OK, folks. You're doing a great job of describing the current milieu with a rough description of some best practices. Now how about some specific sources you personally used to learn your craft that we can use likewise? PatrickD
On Mon, 2015-02-02 at 18:34 -0800, PatrickD Garvey wrote:> OK, folks. You're doing a great job of describing the current milieu > with a rough description of some best practices. > > Now how about some specific sources you personally used to learn your > craft that we can use likewise?Taught myself (as usual). Used Google to find helpful advice from countless other people. Taught myself PHP to do the coding. Use BASH to perform repeated routines. Will publish my Exim configuration and associated routines (including the anti-spammer checks etc.) on one of my web sites. And my EXIM changes to Logwatch. Will add my Apache error routines, support files and reporting routines too. How much do you currently know ? -- Regards, Paul. England, EU. Je suis Charlie.
On Mon, Feb 2, 2015 at 6:46 PM, Always Learning <centos at u64.u22.net> wrote:> > On Mon, 2015-02-02 at 18:34 -0800, PatrickD Garvey wrote: > >> OK, folks. You're doing a great job of describing the current milieu >> with a rough description of some best practices. >> >> Now how about some specific sources you personally used to learn your >> craft that we can use likewise? > > Taught myself (as usual). Used Google to find helpful advice from > countless other people. Taught myself PHP to do the coding. Use BASH to > perform repeated routines. >OK, what were the key words you used as search terms?> Will publish my Exim configuration and associated routines (including > the anti-spammer checks etc.) on one of my web sites. And my EXIM > changes to Logwatch. > > Will add my Apache error routines, support files and reporting routines > too. >I'm sure that would be helpful, especially if others do likewise so we may compare and contrast what was done.> How much do you currently know ?Enough to know I have a lot to learn. PatrickD
On Mon, February 2, 2015 8:34 pm, PatrickD Garvey wrote:> OK, folks. You're doing a great job of describing the current milieu > with a rough description of some best practices. > > Now how about some specific sources you personally used to learn your > craft that we can use likewise? >I've learned system administration way back (of course, I do flatter myself by thinking what I'm saying ;-) and still I keep learning new things all the time when I'm doing my job. Unix system administration book was a big thing (big step after computer science degree I got some time before); TrinityOS: a guide to configuring your Linux server for performance, security and manageability by David A. Ranch was a big step I can remember from way back. And after you got the basis, keep challenging yourself by doing new things. Of course, there are a bunch of other more specialized books... Not that I consider I mastered this craft, but I hopefully maintain my boxes so that they are secure... Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On 3 February 2015 at 13:34, PatrickD Garvey <patrickdgarveyt at gmail.com> wrote:> Now how about some specific sources you personally used to learn your > craft that we can use likewise?So many places it makes my brain hurt just thinking about it. Google and Wikipedia will keep you busy for a long while. Off the top of my head: There are some online "Security Handbooks" around (I think RedHat publish one) which lay some of the basic ground work. SANS (http://www.sans.org/) and OWASP (https://www.owasp.org/) have some good resources. If you are cashed up, you can even do courses with SANS. Reading about the security infrastructure that you are already using is a good idea, often accessible via mysterious things called "man pages". I learned a lot simply by reading about pam, iptables, and selinux. Thinking about you systems from a penetration testing perspective can be helpful. For example, "Always Learning" has just told us that he uses single character root passwords on his testing machines, that he is testing 7 days a week and does not turn off his test machines. A pen tester or cracker could use that information to formulate a potentially successful attack strategy. Google "free penetration testing tools". Only use the tools if you own the network or have written permission. Just reading about the tools can give you some insight into attack strategies that you should be defending against. Please don't try to attack "Always Learning". Download and unpack a copy of rkhunter. Have a look inside. Its just a bunch of bash scripts. Good insight into some surprisingly simple historical attacks. Google "linux security hardening". There are a lot of resources out there. The hard part is sifting out the gold from the crap. Sorry can help much there. There are many other people on this list who have a much better grasp on this stuff than me. Hope they chime in. Hope this helps, Kal
On Mon, Feb 2, 2015 at 8:02 PM, Kahlil Hodgson <kahlil.hodgson at dealmax.com.au> wrote:> On 3 February 2015 at 13:34, PatrickD Garvey <patrickdgarveyt at gmail.com> wrote: >> Now how about some specific sources you personally used to learn your >> craft that we can use likewise? > > So many places it makes my brain hurt just thinking about it. Google > and Wikipedia will keep you busy for a long while. > > Off the top of my head: >Thank you. The CentOS wiki pages found by a title page search are: http://wiki.centos.org/HelpOnConfiguration/SecurityPolicy http://wiki.centos.org/HowTos/Security http://wiki.centos.org/Security http://wiki.centos.org/Security/Heartbleed http://wiki.centos.org/Security/POODLE http://wiki.centos.org/Security/Shellshock with translations for the zh and zh-tw languages.
On Tue, 2015-02-03 at 15:02 +1100, Kahlil Hodgson wrote:> Thinking about you systems from a penetration testing perspective can > be helpful. For example, "Always Learning" has just told us that he > uses single character root passwords on his testing machines, that he > is testing 7 days a week and does not turn off his test machines.Yes single character. Writing and testing usually 7 days weekly. Turn off everything when not in use including test machines. No connection to the Internet. -- Regards, Paul. England, EU. Je suis Charlie.