Aw relax, a fellow LQ member already offered his services way back wrt to doing SGML magic. I don't expect members to write XML or SGML. ASCII should do. I can see where a Wiki could come in handy, but the tutorial will be initially posted and edited on the mailinglist, posted at LQ and distributed (if suitable) from here.

XML isnt that hard though as long as a DTD or schema is pre-defined you could just write it based on that. Very simple just like HTML.

Like I said.
It's all been taken care off.
Plain simple ASCII will do.
No need to talk about any ML's in this thread anymore.

Well, the idea behind SGML is that a lot of the earlier languages like HTML and XML adn the earlier word processors for Linux can use it to import things in if you define the format structures and if it is pure SGML things like Lyx can use docs with minimal change. It is a way to make a document more portable and unlike say .pdf format, LOTS of things can use it and edit including the more traditional Lyx. Klyx (not Kilyx (Kylix??)-- I mean the Borland tech based dev product with this name after 'not') is a KDE compatible front end for Lyx. I do not like it because I was never good with the old WordStar in DOS whihc shares a lot of the functionality and many of the keystroke combos with Lyx and Lyx itself is public domain mostly these days. So a lot of long time Linux users like Lyx and SGML documentation apporaches while more modern folks know you can work in OOo, un-gzip the file, take and rename the content part of the file and have most of your base doc in plain text and this is faster in modern boxes than building SGML rules and trying to apply the CSS which is the other part of the file. OOo CAN also run out .pdf files these days also. Thus a Windows user thinking of migrating can read docs about Linux at the newbie level and if those are GPL'd can print and use and share with friends who are also interested, adn that kind of thing snowballs the Linux growth in the long run faster than trying to teach SGML to folks.

A lot of these prefs are things that depend on where you are at and where you want to go, and making things more easily accessible for newbies coming from the Winodws world and explaining how Linux is different and better in basic terms will snowball growth given current events. BTW, we now have a 2 year period to be showing what Linux devs can do, and a small breathing space. Microsoft has put off Longhorn until 2006 as far as official release of the next full Windows version. Oh, Microsoft now protects its HQ computers and servers with border boxes using Akimai.net Linux based technology boxes, and given their development of the Windows web servers for Unix they might be runing a variant of that now or soon on things like http://windowsupdate.microsoft.com (yes, they put the URL\URI back to the OLD place to make Blaster unable to attack http://www.windowsupdate.com/ ). I would say we need docs in a form that users of both worlds can read easily and quickly and that that would snowball things faster than anything else of itself. That will bring, in and of itself, more users to sites like LQ than any other one factor, and if we stick to clearly expressed facts that are provable by end users (thus self-proving) we will be in fact doing the Linux world a BIG favor while the site grows more as younger folks get tired of the same old thing and want Linux flexibilty instead.

jdii1215, with all due respect, but this is NOT your average LQ thread: this thread is dedicated to one purpose and one purpose only and that is all things related to the LQ newbie security tutorial.
So please refrain from elaborating on stuff or voicing opinions that do not closely relate to the given description of this thread.
And like I wrote above, all ML stuff is taken off.
So no more about that.

Well fine. By the way, Jeremy sent out an email to all of us saying that there is now a Mandrake area and that Mr. Duval is participating in that area.

The discussion evolved into how to produce content with the offer of the user whose post I read and I had not gotten subscription notifies of the thread showing your "Aw Relax" post when I posted this and had not seen it.

Sorry for intruding ideas I thought helpful, I am a busy system builder and integrator with mostly Windows clients I would like to migrate to Linux adn which need info they can relate to. Please refer to Jeremy before preempting what I think of as fruitful relevant discussion and have Jeremy email me about this issue. Otherwise you folks may pull my ID, for I will not be back often under these circumstances. If you have material and people to gen why was this thread started, anyways instead of the tutorial being offered as produced???? I could have and would have offered help and could have talked to Vincent myself and gotten permission for his knowledge to be used as his Twiki is GPL'd in entirety and is not even 10% Mandrake only. FYI I host one Twiki with him and that was not relevant so not mentioned here before.

We also have a generation gap going, I am 49+ years old and have been dealing with various forms of computer security for a VERY long time and inherent security is WHY I surf here in Linux and 90% of my total surfing uses Linux. I am a grass roots type so I like this atmosphere except when someone stomps on input and discussion of howto which would apply to any site content, and when the knowing of howto easily would get more content. I was therefore interested in how other folk's distros work as far as security goes but can in fact get that info more concisely elsewhere than on a non-substantive tutorial that is not even released for viewing.

Well fine.
//moderator.note: Well fine indeed, and this leaves for me the ungrateful task as LQ moderator to ask you to to stop posting to this specific thread, because you seem to insist on continuing what I explicitly asked you not to do: elaborating on stuff or voicing opinions that do not closely relate to the given description of this thread.
I will email you to keep the remainder of your discussion out this thread and see if we can end it in a respectful and mature fashion.

*A note to everyone else: please do NOT use this thread to voice your opinion on the conversation between Jdii1215 and me or any other matter that is outside the scope of the thread.

unSpawn,

btw, what's the status of the tutorial? it appears my subscription to your mailing list concerning the newbie tutorial is either broken, or there hasn't been any information sent in a number of weeks

No Chinaman, you're right. There hasn't been any comms the past two (three?) weeks and I've been offline for a while as well.

There is someone who has been helping me configure my Debian system, and it is looking really good! I am anxious to proof-read and test the tutorial's steps once it comes to fruition.

Keep up the good work! I know you are very busy, and if there is one thing I've learned whilst migrating from Windoze to Linux, it's...

patience, patience, and more patience

I am finished with this thread, except to say that the core of Linux security is long established designed-into-linux things to limit breakins, hacks, DDOS attcks through co-opted boxes and that for non-server boxes typically the mid level of what your distro offers in canned security firewall settings is enough for an end user on the Internet 24\7.

My security at default is enough that I have been running Linux 2+ years at default medium in two distros and part time in BSD and have never been hacked and have told ComCast enough that they rule blocked SoBig.f in my area 3 days after launch. Machine folds in Linux 90% of the time and zero interruptions have occured where the Folding@Home end did nto have a server offline for maintainance. To understand Linux security, well know for starters that it was designed ground up for servers over its history and servers need better security than end user boxes. Most eventual Linux admins start as end users.

Unspawn wants to impose his own rules in this thread, I am out of it because part of my participation in any tutorial would be to define scope at newbie level and that includes basic education for a newbie so he or she does not by his own actions open his\her box to attack by being root all the ime or something else ludicrous like that (root versus user security is Linux's front end core security against being hacked by someone not local to machine for an end user machine on the web but not serving). This appears to not be what unspawn wants or he would not cut me off like this and would instead consider scope more carefully from a newbie perspective.

For an advanced guide, well the devs of iptables and users of it as Enterprise admins said it best themselves already and the one single best book is by a person who makes a living using iptables to secure enterprise nets on Linux and BSD and that book is 562 pages and is titled Linux Firewalls. I have the second edition and 90% of that book is still usable after the second edition came to New Riders and was finalized in November of 2001.

The main author is Robert L. Zeigler, adn he was at University of Wisconsin-Madison teaching security in Unix and Linux and BSD at that time, adn the following worked with him:

Carl B. Constantine, the contributing Author, is a person who admins the Unix net at University of Victoria, in British Columbia, Canada. He is also a programmer analyst there and has contributed to iptables.

Anyone worth his salt in the IT industry has heard of John C. MacMillan who at the time he did tech review on the book and was when he did his tech review of this book the Chairman of the SANS Unix Security Certification Board. He is also related to the owners of MacMillan Publishing. This book was published by New Rider's Press.

The other tech reviewer happens to be the first RedHat cert class instructor, Joshua Jensen. He wrote large parts of the Networking, Security, and related parts of the cert courses and maintains them. I have no idea who a person who uses an Unreal Tournery chjaracter type name as his handle, but gaming and security are two different things.

At this time I formally REQUEST that my ID be pulled. i will not be further associated with this site due to a mod who comes on too heavy and lacks the perspective to discuss security well from what I have seen and does not know or care that Linux was designed core out for security and thus everything is relevant with this operating system as far as security because all the distro folks participate with admins and users cooperatively to fill security holes as fast as they can after they are found.

The distro I use happens to also cater to new users very well, but I will not name it as this devil's spawn (unspawn means undead spawn or undead in part generated or created child) of a moderator has told me such mentions will be pulled. This despite the fact that three major brokerages on Wall Street have converted to it for their financial net servers because it was proven to them in real online trials that it was best for them.

90% of security is understanding how it works for you as built and canned unless you are targetted and even then you will know it if you pay attention to what your Linux logs and what your intrusion detection software tells you is happening or has happened.

John C. Danielson, II -- Career information systems integrator, Punta Gorda, FL. I could write this tute in about three hours in full. Nolonger interested in doing so.

//moderator.note: Thank you jdii1215, for your contributions to this thread. As moderator for LQ it would be inappropriate for me to comment on and react to the misinterpretations made in your monologue. I'll just say:

"When a man
points at the moon, the fool
looks at his fingers."

For everyone else this unfortunately means I will have to temporarily close this thread to keep jdii1215 from posting even more monologues. TIA for understanding.

jdii1215,

I was going to stay out of this but I feel the need to point one thing out (that seems to have gotten lost here). UnSpawn's problem is not at all with what you are discussing or your approach - it's with that fact that you are doing so in *this* thread, which unlike most threads has a very specific purpose as you can see by looking at it from the forum view (ie. it's clearly marked differently from the others).

--jeremy

I am a real newbie when it comes to linux. I managed to get Mandrake 9.1 up and running on a second drive in my computer, dual booting with WinXP.

I'd consider myself an average computer user, and have been reading a little more in security lately. I just purchased a wireless router and have been setting up a small home network. I would love to be a part of getting a good security tutorial written for Linux.

I work from home now and then, and sometimes find myself with a lot of time on my hands. I'm not sure how far you guys have gotten, but I would like to offer anything I can. Editing, testing, maybe even a newbie point of view.

Please feel free to contact me - Jeff @ OpenSouls.com

Thanks,

Jeff

So, I suppose it's time I pulled finger and posted the drafts of the Networking Security part...

Thanks all for the continued interest and apologies for the continued wait!

Be back soon!