[ALUG] FREE IT WORKSHOPS AT JR INSTITUTE.

Hamisi Jabe administrator at banana.co.tz
Mon Oct 3 15:17:00 EAT 2016 

Dear Andreas,

Too much have already covered from your point outs 

What is the big effect on this 
	Why is it a really stupid idea to use pirate copies?
As 99% of users use pirate copies of windows and office
	Why should I pay extra attention to networked printes etc.?

Just to brainstorm as we are waiting for the training


Thanks



-----Original Message-----
From: Linux [mailto:linux-bounces at lists.habari.co.tz] On Behalf Of Andreas
Tauscher via Linux
Sent: Monday, October 3, 2016 3:09 PM
To: Lomayani S. Laizer <lomlaizer at gmail.com>; Linux Users in Arusha
<linux at lists.habari.co.tz>
Subject: Re: [ALUG] FREE IT WORKSHOPS AT JR INSTITUTE.

On 03.10.2016 10:08, Lomayani S. Laizer via Linux wrote:
> One thing interesting to mention here. I know most people will be 
> interested in security but this is most trick topic. Need high skills 
> more than any topic
> 
> Imagine teaching how to secure web servers or email server while most 
> people dont know how to configure web services and email services 
> Teaching securing a network someone dont know even how to configure a
vlan.

Uh yeah.

> If someone go for security he  have to have knowledge of most of basic 
> stuff

Leave the advanced security things.
Often are already the very basics missing.

Starting with things like:

Why are updates are important?
Why do I have to know what in my network is going on?
Why should I split my network in subnets?
Why must no user have administrative rights?
Why does encryption in the LAN matter?
Why should I read the logfiles?
Why is it a really stupid idea to use pirate copies?
Why should I use switches with management capabilites?
Why should I pay extra attention to networked printes etc.?
Why should I have a separated network for all the gadgets people brining in?
Why is a shared WiFi password a bad idea?
...

And then piece by piece the needed tools are coming like VLANS.
How do I read logfiles? If I install software like snort or software like
integrity why I'm doing it and for what specific I'm looking for?
Why is all this useless nonsense if nobody reading the reports because they
are unreadable because of 1000000 false alarms per hour?

And cleaning up with the wide spread opinion: I have installed a firewall,
an IDS and was running a fancy colourful penetration test I found somewhere
and now I am safe.

Security is causing permanent and daily work and learning.
Already this understanding is often missing.

Starting with such very basics like: Why do I have already a serious problem
if my users have to know what an IP address is?

Andreas

More information about the Linux mailing list