! Thanks in advance.
I have a friend who has requested I assist him at his workplace because they are laying off their IT Manager under less than amiable terms. Essentially, he is afraid that he might have arranged some ways for him to get in after he is gone, and he wants me to see what I can do to secure things as best I can.
I have several years experience with Linux, but more from a casual standpoint. I have a Linux server, but my role is usually to add and remove users and install security updates as they come out. Another friend of mine who is really into Linux does most of the other work on my server.
What I am wondering is if you guys could give me a general idea of several of the most important things to check. I already plan on checking out /etc/passwd to see if there is anything unusual there. (Though I'm not even sure what sort of items should be considered acceptable and what ones not!) They also want me to remove his e-mail account, though I think I would like to keep it as an alias and maybe forward it to the company manger or owner. Problem is, I can't even remember how to setup aliases, it has been so long since I have done much like this. (On my server, we are using ISPMAN, so account creation is all menu-driven, it's been years since I've added users, removed users, configured e-mail, setup aliases, etc. from the command line.)
I do not expect to immediately become a Linux expert, but I am hoping that a lot of this will come back to me. I am working on getting a Linux desktop ready to experiment on tonight -- I don't want to toy with my server as I require it for many things -- so I hope to get a refresher course, as I go in tomorrow morning to get this stuff done.
In addition, they're running a GNATbox firewall, and I haven't even seen these things since they first came out 11 years ago. Fortunately, it's mainly web-based, so any obvious holes in the firewall should be easy to fix up.
I tried searching online for this sort of thing, but haven't come up with much, which is why I thought I'd say something here. Don't mean to let my newbie show through! Any help would be appreciated! Thanks in advance.