Attackers are said to be targeting children leaving school to rob them of study material, as reported by allAfrica.com

The school has put in place preventive measures to ensure that people who loiter around the school premises to seize textbooks from pupils returning from school are put to shame.

Apart from making sure that guards at the entrance to the school compound are on constant lookout for people loitering around the fence, school authorities have also put in place a system whereby stationery and textbooks of all pupils are kept in school.

I hate to ask this but is there any chance this is a conspiracy by the children to reduce their study time outside the school? It’s not the dog-ate-my-homework story but rather the thieves lurking outside have stolen everything, even the textbook, so I can’t even continue this class story. Perhaps there are textbook shortages and an underground market for used copies, but are students really going to resist having their homework stolen?

Can there be a single absolute answer to the question of where security should sit within an organization? Take the following as a perfect example of how opinions can sway.

First, you have the argument from an expert on security and networking that VMware is not in the security or networking business.

VMware is not a security or networking company and ignoring the fact that big companies with decades of security and networking products are not simply going to fade away is silly.

He seems to say that security is not just going to move away from where it has been established.

Second, you have an expert tweeting the “biggest change” is that security will move away from security organizations.

Want an example of the biggest change in security that is making the most impact? Moving security away from security orgs. See virt/cloud

This could be an interesting debate if only it were not the same person saying both things.

The answer to the question of where security fits for virtualization is really that it depends. I see security run from many different organizations and there has never been a single best-fit for everyone. Some companies I work with have never moved security to a security organization and probably never will.

Those who chose to create a dedicated security group cited things like the complexity of work as well as the need for operational and investigative independence. Complexity can be a lesser concern through the initial phases of emerging technology (fewer capabilities, fewer products for virtualization control) but conflict-of-interest and independence always remain a factor.

virtuallyGhetto has posted a detailed guide with scripts for monitoring superuser access to ESXi 5.0.

Now that we have identified the particular event we are interested in, we simply just create a new custom alarm that monitors for this event and ensure that “userName” property matches “root” as the user we are trying to alarm on. I wrote a vSphere SDK for Perl script called monitorUserLoginAlarm.pl that can be used to create an alarm on any particular user login.

The script requires only two parameters: alarmname (name of the vCenter alarm) and user (username to alarm on).

[…]

Note: The alarm action is currently to alert within vCenter, if you would like it to perform other operations such as sending an email or an SNMP trap, you can edit the alarm after it has been created by the script.