The phone rang half a ring before I heard a familiar “Hello?” on the other end.
“Hi, James, it’s Mack. I need a favor from you, and I need today, before 5 pm.”
“Not urgent, huh?”, James teased.
“Not really, I just need it today. And I need you to keep it quiet,” I warned.
This is the second post in a series. See Behind Locked Doors: Part 1.
“Sure Mack, anytime. I still haven’t forgotten how you saved my backside during the Merkelt acquisition.”
James was the head email administrator, a bright, tall, energetic guy that I’d worked with on several projects in the past 5 years.
“Your mistake was saved by another mistake, James,” I said. “not by me. You know that.”
James laughed, but it was not a funny, ha-ha laugh; it was the kind of laugh that meant you didn’t know what to say at the moment.
After 2 moments of awkward silence, James said, “Well I also appreciate you keeping my error under your hat. You saved my career at this company.”
My mind traveled back about 9 months, when our company was in the midst of an acquisition. My team was asked to do a security check of the company’s network, servers, and key applications right after we had purchased the company, but before the acquisition was announced.
During the pentest, we found several problems, including the email server, which I quickly compromised. As evidence that I compromised the server, I created an innocent-sounding admin account..
Once the pentest was over, I directed the server team to fix the vulnerabilities. After all the vulnerabilities were fixed, the server team turned the server over to the email team to reconfigure the server to work with our email domain.
Shortly after that, James made a serious error.
He called me frantically that night, at home. Late.
“Mack, sorry to call so late, but I’m in a bind. I was finishing the reconfiguration of the Merkelt email server, and I screwed up. I’m not sure what to do. I’m hoping you can pull a rabbit out of your hat for me.”
I looked at my watch, which read 10 PM.
“What type of hat do you need, James?”
“Mack, I’m not sure how I did it, but when I changed the Merkelt admin account password, I wrote it down wrong. I can’t log in. When you compromised the server, did you create your own admin account? You usually do.”
“Yes, I did, James, but it should have been removed when the server team hardened the server. That’s a key procedure.”
James sighed. “Can you give it to me and let me try it?”
“Sure, I said, “But if it’s still there, heads will roll on my team.” I gave him the account and password.
Fortunately for James, the account was still there.
“Your career was worth saving, James; you’ve proved your value many times over since then,” I continued, looking at my watch, which was still moving quickly toward 5 pm.
The time brought my thoughts back to the project at hand.
“Well, James, here’s what I need you to do in the next 30 minutes,” I said as I explained the details.
“Not a problem, Mack. It will take about 14 minutes.”
James didn’t wait for my reply, but hung up and got to work.