On Fri, Apr 02, 2004 at 10:07:28AM -0300, Enrique M. Verdes wrote: > So, as I see it, we are missing the duties. > > As I understand it, here we are in a bottom-up aproach, begining with the > tasks and then see the duties they fit in. I think we will surely miss > something with this aproach. For me, Linux Security is about hardening > hosts, firewalls, intrusion detection at network and host levels, things > like that... not with exim, postfix, DNS... I think that this applications > are more related to a job like "ISP Administrator", because are very "site > specific", but this is just my opinion. I feel like I'm missing a piece of > the picture.
I think it is important to understand that this is a sort of brainstorming. Bottom-up, top-down, inside-out, outside-in, wherever you get it, throw it on the wall (or mailing list :) and get people thinking. If it helps, pretend you were just hired as "The Security Guy" of some company that has Linux in their infrastructure. The guy that hired you doesn't know anything about security and trusts that you will take care of it all. What ever your approach, you have ideas on what you would do. Share them with this community and get everyone thinking about it. It is a bit chaotic at the moment, but it will get better... maybe ;) Cheers! _______________________________________________ lpi-examdev mailing list [EMAIL PROTECTED] http://list.lpi.org/mailman/listinfo/lpi-examdev
