My exact thoughts. While I'm not the admin for the contract site I'm on, the security is so bad that I've made a point of it when people complain about what are really security issues. If these folks were paranoid -- and they should be -- I would not be so forward. They really don't get it, and don't care unless it impacts daily work so I'm not in CYA mode, and am instead dropping suggestions; "You know, if we did ______, that wouldn't be a problem".
The value of individual login IDs for tracking changes on the network, plus using moderately secure passwords (and NOT SHARING THEM!) is my next minor crusade. People are starting to understand, though oh so slowly.
Anything more complex is not on the radar...though I'm working on it and have gotten positive support.
I haven't had availability issues caused by the volume of spam, and integrity of data isn't compromised. Maybe you have, I haven't!
DDoS is a security issue -- spam or no spam. The number and bulk of messages sent to the mail servers I deal with are legitimate and the excess of spam is manageable though annoying so it does not rise to the level of a DoS though if you want to push it it is theft.
Under 'Computer Management' they mention locking down local user's machines so that they can't install software. I'd hope that none of you admins out there have to be told this. At a bare minimum, I lock down all systems as much as possible and loosen that restriction as needed. The alternitive is to monitor each machine daily or weekly to know what needs support and that's just too time consuming. If a specific app or applet is high demand, it's standardized; sit down anywhere, and you'll get the app.
Personal firewalls; yes more people will use them. In some cases, they will be important, though the rules of if it isn't running it can't be exploited and less is more are much more effective on an intranet. Firewalls add management issues that can be avoided with careful use of tools like Nessus to audit your network. That said, limited and careful of local firewalls is a good idea if you've already taken the proper steps and the user has an identifiable need.
Why is spam even on the list? Yes, it's annoying and a big waste of time dealing with. Spam is an abuse of resources, so if you consider any abuse a security issue, then pop-up and flash adds can also be considered security issues because they consume excessive network bandwith too.
Spammers exploiting systems to relay spam is a security issue. Spammers sending viruses is a security issue. Other abuses by spammers are potential security issues. T'hh-i.s i_s n,o.t, and neither is spam in general!
Spam is in it's own category of abuse, and I'm all for sending out thugs with hammers to get these bastards to stop. Don't clutter security concerns with this dreck. Keep focused Computerworld!
You can use Outlook, with all it's crunchy features, with the available Exchange replacements.
There are a few dozen of them, about half a dozen are serious, and typically they sell for much less than what Exchange costs or a little below what an Exchange upgrade costs. This is true for almost any number of seats, though the savings are much higer on the top end. Some run on Z series mainframes, though most run on much more modest hardware.
None I know of are 100% free (as in gratas) but most are based on open source programs, so adapting them (even if to stick filters in somewhere along the path) is simple.
A few months ago, I did some research and SuSE's (can't remember the name) and Byarni come to mind as good ones. Folks seemed to be largely happy with these two, though do your own research.
If you really do want to phase MS out -- or have it as an option -- start at the application level and don't use Exchange (even if folks are hung up on using Outlook).
Re:Some of the early plans are a bit out there
on
Dreams of the Moon
·
· Score: 2, Funny
Can I accept it on behalf of someone else? I have a small list of people I'd like to volunteer;)
Do we have to send them supplies? With budget cuts and all, of course.
I've had OK experiences with Dell support, though usually it's only to report known-defective hardware and to ask for someone to drop off a replacement. Not a big network of Dell systems, and there were quite a few spare systems as replacements; swap and drop when something went wrong.
Its just nullified my entire job by saying all I do is a waste of time.
Well, some (many? most?) admins could work more effeciently. I'm helping one company now automate as much as possible, focusing on deployment issues.
The second stage is to take that freed-up time and actually monitor the network for problems instead of the current react when someone complains model. (6 months ago, everyone used "administrator" and no password. Now, things are better but not by much and it's not organized.)
Do you people who know car mechanics intimately get the same kind of fixit requests from family?
I know some lawyers (one friend from childhood, another a brother-in-law) and I know each would help me with legal matters if I asked. I haven't asked, and I am sure that they wouldn't want to spend a couple hours a month helping me with what they do professionally; it would get old real fast.
3. I wrote that Linux would continue to give Microsoft fits (that's true) and that Microsoft would be forced to compete on quality.
Pick a low quality (costly) product. It comes under pressure from a free high quality product. The low quality (costly) product comes under pressure. A 3rd grade kid could draw that line of reasoning.
You would think that, though my managers still think OSS isn't ready for prime time. Most don't realize that Apache, Tomcat, and a variety of other pieces used on our 'flagship product' (don't ask...) are OSS! The looks and speachlessness that occurs when I point this out is amazing. They really don't get it...and these are the smart people.
Bah, if SCO wins -- and I am sooo worried about that!:/ -- they will be counter-sued into oblivion. It's already happening to some extent.
Any attempts to stifle Linux that causes corporations pain would be like dealing with the alcoholic drink manufacturers...you could only go so far before repeal (in the form of a successful counter suit).
Linux is too necessary now to be substantially dammaged; it is like a tribe of 600lb gorrillas going through weight training and protien packs. Groups of 800lb gorrillas is an eventual result. Besides, they are so cute when they are young (2003 'photo' of the next generation).
Uh, well if it were one rude tech, blame the tech.
I used to blaim the person, now I put most of the blaim where it belongs on the manager (and the manager's manager...).
Someone wasn't watching that one tech, or encouraged them to act that way (either through example or by not supporting or overburdening the tech). Most nasty people can be nice if the environment is right...and those who can't shouldn't be talking to the public and (preferred) employed where they can influence others to do the wrong thing.
If you have constant experiences of rudeness then its managements fault for hiring such people. Screw me once, its your fault, screw me twice its my fault.
I give them 2 chances, and sometimes even try different routes, though the first bad experience means the corp. has to work up from failure.
Having had worked in a tech support department, I found that 1/5 customers will be impossible to help because of the customer's own attitude. I keep this in mind to make sure that I don't come across as that 20%.
I haven't mentioned it yet, though here's something to watch out for:
There is a tendency to think that the *next* person to help will be helpful, so most folks get snippy early and nice later (or even rant about the earlier support person). This is wrong since the chance that you are going to get the same @$$$ or moron repackaged in another body is high -- I'd even say inevitable -- if you've already talked to one.
Be insistant but nice to everyone, and let them make asses or morons of themselves; you can't stop them anyway, and you might get a shred of what you want (or need) at some point...though there are times to give up.
The SEC has corporate listings for giving a company a last chance; write directly to the executives and see if they have a shred of interest in how you were treated. This works amazingly well, though I'd document everything that wasn't done or was done wrong before using this tactic.
In the game Savage, some spammer thought it would be cute to use the voting system to spam us. He didn't last long (another vote kicked him from the game).
Keep in mind that expensive (for a manufacturer) is not the same for individuals. The per-unit cost for a hardware MP3 decoder of commercial software is seventy five cents (USD).
Personally, I'd be fine with an OGG + FLAC only portable player though a buck isn't going to make or break my decision on what player to get. I won't consider one that does not support OGG and (as a bonus) FLAC, though, as these are the important codecs for me.
I decided Gateway as a company really sucks and it must be their company culture that drives everyone to be so generally bitter and evil.
This is the right attitude. In the moment, I'll get pi$$ed, though my anger is focused up the management chain; they have failed. It's the responsibility of the CEO to hire and support his upper managers...and for them to support those who report to them...and so on. If anyone snaps at me. I blaim the manager not the person in front of me.
It should be harmless to strip all the attributes, they will be recreated (the only harm is that things slow down). And file transmission protocols should be unable to send attributes, to enforce their use as a cache-only mechanism.
Meta data (what you're talking about) isn't internal to a file. It gets stripped, and it's gone.
The 'magic' (what Unix file uses to determine what a file is) is not perfect so it can't be used as a way to reliabally recreate all attributes and meta data.
Apache, btw, DOES send attributes. Unfortunately, IIS is not as reliable and IE has had many problems ignoring anything but the file extention. It is entirely appropriate to have a web page named "bigpage" and graphics files named "background.zip", "help.button", and "home.is.where.the.heart.is" -- and have Apache report them as HTML, BMP, GIF, and PNG (respectively).
Slashdot Mirror
Good troll!
- Metrics? For representing date information? Are you out of your fucking mind?
Oh, sorry, I ment "Like the metric system"....erm...HEY! That's the title of my post! Would you look at that!
...and, HEY! I'm an Amercian of the U-S-A veriety too! Wow! Amazing!
Knoppix uses the Kudzu libs to do hardware detection; the same as Red Hat Linux and Fedora.
I'd love to use that, though in the US people can't seem to grasp the concept...as easy as it actually is.
My exact thoughts. While I'm not the admin for the contract site I'm on, the security is so bad that I've made a point of it when people complain about what are really security issues. If these folks were paranoid -- and they should be -- I would not be so forward. They really don't get it, and don't care unless it impacts daily work so I'm not in CYA mode, and am instead dropping suggestions; "You know, if we did ______, that wouldn't be a problem".
The value of individual login IDs for tracking changes on the network, plus using moderately secure passwords (and NOT SHARING THEM!) is my next minor crusade. People are starting to understand, though oh so slowly.
Anything more complex is not on the radar...though I'm working on it and have gotten positive support.
I like that idea...not very portable, but effective.
Drink water before you go to bed. After a while, you will wake up alarm or no alarm!
I know what you ment and the spirit that it was offered. Good post.
DDoS is a security issue -- spam or no spam. The number and bulk of messages sent to the mail servers I deal with are legitimate and the excess of spam is manageable though annoying so it does not rise to the level of a DoS though if you want to push it it is theft.
Personal firewalls; yes more people will use them. In some cases, they will be important, though the rules of if it isn't running it can't be exploited and less is more are much more effective on an intranet. Firewalls add management issues that can be avoided with careful use of tools like Nessus to audit your network. That said, limited and careful of local firewalls is a good idea if you've already taken the proper steps and the user has an identifiable need.
Spammers exploiting systems to relay spam is a security issue. Spammers sending viruses is a security issue. Other abuses by spammers are potential security issues. T'hh-i.s i_s n,o.t, and neither is spam in general!
Spam is in it's own category of abuse, and I'm all for sending out thugs with hammers to get these bastards to stop. Don't clutter security concerns with this dreck. Keep focused Computerworld!
There are a few dozen of them, about half a dozen are serious, and typically they sell for much less than what Exchange costs or a little below what an Exchange upgrade costs. This is true for almost any number of seats, though the savings are much higer on the top end. Some run on Z series mainframes, though most run on much more modest hardware.
None I know of are 100% free (as in gratas) but most are based on open source programs, so adapting them (even if to stick filters in somewhere along the path) is simple.
A few months ago, I did some research and SuSE's (can't remember the name) and Byarni come to mind as good ones. Folks seemed to be largely happy with these two, though do your own research.
If you really do want to phase MS out -- or have it as an option -- start at the application level and don't use Exchange (even if folks are hung up on using Outlook).
Do we have to send them supplies? With budget cuts and all, of course.
I've had OK experiences with Dell support, though usually it's only to report known-defective hardware and to ask for someone to drop off a replacement. Not a big network of Dell systems, and there were quite a few spare systems as replacements; swap and drop when something went wrong.
Well, some (many? most?) admins could work more effeciently. I'm helping one company now automate as much as possible, focusing on deployment issues.
The second stage is to take that freed-up time and actually monitor the network for problems instead of the current react when someone complains model. (6 months ago, everyone used "administrator" and no password. Now, things are better but not by much and it's not organized.)
I know some lawyers (one friend from childhood, another a brother-in-law) and I know each would help me with legal matters if I asked. I haven't asked, and I am sure that they wouldn't want to spend a couple hours a month helping me with what they do professionally; it would get old real fast.
Pick a low quality (costly) product. It comes under pressure from a free high quality product. The low quality (costly) product comes under pressure. A 3rd grade kid could draw that line of reasoning.
You would think that, though my managers still think OSS isn't ready for prime time. Most don't realize that Apache, Tomcat, and a variety of other pieces used on our 'flagship product' (don't ask...) are OSS! The looks and speachlessness that occurs when I point this out is amazing. They really don't get it...and these are the smart people.
Any attempts to stifle Linux that causes corporations pain would be like dealing with the alcoholic drink manufacturers...you could only go so far before repeal (in the form of a successful counter suit).
Linux is too necessary now to be substantially dammaged; it is like a tribe of 600lb gorrillas going through weight training and protien packs. Groups of 800lb gorrillas is an eventual result. Besides, they are so cute when they are young (2003 'photo' of the next generation).
I used to blaim the person, now I put most of the blaim where it belongs on the manager (and the manager's manager...).
Someone wasn't watching that one tech, or encouraged them to act that way (either through example or by not supporting or overburdening the tech). Most nasty people can be nice if the environment is right...and those who can't shouldn't be talking to the public and (preferred) employed where they can influence others to do the wrong thing.
I give them 2 chances, and sometimes even try different routes, though the first bad experience means the corp. has to work up from failure.
Having had worked in a tech support department, I found that 1/5 customers will be impossible to help because of the customer's own attitude. I keep this in mind to make sure that I don't come across as that 20%.
I haven't mentioned it yet, though here's something to watch out for:
Be insistant but nice to everyone, and let them make asses or morons of themselves; you can't stop them anyway, and you might get a shred of what you want (or need) at some point...though there are times to give up.
The SEC has corporate listings for giving a company a last chance; write directly to the executives and see if they have a shred of interest in how you were treated. This works amazingly well, though I'd document everything that wasn't done or was done wrong before using this tactic.
A bad sign for 2004?
Keep in mind that expensive (for a manufacturer) is not the same for individuals. The per-unit cost for a hardware MP3 decoder of commercial software is seventy five cents (USD) .
Personally, I'd be fine with an OGG + FLAC only portable player though a buck isn't going to make or break my decision on what player to get. I won't consider one that does not support OGG and (as a bonus) FLAC, though, as these are the important codecs for me.
Most don't buy digital players either. (But I do...)
This is the right attitude. In the moment, I'll get pi$$ed, though my anger is focused up the management chain; they have failed. It's the responsibility of the CEO to hire and support his upper managers...and for them to support those who report to them...and so on. If anyone snaps at me. I blaim the manager not the person in front of me.
Meta data (what you're talking about) isn't internal to a file. It gets stripped, and it's gone.
The 'magic' (what Unix file uses to determine what a file is) is not perfect so it can't be used as a way to reliabally recreate all attributes and meta data.
Apache, btw, DOES send attributes. Unfortunately, IIS is not as reliable and IE has had many problems ignoring anything but the file extention. It is entirely appropriate to have a web page named "bigpage" and graphics files named "background.zip", "help.button", and "home.is.where.the.heart.is" -- and have Apache report them as HTML, BMP, GIF, and PNG (respectively).