Security Basics mailing list archives
Back to the original question - what is a Sys Admin?
From: "Craig Wright" <cwright () bdosyd com au>
Date: Mon, 3 Apr 2006 15:17:37 +1000
Hello Mattias, If you want to become a (Unix/Linux) Systems Administrator, you should understand what the role really is. The basic responsibilities of a system administrator are: staff training and support software installation, maintenance, and upgrading hardware installation, maintenance, and upgrading research and troubleshooting routine network administration and maintenance network documentation database supervision Daily tasks may consist of: performing backups of the server, adding and deleting new network users making sure that malware protection software is up-to-date, and cleaning any viruses that infect computers training and assisting staff in using hardware and software efficiently troubleshooting any routine problems that staff cannot fix on their own, Some good reading on the topic. ``Essential System Administration'', 3rd Edition, by Æleen Frisch ISBN: 0-596-00343-9, Publisher: O'Reilly & Associates (There is an Online Version) ``Unix System Administration Handbook'', 3rd Edition, by Evi Nemeth, Garth Snyder, Scott Seebass, Trent R. Hein. ISBN: 0-13-020601-6, Publisher: Prentice Hall Security comes into the role from the aspect of being able to lock a system down and to engineer the thing in the first place. Forget port scanning. Even if it was legal, doing a port scan does not demonstrate initiative, it demonstrates that you do not understand the role. Learning to port scan a system does nothing to help you compile a secure kernel. It does nothing to load patches and check that they have valid signatures. It does not help in reviewing logs for either performance or to see if there has been yet another attempt to crack the system. Port scanning will not tell you if the users have changed their passwords and if they have a process to change them. It is far easier to check and than lock down services Port scanning will not tell you if you have a cgi-script vulnerability on the secure web server open to students and staff only. For all that is posted about this on the list, learn to engineer a system well and you will go much further in the long term. Regards, Craig Dr Craig S Wright DTh MNSA MMIT CISA CISM CISSP ISSMP ISSAP G7799 GCFA AFAIM Manager - Computer Assurance Services BDO Chartered Accountants & Advisers Level 19, 2 Market Street, Sydney, NSW 2001 Telephone: +61 2 9286 5555 Fax: +61 2 9993 9705 Direct: +61 2 9286 5497 <Mailto:CWright () bdosyd com au> "The scientist is free, and must be free to ask any question, to doubt any assertion, to seek any evidence, to correct any errors." Oppenheimer, J. Robert Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Back to the original question - what is a Sys Admin? Craig Wright (Apr 03)
- Re: Back to the original question - what is a Sys Admin? Kurt Buff (Apr 03)