PuterTutor said:
Ok well, I've never done it myself either.
Thought about it though, thought real hard about it.
Twice I've had to deal with the aftermath of a timebomb left by a fired network admin. It's amazing the damage you can do when you're inside the security. One company was smarter and called me in to look at the machines before they called the
meeting.
They asked me to sit in, saying nothing. Just to sit there. When the to-be-former admin came in and saw me, his face dropped. His boss told him he was being fired, but before he left, he had the chance to avoid jail time. That I'd looked at the machines and had found somethings that shouldn't be there. And that if they weren't there by the end of the meeting, they'd be forgotten about.
The admin spent the next hour pulling stuff. Including a lot of stuff I hadn't caught. What really got me was when he pulled what I'd assumed was a remote admin card from a server. It was designed to short the entire server, hard drives, tape backup and all. Would have made it damn tough to get them back up and running, I'll tell you.