Highlighted
Absent Member.
Absent Member.
1052 views

Possible security breach?

We may possibly have a user that is accessing other's email. He is not an admin, nor has access to C1. Knowing passwords is out also. He is however, a bit of a hack.

We know of (and use) products like Gwava Reveal, but are wondering if there's something else out there that's more of a black-hat type of thing.

It may not be directly accessing to the GW system. Possibly trojan/root-kit/etc.

Just trying to see what's out there.

As you don't know me from Adam, no need to be specific about packages. Just a yes or no would be helpful, as I can pursue in more detail then.

thanks
Labels (2)
0 Likes
3 Replies
Highlighted
Absent Member.
Absent Member.

Re: Possible security breach?

First of all, there are only two ways to have such a breach - passwords
or proxy.

So the first thing to do is turn the poa logging to verbose. Then check
the logs later to see of the user is logging into other accounts (either
by edirectory account or ip address)


--
danita - www.caledonia.net/blog
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Possible security breach?

On 2/3/2010 4:12 PM, Danita Zanre wrote:
> First of all, there are only two ways to have such a breach - passwords
> or proxy.
>
> So the first thing to do is turn the poa logging to verbose. Then check
> the logs later to see of the user is logging into other accounts (either
> by edirectory account or ip address)
>
>

well and there is keylogging of course.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Possible security breach?

Michael Bell wrote:

> well and there is keylogging of course.


Yeah - but that is still "password" hacking.

--
Danita
Novell Knowledge Partner
Moving GroupWise to Linux?
http://www.caledonia.net/gwmove.html
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.