On Tue, Dec 6, 2011 at 7:06 PM, James A. Peltier <jpeltier@xxxxxx> wrote: > > > Admins are not the incompetent ones. The users are! Any decent admin is going to ensure that there are the most layers and defensive systems in place to ensure a level of security that doesn't require the *USERS* to be rocket scientists. Security is all about balance not magic bullets. Having systems in place that protect the systems while not getting terribly in the way. Security should also be about assuming that any/all complex software has exploitable flaws that you don't know about yet. If you aren't convinced, just look back through the changelogs of just about every program that has network access, kernel interactions, or runs suid or as root. And security is very much about keeping your system updated with the fixes for those flaws as quickly as possible when they are discovered. > This BS about Windows (Windoze, Window$, etc) is just that BS. I know many *VERY GOOD* Windows admins. A bad admin is a bad admin no matter what platform you put them in front of. There's a historical reason for that bias, since early windows versions weren't designed with network security in mind - but current versions are much better. So again, staying up to date is the key. > > | A professional qualification in basic server security would be a > | useful > | attribute. > > A basic qualification to operate a computer would also be nice. Sad thing is, there is no such thing. And if there were, it would always be out of date. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos