Complete noob...

[George Goodman]

Nick and Dave,

Thanks again...

> > If he *is* coming from Windows (or even Linux) then you can't really
> > blame him for being antsy about upgrading...

Ok, pavlov's dog ain't gont nothin on me, I NEED that patch 'cause
it's there - woof ;)

> Most security problems are configuration, not code, problems in
> OpenBSD.

Cool... errr... sh%$, no more excuses huh !

> I see some nice lady approriately named Rutkowska at Defcon rooted
> a Vista box.

Heh, viva vista... the vista fiasco is one of the reasons why I am
"allowed" to go to open source... don't knock it.

> I recommend printed matter.  The O'Reilly "nutshell" series is pretty
> decent.  GG's boss will be a good boss and cut him about $200 to go
> book-shopping.

The order is already in the mail (cool boss):

"Secure Architectures with OpenBSD" Brandon Palmer;
"Mastering FreeBSD and OpenBSD Security" Yanek Korff;
"Absolute OpenBSD: UNIX for the Practical Paranoid" Michael W. Lucas;
"Building Firewalls with OpenBSD and PF, 2nd Edition" Jacek Artymiak;

Should help me get my feet wet...

> It is vicious to start up X at boot time for the new user.

I already decided "no X" on the servers, unless someone can give me a
complelling reason to do it. Desktops are likely to be hardened Ubuntu
at this stage... still researching.

> Another pointer is the -a switch to man, which will cycle through
> all man pages for a given subject.

Thanks, it's in the notebook.

> The Korn shell (ksh(1)) is a somewhat expanded Bourne shell
> (sh(1)).

Guess I'll stick with that, since it's the default and the core dev's
no doubt have a good reason for that.

> Our original newbie is NOT going to be aware of a lot of subtleties
> of the sh(1) command line until they have bitten him, even the meaning
> of wildcards (such as that they are called "regular expressions" or
> "filename globbing" in unix, man regex, man glob) and the clever ways
> in which they can be abused.

I have a handle on some of this (regex) from programming perl etc.

> The naive will attempt to delete it with "rm -r" or by quoting it
> or otherwise goofing around.  man rm for the right way.

Another one in the notebook, thanks.

> No vi?  No unix.

I'm on to it, geez, this is not a minor undertaking :)

> There's a reason for that.  And now an old grey applications programmer
> tells you: learn vi.

Hope it doesn't take till I'm old and grey to learn, gotta earn my
keep and don't think the boss will wait that long (he's a bit that way
already).

> > > Do you have X working yet?  Do you have it working for *non-root*
> > > logins?

Why do I need it on a server... seems like it will just complicate things?

> BTW -- for GG -- one of the really nice things that OpenBSD has now
> is a man page for just about every configuration file found in /etc.
> man <name of file> usually is very interesting.  This was a great idea.

Another one for the notebook, thanks!

GG.