How many...

Thread Tools Search this Thread
Special Forums Cybersecurity How many...
# 1  
Old 08-14-2001
How many...

How many of these folks posting on here (newbies - trying to get their first Unix-like box online) do you think have taken the time to learn the ins-and-outs of tcp_wrappers, or inetd, or even simple init-scripts? Maybe I'm overreacting here, but since I've spent my time on "the other side of the wall" with security, that really concerns me.

I think new readers should check out this simple wake-up call, and at least learn how to turn off all services - turn them on again when you know what to do with them.
A poster recently touched upon the honeynet project - remote root access within 15 minutes on a default Redhat install (sure, it was 6.2, but 7.x isn't all that different).

How can we get word out about this without sounding like preachers? I would just hate to see someone's great new Unix-experiance muddled with the bitter taste of a cracking attack.

Any ideas?

# 2  
Old 08-20-2001
It is really based on risk. Folks who are not protecting sensitive data, financial transacations, etc. may not have a high enough risk criteria to spend lots of time on security.

The process is one of risk assessment, risk management.

Refer to this paper for more details on the process of risk management:

Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question