BSD certification.

Brad Knowles brad.knowles at skynet.be
Fri Jul 25 15:03:28 PDT 2003 

At 1:08 PM -0700 2003/07/25, Mooneer Salem wrote:

>           Preferably the problem would normally take about an hour to two
>  hours to solve. Each test taker would have access to a FreeBSD CD and
>  the Internet (for Google). Network and routing information would be
>  provided on a whiteboard in the front of the room in case the computers
>  are not set up properly for networking.

	Doesn't work.  If they've got access to the Internet, they could 
contact someone who has already taken the test, get a quick overview 
of instructions to fix the system (maybe even a script), and be done 
in just a few minutes.  They might even be given enough information 
to allow them to completely re-install the machine from scratch, 
avoiding any possible hidden problems that might have been more 
recently introduced.

	IMO, better would be to run FreeBSD in a jail (or perhaps under 
VMWare), on a shared central server, with various artificial problems 
created.  They could access this "system" remotely via an X terminal 
or from a PC with ssh, and then you monitor all their activities (and 
every single keystroke) just like you would with a real honeypot.


	Even that would only be able to go so far.  I've been doing Unix 
system admin since 1989 (and consider myself to be a SAGE Level IV), 
but there's various areas that I am not very strong in, including 
backups, user admin (especially network user admin with tools like 
NIS, NIS+, NetInfo, etc...), printer admin, etc....

	Most of the systems I've administered have either been very 
limited in scope, or have been dedicated to certain roles, and 
therefore have had little or no "user" accounts on them (the only 
users have been other members of the system admin team), and no real 
need for complex printer or backup configurations.


	Check out the SAGE certification process at 
<http://www.sagecert.org/html/use.php?view=home>.  Let us know how 
you think this process could be further improved.

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

More information about the freebsd-chat mailing list