Quote:
Originally Posted by directfiesta
That excuse of rogue employee does not fly.
Each server hace their own user/pass, that user of said server should change once delivered to them.
In the case that the host creates an admin account on the server , it is never the same password for all boxes ... please, if it is , someone seriously screwed up .
And user should delete that admin account , as he can always give his unique password to the host in case of necessity, changing it afterwards.
How many employees come and go in a datacenter ???
|
Most, if not all hosts have what are called a "jumpbox". Essentially, it's a box that's allowed to go to all servers in their possession. Each employee has/should have it's own ssh key, however, some utilise an "universal" key thats on the jumpbox that everyone uses, as it eases handling and changing of the key (ofc, there's way more possible ways to set these things up etc).
I don't buy the rogue ex employee either, but by the state of the network, i'd guess they noticed someone hacked the main box with keys and all shit broke after that. They took it all down, and are combing everything for the noticed backdoor. Sadly, if it's something like that, its a big fail.