[CLUE-Tech] KISS for security

[Kevin Fenzi]

>>>>> "Jim" == Jim Ockers <ockers at ockers.net> writes:

Jim> Jeff & Kevin, I think this might be better suited to a full
Jim> session.  I recommend Kevin Fenzi to present the session, since
Jim> he's probably one of the most qualified guys around to do it.  If

gee...thanks. ;) 

Jim> you can't get him, I can muddle my way through most of the
Jim> important stuff.

Jim> I'm sure there are guys other than Kevin or myself who could talk
Jim> about this too, so if there are any volunteers I'm sure Jeff
Jim> would love to hear from you.

I wouldn't mind doing a talk...

"Linux Security" is a pretty gigantic topic tho. 
Under that (that I can think of off the top of my head):

- firewalling
- locking down an existing box. 
- programming in a secure manner. 
- virus scanning for other less fortunate operating systems (ie, linux
mail or web server serving windows machines)
- network security 
- how to deal with a breakin. 
- tripwire/intrusion detection. 
- secure linux distributions

way more than one talk. ;) 

Is there anything in particular that would be helpfull to CLUE folks? 
Chime in with your thoughts...

The single most important thing I can tell you about security (if you
forget most anything else) is to APPLY ALL UPDATES FROM YOUR VENDOR! 
Keep up on those updates and 90-100% of your problems will go
away. Anyone who applied the bind update when it came out last October
would not have to worry about Ramen or Lion, or most of the automated
breakins. ;) 

>> How about a KISS regarding this security stuff, I'm still somewhat
>> lost as to how this stuff works and how to find out how to
>> troubleshoot it.

yeah, a KISS session wouldn't be able to cover much. :( 

kevin