I find it to not be of concern. I would never have it happen, because it's a bizarre and problematic way to handle internal DNS. But anyone who can exploit private IP mapping can figure it out without DNS in the first place. So I see no reason to want to hide it.

@IRJ said in Doublecheck the Security of Your Linux:

Just a couple notes from the article:

You cannot set a bootloader password for AWS or other cloud services

Apt Armor is specific to Ubuntu / Debian. SELinux is used on RHEL / CentOS / Fedora

AppArmor is default on SUSE as well. And you can run SELinux on Debian / Ubuntu if you want.

BTW, AppArmor just replaced SELinux as default on Debian 10. So that was only a couple of months ago.

@scottalanmiller said in Cyber Security queries:

@pmoncho said in Cyber Security queries:

@IRJ said in Cyber Security queries:

@scottalanmiller said in Cyber Security queries:

@maximus said in Cyber Security queries:

Someone told me that his friend's kid got USD 130K job out of college as Cyber Security. Is that true?

Sure. $130K is good, but not crazy. And right now, a lot of security jobs are nonsensical. It's reasonable.

But someone dedicated might make even more, without going to school, sooner. So think of it in the broad scope.

Even in states like NY and CT I was seeing salaries around $150k for security engineer level positions. Down in FL, I was seeing mostly $110-130k, but again these are engineer level. I really only looked at the east coast during my search. Not sure about the rest of US.

What do the weekly hours look like for those kinds of salaries? I don't know anyone in that type of situation.

Normal. Standard professional days. Security positions are the same as engineering positions - just standard office hours.

Unless it's a SOC position then it becomes a 24x7 filled position. You may handle it in house or outsource for SOC.

Then there is GRC which is kind of mix between security and compliance. That is also standard working hours