Date: Mon, 25 Sep 2000 11:51:56 -0700 From: Joseph Scott <joseph.scott@owp.csus.edu> To: Michael Lucas <mwlucas@blackhelicopters.org> Cc: Wes Peters <wes@softweyr.com>, Bill Fumerola <billf@chimesnet.com>, cjclark@alum.mit.edu, freebsd-advocacy@FreeBSD.ORG Subject: Re: wats so special about freeBSD? Message-ID: <39CF9ECC.A31DAD97@owp.csus.edu> References: <39CC3AEB.3D768A0E@softweyr.com> <Pine.BSF.4.21.0009250611290.196-100000@pebkac.owp.csus.edu> <20000925094129.A30394@blackhelicopters.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Lucas wrote: > > > "if you want to install a secure system and don't know what you're doing > > ..." > > Unfortunately, that's life in IT nowadays. I find that I'm often put into the position of being less secure than I'd like to more because of pressure from people in power who don't have a clear understanding of the issues. My boss is pretty good about it, his boss is fairly ok about it, but above that it gets ugly :-( Yes, it's part of my job to help educate these folks, but my point is that often is more of a social/politcal difficulty for me to secure a box more than anything else. > I'm the support management dude for a consulting company. We run NT, > AIX, Solaris, AS/400, and a few other things, not to mention the > programs than run on them. The folks under me are decent, but not > what I'd call "expert." My office and several other programs on campus have been going through this problem for over a year now. It can be very difficult to attract even half qualified people. We are only 1.5-2 hours from Silicon Valley and that hasn't helped in attracting people :-( > FreeBSD is fairly easy to lock down, but I'd feel *far* better if I > knew everything on all my boxes was shut down by default. I do a > "netstat -na" on a Solaris machine and cry. Many UNIXes make it > difficult to identify what's running where. > > Should the company devote the hundreds of man-hours necessary to learn > exactly what is running everywhere and determine how necessary it is? > Yep. Are they going to? Nope. Can we even *hire* some of those > experts here in Detroit? Nope. A painful reality compressed into one paragraph. > All I can say is, thank God for my FreeBSD firewall. All I have to > worry about is my inside users. :) I have a lot more confidence in my firewalls than I do in my users inside of them. Given that I worry because a firewall only addresses certain issues. Ug. -- Joseph Scott joseph.scott@owp.csus.edu The Office Of Water Programs - CSU Sacramento To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-advocacy" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39CF9ECC.A31DAD97>