How did you gain interest in computer security?
In 1996 I started working for Digex, Inc., which at that time was a tier-1 ISP in Beltsville, MD. My initial role as a support technician had little to do with computer security, but less than a year later I moved into a group that was tasked with maintaining a set of nearly 100 Check Point firewalls and a few Cisco NetRanger systems for network IDS. This exposure to both the policy enforcement and network intrusion detection sides of computer security sparked a keen interest in the field, and because we were responsible for a large set of systems I also developed an interest in automation. At the time, I had decided to round out my academic pursuits as well and had entered graduate school in the Mathematics Department at the University of Maryland initially to pursue a Ph.D. in pure mathematics. However, my interest in computer security became strong enough (mostly because of the exposure to the field of intrusion detection) to compel me to change my degree path to applied mathematics with a concentration in computer security. I finished in 2000 with a Master's degree. There was nothing more intellectually humbling than attempting to do graduate level work in pure mathematics, and I'm grateful for having had the chance to try, but my heart is in applied aspects of computer security.
Which is your favorite Linux distribution? Which one do you consider to be the most secure?
These days I've become a fan of Ubuntu, and run it on my laptop and also my desktop at work. With the completeness of the Debian repository tree, I find that Ubuntu meets my software and hardware support requirements. Also, Ubuntu is not "service happy", and does not start a huge number of services by default that you might not need (or want) to run. At home, I have a Gentoo system, and a Fedora system as well.
When it comes to security, I view major Linux distributions as relatively similar; that is, they all provide security updates to interested users, many have installers can deploy a firewall, and some take the next step and provide the ability to deploy kernel-level security mechanisms (such as the Mandatory Access Control layer provided by SELinux). Even with all of these protections, it is best to think of security as a process (particularly as something that requires monitoring), and as such always needs to be applied regardless of the Linux distribution.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.