Over the past five years, Sean Boran has put together what has become the most comprehensive online Internet security resource available. LinuxSecurity recently had an opportunity to chat with the author, talk about its new home at LinuxSecurity.com, and a few words about the resource itself.
The IT Security
Cookbook contains valueable information for security professionals,
computer users, and system administrators on topics including security
policy development, operating system security, application security issues,
and much more.
LinuxSecurity.com, the community's center for security, has made available
the resources within the IT Security Cookbook to its users and provided
Boran Consulting with a new home, as well as email and DNS services.
Sean Boran, author of the IT Security
Cookbook and president of Boran Consulting explains that the resources of
LinuxSecurity.com provides less expensive hosting for his free
resource. Sean adds, "It
also increases its exposure to Linux readers, given the pull that
LinuxSecurity has."
"I was already a pretty frequent visitor to LinuxSecurity.com," writes
Sean, "so it seemed quite a natural place to host the cookbook, when
the idea was proposed."
LinuxSecurity.com: Why is
it important for IT professionals to read your cookbook?
Sean Boran: Because it starts at
the top (policies) and goes all the way down to technical recommendations.
LinuxSecurity.com: What is
the intended audience?
Sean Boran: Well there a general
policy/classification section that is probably of interest to a large
audience, where as the technical chapters on UNIX and Windows are useful
to administrators of these systems. More precisely:
- Line managers (Chapters 1-4, 6).
- Computer Users (Chapters 1, 2, 6.2 User Policy)
- System administrators, Security administrators: Chapters 7-22
- Technical Project leaders: Chapters 1-7, 15.
LinuxSecurity.com: Why did
you write the cookbook in the first place?
Sean Boran: I didn't see anything
similar on the net at the time (back in 1995/6),
there was a few documents here and there, but little that pulled the
various security issues together. I also wanted to make my contribution
to the Internet, instead of "just taking" ...
For example I use lots of free software developed by others, this was my
way of "doing my bit". Security was a pretty closed affair a few years
back, before SANS and all the new portals such as LinuxSecurity.com, I
wanted to share ideas and allow peer review of my ideas.
LinuxSecurity.com: How
long has it taken to write?
Sean Boran: About 1 year, with
many additions/corrections over the last 5 years. Mind you like much
"software" it's probably due a rewrite!
LinuxSecurity.com: What does
Boran Consulting do?
Sean Boran: We provide
IT Security and Operations services to our customers. The exact focus
depends on the environment and customer needs. Last year we did a lot of
work on Intrusion detection systems and audits, a few years back the focus
was more on education, policy, strategies and concepts.
Over the last two years many articles were written for SecurityPortal
until it's demise last summer. These articles allowed me to better
document and generalise tools and ideas I was using in the consulting
practice.
LinuxSecurity.com: What are
your future plans for the reference?
Sean Boran: I've been working on
a series of accompanying articles on Solaris hardening, ssh and Linux.
These are not yet integrated into the book, but can be reach at
http://www.boran.com/security/sp.
I really need to review and review the book entirely, expecially the
techie chapters, but am having trouble finding the time..
LinuxSecurity.com: What are
some of the major pitfalls Linux administrators fall into?
Sean Boran:
- Complacency
- Using default settings (though the vendors are improving a lot here)
- Installing too much software
- Not monitoring logs
- Don't have policy, or have never really analysed the risk: they may be
concentrating in the wrong area.
LinuxSecurity.com: How can
your reference solve these problems?
Sean Boran: Many Linux users
are techies and have a pretty good grasp of the techical issues of secuity,
and sites like LinuxSecurity can keep them up to date. But a crash course on
Policies and Risk management would do no harm. This book crosses many
boundaries, from policy to security management to firewalls, from penetration
testing to securing NFS to using encryption.
LinuxSecurity.com: What do
you feel is the most common Linux vulnerability? What can be done to prevent
it?
Sean Boran: The buffer overflow.
Measures:
- Only install what you really need.
- Watch the logs of any active network daemons carefully, and chroot 'em
if you can, don't run them as root if possible.
- Only let people access your system who really need to.
- Setup a regular patching schedule
- Pray that SW will get better...
LinuxSecurity.com: Do you
believe the open source nature of Linux provides a superior vehicle to
making security vulnerabilities easier to spot and fix?
Sean Boran: In the long run
yes, but it's been painful. The basic problem is that 99% of people USE
open source, but only 1% or so have to do all the work and write the stuff.
I'm convinced that it's a good thing and we should
all do our bit to support open source, I'd especially like to see large
corporations committing programmers to key OpenSource projects.
LinuxSecurity.com: Sean,
thanks for taking a minute to speak with us today.
Powered by AkoComment! |
