Wednesday, February 08, 2006

A list of "four most common Unix security mistakes"

I love those "security mistakes" papers (I've written a few myself) and here is a fun one specifically on Unix. "The four most common Unix security mistakes" by Paul Murphy covers "four worst security strategies affecting Unix deployment in business and government."

Here they are:

#1: Using Windows to administer Unix
#2: Abandoning minimalism for convenience
#3: Failing to practice preventative management
#4: Focusing where the risk isn't

In the discussion following the article some folks criticize the #1 for being "platform zealotry" and I tend to think that even though Windows workstations and laptops used for Windows can be secured, they rarely are and it makes the mistake valid in the real world.

Dr Anton Chuvakin