[ Thanks to Steven J.
Vaughan-Nichols for this link. ]
“First, here are some rules that everyone should know. Number
one with a bullet is security expert Bruce Schneier’s mantra,
‘Security is a process, not a product.’ I don’t care that your
server was Fort Knox, two weeks ago, if you haven’t updated your
system with the latest security patches, checked to make sure your
users haven’t started running a porn Web server, and looked over
your network logs to see if someone or something isn’t up to
mischief then you can’t trust your system today.“In addition, as Kroah-Hartman wrote, ‘it is imperative that
nobody falls victim to the belief that it cannot happen to them. We
all need to check our systems for intrusions.’ And, I might add, we
need to keep doing it all the time.”