[CentOS] duqu

Wed Dec 7 01:27:24 UTC 2011
Les Mikesell <lesmikesell at gmail.com>

On Tue, Dec 6, 2011 at 7:06 PM, James A. Peltier <jpeltier at sfu.ca> wrote:
> >
> Admins are not the incompetent ones.  The users are!  Any decent admin is going to ensure that there are the most layers and defensive systems in place to ensure a level of security that doesn't require the *USERS* to be rocket scientists.  Security is all about balance not magic bullets.  Having systems in place that protect the systems while not getting terribly in the way.

Security should also be about assuming that any/all complex software
has exploitable flaws that you don't know about yet.  If you aren't
convinced, just look back through the changelogs of just about every
program that has network access, kernel interactions, or runs suid or
as root.   And security is very much about keeping your system updated
with the fixes for those flaws as quickly as possible when they are

> This BS about Windows (Windoze, Window$, etc) is just that BS.  I know many *VERY GOOD* Windows admins.  A bad admin is a bad admin no matter what platform you put them in front of.

There's a historical reason for that bias, since early windows
versions weren't designed with network security in mind - but current
versions are much better.  So again, staying up to date is the key.

> | A professional qualification in basic server security would be a
> | useful
> | attribute.
> A basic qualification to operate a computer would also be nice.  Sad thing is, there is no such thing.

And if there were, it would always be out of date.

    Les Mikesell
      lesmikesell at gmail.com