Article #1088
Subject: Re: Decrypt
Author: Neil Fraser
Posted: 3/16/2001 12:36:52 PM

Stephen Baynham wrote:
> Eventually, a mass check of passwords
> ensured that he wouldn't come back.

Oof, you were lucky and/or the rogue wizard was stupid.  Once someone
has become a wizard, they have the power to make sure that you can never
get rid of them.  Ofcourse you can toad their character, reset
passwords, etc, but if they've done the slightest amount of
forward-thinking, they will have hidden all manner of 'wiz-me' or
'wiz-eval-this' holes throughout the database.

Once you are in this situation there is no way out.  You can
painstakingly search the database for deliberate holes, but unless you
find *all* of them in one shot, the cracker will return through her
remaining hole and is then free to reinfect the database with yet more
cunningly hidden holes.

There is no way out short of a RL solution.  Voice of experience.
--
| Neil D. Fraser, Programmer & Wizard, neil@nospam
| Digital Routes, Inverness, Scotland, www.digitalroutes.co.uk