From: Martijn Lievaart on 8 Mar 2010 01:56 On Sun, 07 Mar 2010 12:24:31 +0100, Mart van de Wege wrote: > You know, sometimes security is best served by giving an admin the tools > to reduce their response time to an incident. That gives them the time > to ascertain whether the incident is merely an innocent crash or an > actual exploit attempt. Don't get me started, I work as a security officer too. Most notable tool of software not installed for security reasons is 'lsof'. Which means I cannot investigate certain kinds of incidents in a competent manner. That and a monitoring team that create tickets because I executed 'man' as root (yes installed on that machine). That email has decorated the wall for quite some time. M4
First
|
Prev
|
Pages: 1 2 3 4 5 6 Prev: perl -014pe Next: How can I write "print $F[4] if exists $F[4]" even simpler? |