[ale] oh... please (slight rant)
Lane Oden
loden at ncpsolutions.com
Wed Feb 7 13:19:50 EST 2007
-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Preston Boyington
To: ale at ale.org
Sent: Wednesday, February 07, 2007 11:50 AM
To: Atlanta Linux Enthusiasts
Subject: [ale] oh... please (slight rant)
while talking with a friend of a friend last night the conversation
started to turn into a pissing contest. the gist of it is he is very
entrenched in M$ land and Linux is nothing more than a hobbyist's
plaything. (hmm... possibly some residual anger there...)
i actually was rendered speechless (not an easy feat mind you, i run my
trap A LOT) when he proclaimed that he could hack any Linux machine in a
few minutes because it was open-source. i sat there for a few seconds
and then looked at my friend and asked, "he's not doing anything mission
critical for you, is he?"
i readily admit that i am not a Linux guru, database wizard, or web
tzar, but i have enough intelligence to determine that "many eyes are
better than a few"!
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
Security is not simply a matter of what OS you're running. Security is a matter of always following best practices and documenting properly so you manage to spot anomalies. The most secure and stable platform is always going to the the one that the responsible Administrator (or team) is most familiar with. For some organizations, that platform will be Linux/Free UNIX. For others, Windows. And for some, it's still mainframes and commercial UNIX. For LOTS of companies, it's a combination of some of the above...
Honestly, the friend of a friend is probably right. There are a good number of lazy admins (Windows and Linux) out there who miss out on something little that turns into a major security issue later.
"A lot of good work goes to waste simply because someone wasn't willing to do a little more."
Linux vulnerabilities exist everywhere from the kernel to the applications/services. Just like Windows. And remember... while remote access (whether it's LAN or across the Internet) is powerful, physical access is guaranteed. Put someone technically apt and so inclined in front of any box and they own the data. No matter what measures you take to protect it.
Real security involves knowing where your vulnerabilities exist and taking steps to mitigate them. Not eliminate them. Sometimes mitigation means acceptance.
Regards,
Lane Oden
Information Security Analyst
?
The information transmitted is the property of NCP Solutions and is intended only for the person or entity to which it is addressed and may contain confidential,
proprietary and/or privileged material. Any review, retransmission, dissemination, or other use of, or taking of any action in reliance upon this information by
persons or entities, other than the intended recipient, is prohibited. If you receive this in error, please contact the sender and delete the material from all computers.
More information about the Ale
mailing list