| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: avalon at caligula.anu.edu.au (Darren Reed) Subject: Re: Reacting to a server compromise Ok, you can have a go at Ron, I won't begrudge you that, but if you're going to pick on someone who is trying to actively do something to address something that is a real problem with system administration today then unless you are being a part of solving something else (and are willing to come out from behind your mask of anonymity) you've got no grounds for belittling others who do. In some mail from security snot, sie said: > > Tina Bird isn't much of a security expert, she's a belly dancer. What she > likes to do is read generated logs (ie syslog and whatnot) and pretend > that leaves sufficient information for a reliable audit trail. That really doesn't do justive to what she's trying to achieve and I'm not sure that generating a reliable audit trail is the primary focus of it. The fundamental problem she's trying to address, at present, is the large number of unfortunately disparate sources of log information that are present in just as many formats. This is a real problem and it needs to be addressed sooner, rather than later, primarily for the benefit of systems administrators so they can get a clear understanding of what all their systems are doing and in a concise manner rather than spending time manually collecting information or piecing together scripts to try and massage all the input correctly. I don't think I've ever seen her portray herself as a security expert, however, the topic of loging information collection, analysis and management (which is what she is concerned about) does assist in security matters when it comes to a post-mortem analysis of a system. Under the right circumstances, generated logs can generate information that can be considered relable and be used as part of an audit trail but it's more involved than "see, this is my log." If you (or anyone else) wants to know more, go get some lessons from a 'big 5' auditing company or similar. Maybe you should give your modem to your mommy, go back to your room and ask your mommy to let you out when you can show the world you've got more to offer than just petty insults. Darren
Powered by blists - more mailing lists