From owner-freebsd-chat@FreeBSD.ORG Fri Jul 25 15:03:28 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 07B2137B401 for ; Fri, 25 Jul 2003 15:03:28 -0700 (PDT) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A9EB43F3F for ; Fri, 25 Jul 2003 15:03:27 -0700 (PDT) (envelope-from brad.knowles@skynet.be) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.6p2/8.12.3) with ESMTP id h6PM30tW082517; Fri, 25 Jul 2003 18:03:15 -0400 (EDT) (envelope-from brad.knowles@skynet.be) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: <000a01c352e8$8d152790$1300a8c0@D6T8V231> References: <000a01c352e8$8d152790$1300a8c0@D6T8V231> Date: Fri, 25 Jul 2003 23:53:22 +0200 To: "Mooneer Salem" From: Brad Knowles Content-Type: text/plain; charset="us-ascii" ; format="flowed" cc: freebsd-chat@freebsd.org Subject: RE: BSD certification. X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2003 22:03:28 -0000 At 1:08 PM -0700 2003/07/25, Mooneer Salem wrote: > Preferably the problem would normally take about an hour to two > hours to solve. Each test taker would have access to a FreeBSD CD and > the Internet (for Google). Network and routing information would be > provided on a whiteboard in the front of the room in case the computers > are not set up properly for networking. Doesn't work. If they've got access to the Internet, they could contact someone who has already taken the test, get a quick overview of instructions to fix the system (maybe even a script), and be done in just a few minutes. They might even be given enough information to allow them to completely re-install the machine from scratch, avoiding any possible hidden problems that might have been more recently introduced. IMO, better would be to run FreeBSD in a jail (or perhaps under VMWare), on a shared central server, with various artificial problems created. They could access this "system" remotely via an X terminal or from a PC with ssh, and then you monitor all their activities (and every single keystroke) just like you would with a real honeypot. Even that would only be able to go so far. I've been doing Unix system admin since 1989 (and consider myself to be a SAGE Level IV), but there's various areas that I am not very strong in, including backups, user admin (especially network user admin with tools like NIS, NIS+, NetInfo, etc...), printer admin, etc.... Most of the systems I've administered have either been very limited in scope, or have been dedicated to certain roles, and therefore have had little or no "user" accounts on them (the only users have been other members of the system admin team), and no real need for complex printer or backup configurations. Check out the SAGE certification process at . Let us know how you think this process could be further improved. -- Brad Knowles, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)