Slashdot Mirror
What To Do If Linux Sneaks Onto Your Network
BrentN writes: "Network World is running an article on how IT managers should deal with Linux "sneaking in" to their networks, or more precisely, being surreptitiously installed on workstations on their network. Opinions of the IT managers they interview range from 'Reformat the hard drive and fire the person who installed that renegade operating system' to 'Don't ask, don't tell.' The article's author (rightly) points out that this is probably an unstoppable phenomenon."
Fade in on IT Department..
A computer starts beeping and the operator looks at it with shock. He stands up and runs over to his supervisor to whisper a few words.
The supervisor runs toward the middle of the room and gets everyone attention..
"Break out the NT CDs! Bring our Exchange server online! Get those Bill Borgs out here in five minutes!"
There is a dramatic pause as the supervisor mutters in a low, gravelly voice.
"Someone's installing Linux on the network."
What has slashdot come to when the post stories who sources are freaking net-admins for publics schools. ""Destroy their servers and fire them," says Jeff Shapiro, director of technology for the Kingsport, Tenn., public schools." You've got to be kidding me. What power does this guy have. Just because he controls 50 Windows boxes in some lame Novell network in Bumsville, Idaho doesn't mean his opinion has any crediblity or is slashdot worthy.
int func(int a);
func((b += 3, b));
I'd also address why they hadn't felt comfortable talking to me about it. Communication problems can bite you in the ass later on. Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board.
Write a gratuitously inflammatory story about Linux and submit it to Slashdot. Make sure your servers can take the load, though.
That said, there's no reason to actually take steps to see if Linux can be installed on a box. Write your IT department or supervisior, explain what benefits you *and* the company will get from installing Linux on that one machine. Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure. The latter point is probably most important; your job will be riding on the security of that box, so *you* need to be willing to take the risk and responsibilty to lock it down to the best of your ability. (This brings up the point how much more secure a well-maintained linux box is even compared to a expert NT person -- but you need to define how secure is secure.)
If they don't agree, then there's probably no reason to stay at that company, if they don't understand why different people need different tools to work. Particually if they are in the IT business.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
I respectfully disagree. I happen to believe that the VAST majority of today's Linux users are indeed less than skillful at administering Unix. Inept, if I may say so.
I see it everyday. People who claim to be Linux masters because they've been using this lesser-known distro for so many months/years.
And then I watch them login to their home machine (using telnet no less).
And this is one of the brighter ones who knew to disable remote logins by root. It scares the hell out of me thinking that these people consider themselves knowledgeable. The problem is that these are the people who will go around installing Linux overtop of Windows machines at work without asking because they presume that the sysadmin doesn't know how or (even worse) they believe that they don't need to ask permission.
An intelligent, well-informed Linux user will understand that control over what is deployed on a network is not just a luxury for a sysadmin. He will understand that he's treading on somebody else's toes by installing another OS where it shouldn't be.
For one thing, it's called common courtesy. For another, it's common sense. Unless your job is to maintain the workstation you're given, what the hell right do you have to mess with it? It's a tool, supplied to you by your employer in order for you to perform your work, not a God-given right.
I feel bad ranting like this, because I know there are some very knowledgeable people out there who are locked in by some short-sighted contract signed by even more short-sighted managers. But the reality is that it's not your call. Installing Linux without permission isn't going to help the cause 99% of the time.
--
Really though, this is just one more piece of software that people are bringing in from home because of a personal preference. In my last company we had people bring in copies of Corel Office suite because they were sick of Word crashing on them so much. We install Netscape on all of the computers we deploy so people can make a choice, and generally make it so that the employees can be the most productive.
Besides, at least Linux is free... How many rogue copies of Quake do you have running around in your company? Most places have at least one guy who has the quake cd sitting in their desk, to be passed around when new people come in or computers get moved around ;)
"Well kids, you tried your best, and you failed. The lesson is, never try." -Homer Simpson
I'm speaking here with my IT manager hat on, not my Linux geek hat in order to provide a little perspective. We don't hate Linux - in fact, probably the majority of us have a favorable opinion of Linux, too. Some of us even use it in our home/hobby lives, like I do (and have been since '94).
.exe files that people e-mail to each other? We block them at the SMTP gateway. Yes, we're pains in the ass about it, but we have a stable network with very little downtime - and when the latest .VBS virus goes sweeping the Net we're safely locked away with no downtime. On the other hand, we don't filter or monitor e-mail content or web sites. We don't care about speech at my company (which a lot of companies restrict), just reliability and safety.
The problem we have is with unauthorized anything on our networks, not just Linux. You see, planning and running the corporate network is what we're paid to do. In most structured environments, nothing gets installed without IT's thumbs-up. Period. The business (and our jobs) depends on the network's being as stable and predictable as possible, and even though Linux is wonderful stuff, workers are required to use what the company provides because we know it. It's not just Linux that can get a worker fired at my shop. It's any software that didn't come in through our department's OK. And all those cute little
That's an important distinction. Some IT folks just reflexively hate that which they do not know. That's the wrong way to go about their job, but it covers the butt well. My attitude (and our policies are derived from it) is that the company provides the PC, so we get to decide what it runs, based on what you need to do your work. You don't get to decide unilaterally what runs on it - we do.
However, we're not entirely closed off to running "other" things or operating systems. If someone came to us and had a reason they needed Linux to do their job instead of NT, I'd test to make sure it didn't interfere with anything else on the LAN (like a misconfigured Samba could), and they'd get their Linux after we tested it. But the important point here is that we are flexible, provided you follow the "right way" of making sure your software is OK. When people do that, and give us the chance to test things, we approve things unless we find a specific technical reason not to.
But if someday Linux became our standard desktop OS at my company, you know what? We'd fire people who used Windows without authorization. Wouldn't that be an interesting turnabout?
- -Josh Turiel
-- Josh Turiel
"2. Do not eat iPod Shuffle."
In fact, at several companies I worked for, where Linux was definitely disapproved and IT was pissed off that I was running it, if the IT manager had pulled the stunt suggested by that quote (reformatting my hard drive), I likely could have gotten the IT manager fired, since I could have easily shown that such an act resulted in the destruction of valuable company property.
A good IT manager does not view the users as the enemy. If an employee is running an unapproved operating system (or any unapproved software), but does not cause a disruption for anyone else, a good IT manager will let that employee (and perhaps his or her manager) know that he can't expect any support out of IT, but that as long as he doesn't cause problems he can keep running it. If the employee's use of unapproved software does cause problems, or prevents that employee or other employees from doing their jobs effectively, then IT can get the employee's manager to intervene.
At one company I've worked for, every time anything went wrong on the network, IT tried to blame it on my machine, but in every case it was in fact determined to be a configuration error on their NT servers. For instance, at one point my machine was getting the same IP address as someone else's, so neither of us could use the network. IT claimed that the DHCP client in Red Hat Linux was broken, and assigned me a static IP address (becase they knew my manager wouldn't let them force me to run Windows). Afterwards, however, the same problem occurred with other people who were only running Windows. It turns out that in the interest of redundancy they were running two DHCP servers, but they were serving up overlapping ranges of IP addresses.
Then, months later, another IP address conflict occurred between my machine and a Windows machine. They were all set to blame Linux again, when I found out that they had expanded the DHCP pool to include several previously assigned static IP addresses.
After that they seemed to realize that I knew what I was doing, and that rather than trying to blame me for network problems, they should have me help out.
There once was a man from IT
Linux sneak'd to his desktop PC
The OS, not supported
His boss so purported:
"You're fired, we run FreeBSD!"
What all this comes down to is that IS in some organizations (like "Mr. 'Destroy their servers and fire them'," a top flight CIO from a Tennessee school district) is on a power trip.
As someone here pointed out, the glass house saw PC's as a threat to their power base, and IT created policies against them. They're doing the same thing with Linux--it's something they don't understand, don't want to learn, that cuts into their power base.
The article chronicles Netware sneaking in when mainframes dominated. Then NT slithering in when Novell dominated. Now Linux is permeating (currently) NT dominated shops.
Anyone else see a pattern here? Ultimately, Linux, FreeBSD, or other open source tools will come to dominate because they meet the needs of the organization.
Just like computing managers saying things like "PC's are just a fad, big iron and dumb terminals are where it's at" adapted or left, those saying "Linux is non-standard, unauthorized, and a fireable offense" won't be able to stay in denial forever.