IT Employment·20,064 discussions

Backdoors in networks

Locked

My boss just “discovered” and was SHOCKED that I had backdoors in the network that I created over 9 years ago and continue to administer. I am self taught, but have had many mentors over the years. I was always told that it was essential to have backdoors when setting up a system. Thoughts??

Topic

Depends on the definition

In reply to Backdoors in networks

It depends what you mean by “backdoor”. If it is something that can be exploited by the dark side, then it is an issue your team should be concerned with. If it is something that you can demonstrate that you use to administer the network, then you are standing on better ground. The very term “backdoor” implies that something sneaky is being done, and employers tend to freak out (and rightly so) if they realize you could compromise their systems even if you were fired and your access was revoked. Backup tapes are more often the approved method for restoring a system that has been compromised (hopefully after you figure out how it was compromised, so it doesn’t happen again).

Thanks

In reply to Depends on the definition

It was only another means of access in case the “Administrator” logon became corrupted. No remote access, no team (I am the IT department) and honest to a fault. That is what my mentors had advised – just another way to get into the system if there were problems. I’m only talking about more than one logon with administrator rights.

Should be documented

In reply to Backdoors in networks

In practice, you should never have un-documented administrative accounts on your network. You’re asking for trouble should anyone ever do a security audit.
Additionally, there’s no reason why your named user account (as the network admin) shouldn’t have administrative rights and provide the “backup access” you need.
I’d be curious to know given your one person IT shop, why your boss even cares.

[Author]

Replies