LinuxWorld: Linux security basicsJan 26, 2001, 21:48 (1 Talkback[s])
(Other stories by Jon Lasser)
"How to achieve the goal of every system admin: boring, predictable computers."
"There seem to be two kinds of people in the world: those who think computer security is fun and exciting, and those who think it is arcane and scary. Professional system administrators who read their logs will tell you computer security is actually long periods of boredom punctuated by intervals of sleeplessness, panic, and frantic activity."
"For months, you read logs that basically consist of the same sequence of messages. Then one morning, you see a different message. Your first thought tends to be "I've been hit!" You want to determine whether the attack was successful. You comb through logs and examine files on your systems, looking for signs of abnormal behavior. There are none; maybe the attack has failed. But perhaps the attacker was smarter than you. For days or weeks you remain unsure if your system's defenses were penetrated. Eventually, you forget about it and move on to a new crisis."