[TriLUG] Pr00freaders Unite

rpjday rpjday at mindspring.com
Fri Dec 28 12:28:47 EST 2001 

On Fri, 28 Dec 2001, Jeff Bollinger wrote:

> I've been working on a document for work and I was hoping maybe some 
> other eyes might like to take a look at it before it goes live 
> (officially).  It's about how to install and secure a RedHat 7.2 
> Workstation.  This is the first draft, and is not linked from anywhere, 
> so it may be moved later on next week, but if anyone gets the chance and 
> feels up to it take a look at this page and feel free to rip it apart 
> and give me suggestions (grammar, style, and format will all be taken 
> care of) on the content and any other neat tips you may have.
> 
> http://www.unc.edu/security/linux2.html

ok, you asked.  it's not clear what your major theme is on that web
page.  is it installation?  is it security?  (and it's probably not
a good idea to say "both".  the best documents have a specific theme
to keep the reader focused.)

for example, the first part of that page spends an inordinate amount
of time on the details of installation.  that's fine -- if this were
a tutorial on installation.

but then you switch to registering with red hat -- a sudden change
of direction -- after which you concentrate solely on security.
i submit you'd be better off dealing with a single topic.  if you
want this to be a security paper, then your discussion of installation
should cover only those topics related *directly* to security,
nothing else.

all of this is related to another issue -- who is your audience?
beginners or fairly competent admins?  anyone who's ready to start
configuring tripwire or portsentry is not the kind of person to whom
you have to explain the value of picking a good root password.

anyway, my $.02.

rday

p.s.  before promoting logcheck or portsentry -- both products of
www.psionic.com -- you might want to check the license under which 
these products are made available.  there was some controversy recently
about psionic releasing software under more restrictive terms than
the GPL.

you might want to check out the "aide" package -- advanced intrusion
detection -- as an alternative to tripwire as well.

More information about the TriLUG mailing list