[SWLUG] Technical Meeting Announcement and Call for Papers/Talks
Chris King
swlug at csking.co.uk
Thu Apr 9 15:59:12 UTC 2009
On Thu, April 9, 2009 16:33, Gerald Davies wrote:
> On Thu, Apr 9, 2009 at 15:52, Carwyn Edwards <hovercraft.eel at gmail.com>
wrote:
>> Perhaps I coould do a talk on something security wise? About the DNS
bug that was big a while back, or a tool like Kismet?
>>
>
> How about something useful for punters to take away? How about "How to
harden your box and put measures in place to detect intrusion" ?!?!?
>
> The Linux users I see on day to day basis have absolutely no idea how to
harden a box or would even know if an event took place :-(
OOps, slip of the keyboard there...
I'd agree with that - running Linux does NOT make you indestructible, as
some of the fanboys would have you believe, and I've seen some god-awful
setups over the years. Most of the Unix/Linux compromises I've had to
investigate are NOT sophisticated hacks, they were usually caused by
misconfiguration of application software, or through not applying security
patches.
A talk on basic security advice would probably go down better than trying
to dissect the Kaminsky DNS bug - try explaining to managers that you need
to patch your DNS servers right now, to apply updates that won't guarantee
a 100% fix :-(
Chris
--
Chris King
chris at csking.co.uk
http://www.csking.co.uk/
--
Chris King
http://www.csking.co.uk/
More information about the Swlug
mailing list