OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: BitchX /ignore bug
From: Juan M. Courcoul (courcoulCAMPUS.QRO.ITESM.MX)
Date: Fri Jul 07 2000 - 17:08:03 CDT

On Fri, 7 Jul 2000, Bluefish wrote:

> > Is it the teachers' fault, can anyone be blamed? More
> > importantly, is there anything (short of Java, or any change in language)
> > that can be done about it?
>
> My experience from 2 years of undergraduate master of science eductation,
> is that there's never any mentioning of "insecure" programming. In the
> computer security course I took there was some mentioning of buffert
> overflows and similar threats, but isn't enough to ensure that code is
> written moderately well. And the security course is entirely optional.
>
> Actually, I fear it's the same at most universities. The avarage computer
> science students leaves his/her education with hardly any knowledge of
> security, and if (s)he has been taught any of it, it has been too
> theoretical.

Ok, I'll bite. I'm going to be teaching a one-semester course for Computer
Science undergrads this fall. It's called Operating Systems II and it's
supposed to cover Windoze (all flavors), MacOS and Unix, but since I don't
care much for Bill Gates' creations and we don't have very many Macs to
play with, I'll be making it "Unix SysAdmin 101" for all practical
purposes.

What would you recommend be covered, security-wise, in such a course ?
Bibliography would be helpful.

J. Courcoul courcoulcampus.qro.itesm.mx
Servicios Computacionales Directo (4) 238-3181
ITESM Campus Queretaro Secretaria (4) 238-3175
Queretaro, Qro. Mexico Sky (800) 723-4500 PIN 5597110