“How to achieve the goal of every system admin: boring,
predictable computers.”
“There seem to be two kinds of people in the world: those who
think computer security is fun and exciting, and those who think it
is arcane and scary. Professional system administrators who read
their logs will tell you computer security is actually long periods
of boredom punctuated by intervals of sleeplessness, panic, and
frantic activity.”
“For months, you read logs that basically consist of the same
sequence of messages. Then one morning, you see a different
message. Your first thought tends to be “I’ve been hit!” You want
to determine whether the attack was successful. You comb through
logs and examine files on your systems, looking for signs of
abnormal behavior. There are none; maybe the attack has failed. But
perhaps the attacker was smarter than you. For days or weeks you
remain unsure if your system’s defenses were penetrated.
Eventually, you forget about it and move on to a new crisis.”