[aclug-L] FW: Everyone Needs Backup
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
-----Original Message-----
From: Linux_Security@xxxxxxxxxxxxxxxxxxx
[mailto:Linux_Security@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 19, 2002 6:44 AM
LINUX SECURITY --- February 19, 2002
Published by ITworld.com -- changing the way you view IT
http://www.itworld.com/newsletters
____________________________________________________________________________
____
HIGHLIGHTS
* Every great hero has had an equally great partner for a safety net.
Managing your system's security as a lone wolf may earn you all the
glory, but it also leaves you a much smaller margin of error.
____________________________________________________________________________
____
Everyone Needs Backup
By Brian Hatch
ITworld.com's Linux Security newsletter has been without a regular
author for a while but that's about to change. As of this issue, I'll
be writing this column every week. I currently plan on covering a
variety of topics from specific Linux security commands, programs,
products, and configurations to non-technical ramblings about the
problems that Linux security folks face in the real world. If you have
anything specific you'd like to see covered, would like me to clarify
things, or think I'm completely off my rocker, please drop me a line at
brian@xxxxxxxxxxxxxxxxxxxxxxx.
Anyone who has watched TV has eventually watched a show about two
faithful cops, spies, or private-eye partners. Crockett had Tubs,
Starsky had Hutch, and Cagney had Lacy. When things got tough, they
always knew they had someone who could help them out of whatever mess
they'd fallen into. The world of Linux security is no different. For
me, that person is my partner-in-crime, James Lee. True, "Hatch and
Lee" doesn't have the same ring as "Steed and Peel", but it's too late
to bring in a screenwriter to make us sound glamorous.
Most folks in the computer industry consider themselves good, if not
experts, in their fields. As such, sharing responsibility doesn't come
easy. Most folks in charge of security would prefer to manage
everything themselves, rather than work with others and share the
power. While this is good for their job security, it is bad for
computer security.
Having someone else who you can call on in a pinch is a must. Times
will arise when you are unable to fix a security problem because you
are away on vacation, your home network access has gone south, or
you're waiting in line for tickets to the next Lord of the Rings movie.
Security concerns are even more time sensitive than normal
administrative hassles. Not patching the latest BIND bug because you
are on a beach can be a disaster when the next worm is developed.
Another benefit of a good backup person can be found in the tenet of
Open Source: With enough eyes, all bugs are shallow. When your trusted,
equally-paranoid partner takes a look at your iptables entries next
time something needs fixing, he may find mistakes that you didn't
intend or notice that "temporary" hole you opened up and forgot to
close.
If you fit into the paranoid-administrator category (of which I proudly
consider myself a member), then take an introspective moment and decide
whom you would trust with your root password(s). Ideally, you should
find someone who knows as much as you do about Linux and security. Have
them check out your system's configuration. They likely have different
ways of doing things; by comparing notes, you can both learn from each
other.
Make sure that the coverage is bi-directional. Though helping them out
in their time of need may be inconvenient, realize building up good
Karma is crucial so that they are there for you when you need them.
Never underestimate the usefulness of "you owe me one".
Finally, set up your security alerts to go to both you and your backup
so they can see what your machine looks like under normal
circumstances. Once you're sure they know your system, take an extended
trip to Hawaii and see if your trust was well founded.
About the author(s)
-------------------
Brian Hatch is Chief Hacker at Onsight, inc and author of Hacking Linux
Exposed and Building Linux VPNs. He has been securing and breaking into
computers since before he traded in his Apple ][+ for his first Unix
system. Brian can be reached at brian@xxxxxxxxxxxxxxxxxxxxxxx.
____________________________________________________________________________
____
ITWORLD.COM NEWSLETTER ARCHIVE
Index of Linux Security
http://www.itworld.com/nl/lnx_sec/
Get a Positive ID on DDoS Attackers, Part 1
http://www.itworld.com/nl/lnx_sec/09042001/
Get a Positive ID on DDoS Attackers, Part 2
http://www.itworld.com/nl/lnx_sec/09112001/
____________________________________________________________________________
____
CUSTOMER SERVICE
SUBSCRIBE/UNSUBSCRIBE:
- Go to: http://www.itworld.com/newsletters
- Click on "View my newsletters" to log in and manage your account
- To subscribe, check the box next to the newsletter
- To unsubscribe, uncheck the box next to the newsletter
- When finished, click submit
Questions? Please e-mail customer service at: mailto:support@xxxxxxxxxxx
____________________________________________________________________________
____
CONTACTS
* Editorial: Andrew Santosusso, Newsletter Editor,
andrew_santosusso@xxxxxxxxxxx
* Advertising: Clare O'Brien, Vice President of Sales,
clare_obrien@xxxxxxxxxxx
* Career Corner: Janis Crowley, Vice President/General Manager, IDG
Recruitment Solutions, janis_crowley@xxxxxxxxxxxxx
* Other inquiries: Jodie Naze, Senior Product Marketing Manager,
jodie_naze@xxxxxxxxxxx
____________________________________________________________________________
____
PRIVACY POLICY
ITworld.com has been TRUSTe certified
http://www.itworld.com/Privacy/
Copyright 2002 ITworld.com, Inc., All Rights Reserved.
http://www.itworld.com
-- This is the discussion@xxxxxxxxx list. To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [aclug-L] FW: Everyone Needs Backup,
Dale W Hodge <=
|
|
