lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200403091440.i29EeaP06616@netsys.com>
From: andrew at dev.bigfishinternet.co.uk (Andrew Aris)
Subject: Where to start

Well I can speak up for one as someone who doens't have a huge knowledge
base. So I would also be most interested in any sort of pointers on starting
out as a security admin. I'm not completely ignorant but it is only recently
that I have become responsible for security of more than a small home
network. (In this case a W2K3 web server and also the office network). Much
of background in security is theoretical learnt during my postgrad year so
real world info is what I'm after.

Apologies if the list wasnt the correct place for this post.

Regards,

Andrew

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Aschwin 
> Wesselius
> Sent: 09 March 2004 11:23
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] Where to start
> 
> Hello,
> 
> First appologies for having trouble doing something simple as sending 
> e-mail. Evolution is new for me.......
> 
> Now I'm on this list, I think I could ask you people a question (or 
> two)....
> 
> Does a good security-officer have to know everything about every hole? 
> I myself don't think so, but where do people start?
> 
> If I see lists and forums about network-security it seems that 
> everybody knows a lot and has a huge reference base. Is this true?
> 
> I want to learn more about security stuff, but I can't find the real 
> basics to build upon anywhere. When there are posts on lists they 
> presume that everybody has a certain knowledge level and are aware of 
> best practices. But is this true?
> 
> Just because there are discussions, it seems that there is not one 
> overall and central way of keeping track of evolving issues. How do 
> people keep track easily with up to date best practices and not get 
> distracted by "old" advisory?
> 
> Any comments are welcome.
> 
> Aschwin Wesselius
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> 




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ