On Tue, Dec 6, 2011 at 7:06 PM, James A. Peltier <jpelt...@sfu.ca> wrote:
> >
> Admins are not the incompetent ones. The users are! Any decent admin is
> going to ensure that there are the most layers and defensive systems in place
> to ensure a level of security that doesn't require the *USERS* to be rocket
> scientists. Security is all about balance not magic bullets. Having systems
> in place that protect the systems while not getting terribly in the way.
Security should also be about assuming that any/all complex software
has exploitable flaws that you don't know about yet. If you aren't
convinced, just look back through the changelogs of just about every
program that has network access, kernel interactions, or runs suid or
as root. And security is very much about keeping your system updated
with the fixes for those flaws as quickly as possible when they are
discovered.
> This BS about Windows (Windoze, Window$, etc) is just that BS. I know many
>*VERY GOOD* Windows admins. A bad admin is a bad admin no matter what
>platform you put them in front of.
There's a historical reason for that bias, since early windows
versions weren't designed with network security in mind - but current
versions are much better. So again, staying up to date is the key.
>
> | A professional qualification in basic server security would be a
> | useful
> | attribute.
>
> A basic qualification to operate a computer would also be nice. Sad thing
> is, there is no such thing.
And if there were, it would always be out of date.
--
Les Mikesell
lesmikes...@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
