Quote:
Originally posted by MadWolf
#1. Why would you give RW rights to the log folder out? Why would somone need to edit logs? Hmm?
#2. IP Ranges have been mandatory for some time now, everyone is aware of this. Howcome you did not have it set?
#3. This was not a attack of a hacker or anything else. Your fault, no need to place blame on anyone but managment.
I do hope you get your scripts back, and rebuild you NPC DB successfully. Good luck.
Side note: Who was the person who did this?
|
First point. A few NATs had such access so that they could delete files created with savelog2, but this seems like a Bad Plan now. But anyone with setrights and setfolderrights can give themselves that.
Secondly. We
have IP ranges. Again, though, anyone with setrights can just ignore that when makin' a new RC.
Third, it looks like someone on the inside may have been responsible for giving out RC. And when one of your own trusted staff goes bad the only thing you can do is do more checks in future.
I acknowledge that too many people had too many rights on Rudora, but we're going to start regulating these more. A lot more.
Oh, and I can't currently disclose the name of the person who we believe is responsible. Apparently investigations are being done and so I can't comment on their identity.