Full Disclosure mailing list archives

Where to start

From: "Andrew Aris" <andrew () dev bigfishinternet co uk>
Date: Tue, 9 Mar 2004 14:40:33 -0000

Well I can speak up for one as someone who doens't have a huge knowledge
base. So I would also be most interested in any sort of pointers on starting
out as a security admin. I'm not completely ignorant but it is only recently
that I have become responsible for security of more than a small home
network. (In this case a W2K3 web server and also the office network). Much
of background in security is theoretical learnt during my postgrad year so
real world info is what I'm after.

Apologies if the list wasnt the correct place for this post.

Regards,

Andrew

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Aschwin 
Wesselius
Sent: 09 March 2004 11:23
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Where to start

Hello,

First appologies for having trouble doing something simple as sending 
e-mail. Evolution is new for me.......

Now I'm on this list, I think I could ask you people a question (or 
two)....

Does a good security-officer have to know everything about every hole? 
I myself don't think so, but where do people start?

If I see lists and forums about network-security it seems that 
everybody knows a lot and has a huge reference base. Is this true?

I want to learn more about security stuff, but I can't find the real 
basics to build upon anywhere. When there are posts on lists they 
presume that everybody has a certain knowledge level and are aware of 
best practices. But is this true?

Just because there are discussions, it seems that there is not one 
overall and central way of keeping track of evolving issues. How do 
people keep track easily with up to date best practices and not get 
distracted by "old" advisory?

Any comments are welcome.

Aschwin Wesselius

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Where to start Aschwin Wesselius (Mar 09)
- RE: Where to start Curt Purdy (Mar 09)
- Re: Where to start Andrew J Caines (Mar 09)
- RE: Where to start Aditya, ALD [Aditya Lalit Deshmukh] (Mar 10)
  - Re: [11:29:07 security.rc] RE: Where to start Aschwin Wesselius (Mar 10)
- <Possible follow-ups>
- Where to start Andrew Aris (Mar 09)
  - Re: Where to start petard (Mar 09)
  - RE: Where to start Andrew Aris (Mar 10)
    - Looking for MSN Exploit Na7aS (Mar 11)
    - Re: Looking for MSN Exploit Richard Maudsley (Mar 11)
    - Re: Looking for MSN Exploit Byron Copeland (Mar 11)
    - RE: Looking for MSN Exploit Replugge[ROD] (Mar 11)