Firstly, dont take any of my comments on this forum offensively, none of my comments are intented to be offensive towards you or anyone else
netswitch said:
Well if I was a full security and programming guru, I don't think I would (need to) use DA.
Programming has little to do with systems administration in any way, DA is scripted in C, you dont need any knowledge of C to secure a system as an example. Security also has little to do with DA, DA is *not* a security system for your server... its there to automate the setting up of websites and allow easy control for users.
netswitch said:
I don't really understand your 2 first sentences as you are writing howtos on how to set up mrtg..
why don't you just said in your how to "go and hire an admin"
I write how-to guides to help people along as much as possible in many aspects, getting the most out of your system and security would just be 2 areas. The problem is not I dont write enough how-to guides and applications, its rather, that beyond a certain point how-to guides cause more trouble than they are worth, spamassassin with mailscanner is an example or a slightly more complicated guide, if you have followed it you will probably understand what I mean.... if you havn't seen it you may want to take a read through to understand what I am saying here.
The point I made, "If you don't know what security is all about, go learn, while you learn hire an administartor... there are plenty about."
You said that suprised you, as I said above, dont think it was offensive in any way, or somehow "bashing" you, i'll go over what I said to hopefully clear that up for you..
Whether you want to have a systems admin or not.. you always have 3 options if you dont know much about administration in general yourself... the 3 options are
1) Learn To adminster systems yourself (doesn't happen overnight..)
2) Hire a systems administrator
3) Ignore the security and other forms of administartion, and remain vulnerable
At the moment it appears you are (3) but trying to (1) by using bits of advice from (2)
The problem being you *cannot* mix options 1 and 3... they do not work with each other, you need to make the decision of:
*1 - (1) (and stay vulnerable until you learn and have secured your system well)
*2 - (1) and temporarily get (2) while you are learning.
*3 - Change your mind and just go for (2)
*4 - Take the easy and cheap option, (3)
*2 is the best option in the long run, providing you want that extra knowledge and the lower cost yourself (since you dont hire anyone, the only costs are the learning)
Option *1 is similar to *2, the difference being until you have learnt what you need the system remains vulnerable... I made the point clearly above - learning how to administer and secure a system does not happen overnight.
If you dont want the knowledge yourself, or dont have the time etc... option *3 generally works..... pay for a professional to keep your system updated and secure over the month.
My comment for option *4 would invalidate what I stated in the first line of this message
Hope this helps you and your client, and puts you in the right direction for your systems after this time