[SATLUG] RE: Becoming a Linux Engineer

afcasta at satx.rr.com afcasta at satx.rr.com
Fri Aug 22 15:03:13 CDT 2008


---- Sean I <siffland at nerdshack.com> wrote: 

>[...]
> Security is a good skill for a Linux Engineer.  We have a security
> team and they send us security bugs and dates in which to get them
> fixed, but you also have to learn what on you machine is vulnerable
> and how to fix it.  I have seen a lot of places who assume because
> they are behind a firewall and only their employees are able to access
> the network and machines that they don't have anything to worry
> about(i think a lot of people have seen those places...yeah a server
> named payroll).  Who here trusts everyone they work with, especially
> when someone like a database administrator start talking about
> compiling programs in their home directory.  Or who checks their logs
> for suspicious activity?  Maybe be able to set up a good host-based
> intrusion detection.  It is a good subject to spend some time on.
> Some people call us paranoid but i prefer.....well uh, yeah i guess
> paranoid sums it up well.
> 
> Sean

Believe me... There's no such thing as a paranoid sysadmin.  That would mean that your fears are irrational.  With point and click root kits and SQL injection triggers, some of us think quarterly Oracle patches are too few and far between.

When I gave a program on DNS on linux servers back when SATLUG met at the Cisco corporate offices, I included a bit on DNS poisoning, and we had VMS and Windows admins come to the program, because any knowledge of how to keep the ankle biters out is well worth the effort.

Al Castanoli

Al Castanoli


More information about the SATLUG mailing list