Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??

I must have been VERY unclear:
I've never said security 'it's too hard' in fact I think security is obvious
(a large part of the vulnerabilities are known and categorized)

I only say that most of us can't afford the cost of true security
I furthermore think that saying "security is easy, you only have to do simple things to secure your machine" is wrong !
(the easy things to do, provides only weak protection against the clueless script-kiddies)
It's not only wrong but it has the bad side-effect of (wrongly) making you feel secure.

Really securing your machine is a constant/heavy process.
the recipes ar known but they are impractical in real use.

"I'm trying to point out that many hacks are executed through very common and easily fixed vunerabilities"
I'd like to do it, just imagine how much time it would take to constantly check for new exploit/version and upgrades.
Tell me how do you easily fix production servers which must be runinng 24/24h 7/7j
(with of courses some applications incompatible with the new secure version of other applications) ?

"Let them use their FTP clients"
Ok but they want the same password for telnet and ftp, anyone with a sniffer on my subnet now has a local access on my box.

"Users will complain about being forced to change their passwords and to mix case, add numbers, and so on.
But they eventually learn and adapt.
"
You're right they'll adapt, I can't count the number of time I caught them writing it on a post it (put ON THE SCREEN !!!)

"Don't let them play in a sandbox on the same machine as the one running your database."
Another machine ? I can't convince my boss to give me few time,
how will I convince him to spend hundreds dollars for the box/hosting.
Worse ! I will now have another box to secure...

Explain to him the benefit of having a more educated admin/programmer. I've tried he then explained me the benefit for the society of making money, he explained me how much 2 hours of security cost and how much 2 hours of coding bring us
(It IS a huge error if you thing in long term effect, but my boss tend to be short sighted...)

That's why I (you'll) have to think in term of efficiency(or cost, which is the right term here, as jeroenes said).

I hope you won't take it as irony or personnal attack but this is MY REALITY, and probably the one a of a lot of sysadmin...

All I can say is claim it again :
Be security aware, especially beccause you CAN'T reach true security, and try to make things as secure AND easy AS YOU CAN.


"Trying to be a SMART lamer" (thanx to Merlyn ;-)

In reply to Re: Re: Re: Stay aware of security by arhuman
in thread Stay aware of security by tilly

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others meditating upon the Monastery: (4)
    As of 2014-10-31 22:56 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      For retirement, I am banking on:










      Results (225 votes), past polls