[Techtalk] Security course (was: Re: C programming "course")
ljl at rahul.net
Fri Jan 11 11:00:20 EST 2002
"Raven, corporate courtesan" wrote:
> Heya --
> Quoth Julie (Thu, Jan 10, 2002 at 08:55:15PM -0600):
> > :: perk ::
> > Did someone mention .... security?
> Heh -- so I guess there's interest in that. Okay -- give me a
> few months, and my schedule should be cleared off some. (Yah, yah,
> famous last words.) Starting in March would work for me. How would
> y'all want to structure this? We could follow a book, we could pick a
> topic a week and spin off a small mailing list to discuss it, I could
> post starter fodder every week (a la "So here's how I'd offer anonymous
> FTP as securely as I could; how would you set it up? How do you think
> it's vulnerable?") and we could run from there... any other ideas?
*perk* *perk* Security? *perk* *perk*
This is an area that I am not very experienced in, damnit. I have the
mindset, but not the "toolset", or the nuts & bolts understanding of
how and why. Hasn't got past the dain bramage yet.
I would love to learn more, and take some of the "standard practices"
and automate them for checking an installation (from the inside), both
initial config, and periodic audit. If there are already tools to do
this, I don't know of them. As I understand it, even tripwire you have
to go look at periodically, rather than have something mail you when
something's "fishy", and it's passive.
Linda J Laubenheimer - UNIX Geek, Sysadmin, Bibliophile and Iconoclast
http://www.modusvarious.net/ - consultants available
http://www.laubenheimer.net/ - personal demo site
http://www.geocities.com/laubenheimer/ - web design gaffes (I wouldn't
disgrace a real ISP with these) and rants about bad design.
More information about the Techtalk