[ale] Bobness and Jonathanness (and some PHP)

[Bob Toxen]

On Tue, Feb 04, 2003 at 05:29:28PM -0500, J.M. Taylor wrote:
> So how does one pursue Bob- or Jonathanness? :)

Start by showing up at tomorrow night's Key Signing Party at Emory at
7:30, sponsored by ALE and hosted by Mike Warfield.  I'll be there,
of course.  There will be a giveaway of a Linux mouse pad and several
Linux stickers, suitable for laptops and desktops.


Be careful what you wish for and understand your goals and reasons.  The
glammer of computer security that the media portrays it as is fantasy.
I consider computer security to be far closer to what a financial auditor
does: balancing accounts, finding where that last penny is, etc.  Lots of
grunt work.  The exciting world of patching weekly and debugging when they
don't install or don't work.  9 to 5 job?  Forget it.

My pager goes off at all times of the night and weekend notifying me of
attacks on my clients' networks.  My clients will call at any time too.
Plan on it making a very large cut into your personal life for a long time.
Remember that a firewall is a critical piece of infrastructure.  When it
is down (or seems to be down), it's a "drop everything" emergency.  If
Office A cannot get to Office B, "Better call Bob, it may be a firewall
issue."  Most recently it was a Laptop with a flaky NIC that worked when
it was sent back to the factory for repair.

Plan on balancing security against functionality and convenience.  Too
little of the latter and your users will try to get you fired.  Allow
too little security so that you get broken into and your boss will try
to get you fired.

For Computer Security, plan on spending literally thousands of hours of
your own time learning it.  Plan on becoming an EXPERT on networking
and network protocols down to the bit level.  When data does not go
through, everyone from the user to the SysAdmin to the nitwit at all of
the ISP/telecomm.  providers that will blame the problems on you and
your non-Cisco Firewall.  You will be guilty until proven innocent.
Plan on knowing how to prove where the problem is.


I suspect that Mike Warfield and Jonathan will tell similar stories.


That said, read my book, practice the things discussed for hardening,
install and learn to use GPG, SSH, Ethereal, tcpdump, arpwatch, set up
a Linux-based Firewall.

> I've been a security focused admin and coder for a couple of
> years...what's the next level?  Certification?  Education?  Annoying
> questions lobbed at Bob and Jonathan for the rest of my career? ;)

I consider the certifications to be BS.  I would fail the tests because I
don't know WinBloz System Administration.  What this has to do with being
competent to set up Linux-based Firewalls, Virus&spam filters, Routers,
etc. is beyond me.  (I DO know the M$ protocols, popular programs, and their
ports and protocols so that I can tune firewall rules.)  Employers and large
clients will care about certification, though.

Plan on paying LOTS of dues in terms of time spent.  Is it worth it?
For money, probably not.  I love doing it and that's my reward.

Plan on going to KSU's security summit in a few weeks: Feb 24-26.  It's
only $100 and is quite good.  I'll be there:

     http://www.southeastcybercrimesummit.com/

For financial security, learn WinBloz & UNIX SysAdmin.  Know some Perl
Bash & csh, and C.

> jenn

> >> I'm not a Bob Toxen or a Jonathan Rickman, but I'm working on it. :)

So am I.  The threats change from day-to-day.

The world is getting darker.  The Matrix is being re-loaded.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale