Linux Security: Reflections on 2002, Eye on 2003

Mirko Zorz writes "Here are the reflections on Linux security in 2002 and predictions for 2003 by Bob Toxen, one of the 162 recognized developers of Berkeley UNIX and author of the acclaimed book "Real World Linux Security" already in its 2nd edition. Read more at Help Net Security."

Re:Damn

[yamla]

I personally don't refuse to purchase from places that use IIS but come on. If they can't afford to pay some guy tons of money to set up a linux server, they presumably didn't pay _anything_ to a guy for securing their site. If their site isn't remotely secure, why should I buy from them?

Help net security: Toxen's Publicist

Help Net Security seems to be Bob Toxe'ns personal publicist. Let's see, they wrote and submitted the RWLS book review, performed at least one interview with him, drove people to their site to win free RWLS books. Now, how many other Linux experts have they interviewed and plugged? Can you find any references to Building Secure Servers vith Linux (Bauer, a damned fine book) or Hacking Linux Exposed (Hatch, also excellent)? Or even a note about inferior books, such as the Red Hat security/optimizing one, or Maximum Linux Security? How about an interview with Ziegler of "Linux Firewalls" fame?

Nope, seems to me Toxen's pseudonym is "Zorz".

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Damn

[Error27]

>they caught the guy too

You just summed up the difference between using a credit card at a restaurant and using one online.

I do not think he is paranoid. Three months after CodeRed first appeared, one out of ten "secure" or "comercial" IIS websites were still infected. (Note the word "secure" as in encryption and the word "infected" as opposed to merely "vulnerable".)