From: Nathan (firstname.lastname@example.org) To: email@example.com Resent-To: firstname.lastname@example.org Date: Fri, 26 Apr 2002 01:03:33 -0400 Subject: How might I.... Dearest attrition activist. I don't know if you're going to delete my email or disregard it as being trite and lame but I have a question. I'm fairly decent with my technology and have dabbled in system administration and IT management for the better part of six years. By no means do I actually have the know-how to program, script, own or rule the computing world but I do fairly well with what I know. I was recently let go by a company who completely shifted their policies and 're-orgd'. My policy was always researching technology and being up on current trends and educating myself. Education and learning was the key to success I always thought. This new president immediately shifted all of my priorities to 'sales' and 'marketing'. I was thoroughly disappointed. Many of my technological projects were scrapped in favor of 'marketing' ploys and efforts. In a nutshell this guy told me to stop reading up and educating myself about network security and protecting the network and start learning how to spam 50,000 customers. It was a pretty ruthless and cutthroat change for me. Needless to say weeks went by and eventually this guy replaced me with a relative at twice my salary. No joke at all. He replaced an MCSE with a VB programmer to run the show. Someone who would focus on sales and not on actually keeping a secure and stable environment. My question to you is this. I architected the network. I know every firewall setting, every loophole, open port, etc. I'm only slightly bitter but even more now that I've learned they recently let go of 15 more people. Sadly enough.after four weeks, the admin password remains the exact same as I left it. Should I do anything with this information? If anything I'd love to see this company take a hit only because this asshole's mandate was to abandon research on network security and to focus elsewhere. His very words were "you computer guys are all alike, who the hell would want our data? Like any hacker out there would even bother". Which is true to a point. But 'hacker' to him was a dull misconception. What he failed to see was that virus activity, DOS attacks and port scanning were more likely to bring everything down.not any 'hacker' or stereotype he has in his mind that would 'bust in and steal data' as he imagines. To be honest with you.the internal website is ripe, it's Front Page extensions can be easily signed into remotely using this admin password. This is a native 2000 network and all server apps such as ISA, SQL and Win2k are all MS apps. Should I pursue an attack on my former company or is this all out of unjustified spite for losing my job? Do I have any sort of merit here for teaching this company a lesson. The first lesson being ALWAYS change the admin password when the admin leaves. Any advice is appreciated. I don't have the knowledge to spoof my identity so I'd feel more comfortable posting my knowledge anonymously on a bulletin board somewhere and having others do the work in a chicken shit sort of way.
From: Cancer Omega (email@example.com) To: Nathan (firstname.lastname@example.org) Cc: email@example.com Date: Fri, 26 Apr 2002 01:26:39 -0400 (EDT) Subject: Re: How might I.... On Fri, 26 Apr 2002, Nathan wrote: : My question to you is this. I architected the network. I know every : firewall setting, every loophole, open port, etc. I'm only slightly : bitter but even more now that I've learned they recently let go of 15 : more people. Sadly enough.after four weeks, the admin password remains : the exact same as I left it. : : Should I do anything with this information? No. If you are no longer an authorized user, you are advised to stay as far away from the systems as possible. End of story. .c
From: Cancer Omega (firstname.lastname@example.org) To: Nathan (email@example.com) Cc: firstname.lastname@example.org Date: Fri, 26 Apr 2002 02:07:54 -0400 (EDT) Subject: RE: How might I.... On Fri, 26 Apr 2002, Nathan wrote: : I appreciate the quick response. : : End of story is understood. But tossing that aside, from a technology : enthusiast to another...am I just completely bitter or do you think : there are some people in this world that deserve to be taught a lesson : for not understanding the importance of particular issues? There are lessons that such people will eventually learn without your personal intervention. It's called Karma. Set aside your bitterness and let it go. Holding ill will against your former employer is like clutching a burning coal with the intent of throwing it at your enemy. You will more than likely miss your target and end up only burning yourself. .c