At 994884618s since epoch (07/11/01 15:50:18 -0400 UTC), Brian Stults wrote: > and 2) they want to know that I am conscious of security issues. If > anyone has any suggestions for the kinds of things to stress, I would be > happy to hear them.
Our IT department was wary (though not afraid) of linux users, because once you've rooted a linux box, password sniffing is only a short distance away. However, with all those fun windoze tools out there, taking over windows machines is just as easy, and just as devastating for the network. Emphasize that you're probably safer running linux than windows. You won't be using Outlook (a major plus <g>), and you actually know how to secure a linux machine. You won't be running a public webserver, etc, etc. Offer to let them try to hack your box... =) > Here is one concern of theirs, though, that I don't understand. They > said one problem with linux is that it will trick their network into > thinking that my linux box is the main server, thus bringing down a > system of over 2000 users. They might be referring to using Samba and setting it up as a domain master. This is stupid, because a) it doesn't come configured that way, and b) any organization worth its salt will run a backup domain controller to ensure that nobody can hijack control of the domain (for a while, all Win 95 boxes were factory set to try to elect themselves as the browse master for a domain, so they should have solved this problem anyway). They might also be referring to other misconfigurations... since linux lets you tweak so much, it is possible to make dumb mistakes (I once advertised myself as the shortest path to all appletalk devices. You can imagine the warm reception I got from IT on that one when all the printers fell into a Black Hole of Routing.) While linux makes this stuff possible, it doesn't mean that you're automatically going to do it. Also, it is possible to do some of this stuff even if you have windows, so it's not really fair to assume that you'll do anything wrong (is this 'OS profiling'?). If they're assuming that you're malicious, then that's their problem; if you really want to screw the network you can do it hundreds of ways without needing linux. Just talk to them and try to show that you have a clue (but aren't pompous), and if they have any sense they'll warm up to you. My college's IT department was cold and unfriendly, until you get to know them. After some friendly chats, they'll let you do whatever you want. Jason -- Jason Healy | [EMAIL PROTECTED] LogN Systems | http://www.logn.net/
