expen$e
Micheal J wrote:
>
> OK. This is all well and good but, what's out there for a Windows 2000
> server guy like me hey??
>
> Cheers!,
>
> Micheal
>
> ---------------------------------------------------------------
>
> <<SNIP>>
> >
> > The bad news...
> >
> > I hate to say this, but there are no easy solutions. Linux is tricky,
> > because it is a hacked together (no pun intended) system to begin
> > with. Open
> > BSD is the most secure free UNIX out of the box...while Linux is not.
> > Solaris and many of the pay-to-use UNIX systems are about 50%
> > secure out of
> > the box. You see, Linux...in particular Red Hat, has been designed with
> > "ease-of-use" when it is shipped. This makes it very insecure.
> >
>
> <SNIP>
>
> > again and see if your fixes hold. Then, you will want to setup more
> > verbose/centralized logging (such as setting up another server as a Syslog
> > server), and setup some type of log monitoring system that can
> > alert you to
> > suspicious activities (Swatch..). You will also want to setup a system
> > binary watcher (Tripwire) or such to make sure that no one tampers in the
> > future:) There are also some cool semi-free IDS systems out
> > there....but it
> > is not too hard to setup your own (Perl/shell). Also, check out
> > some of the
> > hack sites and sign up for Linux security newsletters.
> >
> > Whew.....good security is hard work:)
>
> <SNIP>
--
Doug Ferguson
Software Developer
www.coremetrics.com
512-342-2623x212
512-619-9972(cell)
