Security Policies Let us praise, slay, and bury security policies together. A security policy is perhaps the best way to deal with the security monster. It concerns itself with business and organizational issues, and is designed to assist the organization succeed in spite of human nature. I sometimes not-so-glibly say that a security policy is simply an expression of your desire. What do you want to see within your organization […]
I wrote this while I was at my company Elemental, and was meant for engineers to implement, so despite some of the very specific language for implementation purposes it was never meant to be dogmatic. I love the idea of calculating value based on… not much. I don’t know how accurate it is, but I can say that when run on systems (just before Elemental spontaneously combusted) it produced some really cool […]
Well, not really. Actually I.tar.gz. In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I guess I’m testing your readiness. The programs are pretty heavily commented, especially ipmifreely.py, so […]