Interview with Scott Mann, co-author of Linux System Security: The Administrator's Guide to Open Source Security Tools, 2/e
by Mirko Zorz - Wednesday, 26 March 2003.
Who is Scott Mann?

I am a computer jockey by profession. I've been working with UNIX and TCP/IP for nearly 25 years. Windows for 8 years. I'm also a sometime auto mechanic. Basically, I just like getting things to work.

How long have you been working with Linux, and how did you get interested in it?

I started fooling with Linux in 1995. I was intrigued by an open source UNIX-like operating system - having source code made figuring things out so much easier! By 1996, I was using Linux for a variety of purposes, it is such an inexpensive way to get a UNIX-like box. Beginning in 1997, I was using it for firewalling, routing, education, and a variety of similar uses.

How did you gain interest in computer security?

In the mid-80's, I was a programmer who had an interest in how operating systems worked. At that time, the UNIX administrators I worked with also had the responsibility for either mainframes or VMS systems or both. Often, I needed to get things done and couldn't get the administrator to do what I needed (either because he didn't know how or didn't have time). So, I'd figure out ways to gain root access and do it myself. Of course, today, such behavior is unacceptable. But then, the admin didn't even know what I had done. In 1987, I officially became a UNIX administrator in a University environment. I became "interested" in security because I got tired of all the tricks students were playing on me! I had to figure things out and put things in place to stop their activities. At the time, I really didn't think of it as "security". By 1993, I was involved with all sorts of activities specific to limiting access, hardening systems, and monitoring networks.

How long did it take you to co-write "Linux System Security: The Administrator's Guide to Open Source Security Tools, 2/e" and what was it like?

It took about 6 months. I find writing about technology to be interesting, challenging, fun, and tedious. It is interesting because I always learn something new. It is challenging because I really want to write in a "how-to" style and it takes a lot of work to get it to a point where people can both use a "how-to" and learn from it. It is fun when people read it and figure things out from it. The tedium comes from the copyediting, the re-reading, the re-writing...

In your opinion, where does Linux need the most development at the moment?

I still think that there are two major areas. The first is application support. Application developers (everything from word processing to databases to games) have been slow to adopt Linux as a platform. A lot of this can be attributed to the economic climate over the last three years, but at least some of it is attributable to the second area of development need.

The second is ease-of-use/ease-of-administration. Although the desktop environment (either gnome or CDE) has gotten much better, there are still major issues with configuration and administration. Simple things like configuring X-Windows still requires considerable knowledge under certain circumstances. Adding devices and device drivers can still challenge the most adept administrators. Configuring a Linux firewall, for example, is quite a challenge.

Better documentation and better GUI interfaces will make a huge difference, but these things take a lot of time and effort. It is getting there, it just has a way to go.

What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?

Unquestionably, the biggest challenge is with the people within the enterprise. All the technology in the world won't prevent someone from giving out their password or doing damage to a compute environment.

What's your take on the adoption of Linux in the enterprise? Do you think it will give a boost to security?


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Dec 1st