Security? No, please!

In the last couple of months I have been working in different scenariosI notice that people is not taking care of some basic security aspects. 

For example:

  • We were working in a network issue. An engineer was requested to check a server log. After a few seconds this person wrote in a multichat conversation: “C0n$0le7” :S . To hide this big mistake, he wrote down “fjkfslfadslfjsljf”. Because I¨m just curious,  I decided to check from my computer the access to this server. Was not so difficult to gain access. I did an appointment to try the day after and this guy did not change the password and 1 week later password is still the same!!!!!
 
 
 
  • Another example. 01:00 am, another network incident. I was on-call and this is the situation:

PersonA: “We have problem in this device, could you please help us?”.

Me: ” We are not supporting this device could you please call the people in charge?”

PersonA: “Could you please help us anyway….?”

Me: “I don´t have rights to access this device”

PersonA: ” I already sent to you an email with root account”

Me: :S

PersonA: Please.

Me: Let me try…. 

      ……….

      After some checkings…. done!

PersonA: Thank you. 

Me: No problem

I did an appointment to check this password some weeks later and….. babum!! it works!!

 
  • Scenario 3. During another issue in which I was trying to explain to the ingeneer in charge of a server how to configure the server…. (yes it is true!!) I requested to him a user and password to do some test with a test user. This guy told me: ” Use mine, but please don´t share with anyone”. This was 6 months ago and still today I can access this server!!!!!

 

 

Advertisements

Posted on 20 April 2012, in elguber and tagged . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: