New Messages
From: Nikolai Bezroukov (postmaster@softpanorama.org) I am disappointed with the quality of Elizabeth Zinkann’s reviews. They are both superficial and unfair. For example in her recent review she wrote the following about the extremely weak book Solaris Security by Peter H. Gregory: Solaris Security by Peter H. Gregory is an outstanding addition to any administrator’s security library. The author demonstrates how to make your system more secure and the best ways to protect it. The information provided applies to most UNIX systems with the examples implemented on a Solaris system. Gregory presents detailed information, well-documented disadvantages (e.g., TCP/IP problems), and numerous references for further information. (The information in the Appendices alone is worth the price of the book.) This is a superb book on system security and how to achieve it, written in an excellent and detailed style. As a subscriber of the journal I think that this is a direct assault on reader intelligence and the magazine probably will benefit from more realistic reviews. Just compare this review with reviews for this book at Amazon.com. IMHO Sys Admin readers do deserve a better reviewer.
Nikolai, You objected to the author’s coverage of current tools. Utilities can develop or become popular overnight; books take longer to print. No printed publication is done in Internet time. Gregory goes through all of the steps and procedures connected with each topic. Most administrators don’t need all of the steps, but there are administrators who prefer that type of description. When a problem arises, it is often necessary to start at square one. It is also very easy to miss a step, which is both frustrating and time-consuming. Not every administrator is solely responsible for every facet of the system. Even when they are, it’s not difficult to find a segment of the system that they didn’t set up or that was set up when they had less expertise. Security, backup, and recovery issues are typically the most neglected areas. Additionally, there are a lot of administrators who haven’t been administrators until their last promotion or job change. This type of detail and explanation is needed and preferred by many readers who are administrators. Thank you for your interest in Sys Admin.
Elizabeth Zinkann
Here’s a response to my remarks about the “ILOVEYOU” virus (in July syslog). —AA
From: Joel Munt (joelm@turtletech.com) Though UNIX is a very powerful system it IS very often hacked and has often been brought down by viruses and worms. Its best defense (as is Windows) is a decent security policy and education of the users (no one with any computer sense should have assumed that a VBS file was a letter anymore than they should have to an EXE file). As Linux grows in popularity, viruses on it will grow as well (and likely be more devastating because most Linux systems do not have as knowledgeable administrators as on a traditional big UNIX system)! All OSes are open to attack and those who think differently are only fooling themselves about how secure their system is.
And, in response to the question of “is the Sys Admin newsletter spam”, I received some excellent replies. Here’s an example:
From: Tim Boyer (tim@denmantire.com)
Amber: That said — yes, it’s spam. I didn’t complain because I would have opted in, given a choice. Here’s why. The fact that we have a business relationship does not mean that I want to receive email from you. Otherwise, any relationship — no matter how tenuous — could be used. “You visited our Web page, therefore, we’re sending...” “You once bought something from us, therefore, we’re sending..” “You posted something on usenet, therefore, we’re sending...”. Intent does not really matter. I’m sure that you’re sending out your mailing list with the best of intents. Consent is the issue. This can be done in a number of ways: a separate mailing to subscribers; a blow-in card in the magazine; a check-off box on the Web site. But it must be closed-loop opt-in — see http://mail-abuse.org/rbl/manage.html.
Tim Boyer
Your points are well taken. Thanks for writing! —AA |