So I would say that you should either create MSI packages of OpenOffice and FireFox (and of course, whatever other FOSS apps you want to use), then deploy via GPO, or perhaps consider using SMS for app deployment.
I know that my last two assignments have been large organizations and both have used SMS.
You said properly configured, which is exactly WTF I was talking about. Joe sixpack doesn't care if it is or not. Neither does MSFT for that matter, or they would do it.
Also, you fail to even acknowledge the fact that a virus executed on a "standard" Windows install will cripple the entire machine. Most likely forcing either a repair (if that's possible), or a restore from factory CDs.
I point out again...that wouldn't happen on a non Windows machine.
While that is true to some extent, based on your example, what would happen if a standard Linux user were to execute that file? (assuming of course one like that were written for Linux)
At most, it would wipe out their home directory. Not bring the entire machine, and all users on it down.
Tha's the issue I have. Focus more on getting people to do things right, instead of just defaulting immediately to the most risky settings.
Make sure that if a user doesn't create and use a standard account, that there are loud glaring warnings regarding what may result.
No.
It's more like the doctor exposing you to several deadly viruses/bacteria and then charging you an annual fee to give you perscription drugs that will cure the ailments.
I don't think it's just web site stuff.
I think it's attacks period.
LogWatch is constantly telling me that people are trying to break into my servers via sshd or via ftpd.
The really sorry part is that since most of them take place from outside the US, I dont even bother to report it, since the ISPs wont do anything about it.
95% of the time, the ones promising delivery dates aren't even TALKING to the IT staff to find out if it's even possible before making promises.
Errr....Not that it happens where I work or anything...wait, today is my last day, what the hell do I care....that's ALWAYS how it happens around here.
Some PHB who doesn't even understand the technology promises it can be delivered in 30 days. Nevermind that we can't even get the equipment in 30 days. Then IT is made to look like "the bad guys" [tm] because we didn't deliver on time.
Not only that, but you reduce the amount of weight you're carrying in rations, which could then be replaced with additional water equal to the lost food weight.
Agreed. I've met his type before. They're the worst type of prick imaginable. They expect you to work 60 hour weeks...look at you like you have a penis growing out of your forehead if you leave before 7PM...the list goes on.
Bottom line...fuck them. Start looking for new employment now before you're on stress medication to keep from beating that guy with a bat in the parking lot after hours.
We're going through some of that where I work now. They said they are evaluating our on call pay for carrying a pager. I said "Evaluate all you want...the minute you take away the pay, I'll be turning in the pager."
NOTE: When we're on call we're expected to be available 24/7, within 50mi of the office, and have our laptop on us whenever we're away from the office. For those kind of restrictions, pay isn't a nice thing to have, it's a requirement in my book.
I agree with your first point, in that, everything has it's place.
The only thing I would say regarding your second point is that, as other posters have mentioned, if that MSFT $ is keeping the business going, theoretically, they could threaten to yank it if they don't run more "pro MSFT" content.
You are correct though that purchasing ad space shouldn't entitle them to any say over the directon of the website.
Sun isn't saying "Don't use Linux". In fact, if you want Linux, you can get it on Sun (X86) hardware.
Sun is also producing turn key Linux cluster solutions for pharmaceutical companies. How does that say "don't use Linux"?
I think you're getting the wrong message. The message is, we've always prided ourselves on our committment to open standards and open source, and that trend will continue with Solaris.
I for one don't see anything bad coming from that.
Another thing these are useful for, is tracking down hardware/software that's acting up.
Example: One the rare occasion that you have a switch software problem (such as contention for which switch is the primary and which is the failover) and you suddenly seem to have intermittent network connectivity, using a sniffer will show a huge number of Cisco HSRP packets flying back and forth. That's a good clue to start looking at the switches and see what's going wrong.
I use Nvidia because IMO, their drivers are much easier to get running under Linux and have excellent graphics under both Windows and Linux.
I recently swapped from an ATI Radeon 9000M to a GeForce 4 Go in my Inspiron 8200. Took me about the same amount of time to update drivers on Linux as it did on WIndows.
It's not as though Linux or the BSDs have never had one.
At this point it becomes a matter of "how much do I trust the users on my systems?". Since none of my boxes are exposed to the public, and all my users are known/trusted employees, I can't say that this is really that big of a deal.
Don't think I won't be patching it, all I'm saying is that the mere fact that the machine is powered on and connected to a network doesn't mean it's going to be 0wn3d.
Save your energy/bashing for the next Windows worm that comes along that doesn't require having an account on the machine to break in.
Slashdot Mirror
I know that my last two assignments have been large organizations and both have used SMS.
You said properly configured, which is exactly WTF I was talking about. Joe sixpack doesn't care if it is or not. Neither does MSFT for that matter, or they would do it.
Also, you fail to even acknowledge the fact that a virus executed on a "standard" Windows install will cripple the entire machine. Most likely forcing either a repair (if that's possible), or a restore from factory CDs.
I point out again...that wouldn't happen on a non Windows machine.
While that is true to some extent, based on your example, what would happen if a standard Linux user were to execute that file? (assuming of course one like that were written for Linux)
At most, it would wipe out their home directory. Not bring the entire machine, and all users on it down.
Tha's the issue I have. Focus more on getting people to do things right, instead of just defaulting immediately to the most risky settings.
Make sure that if a user doesn't create and use a standard account, that there are loud glaring warnings regarding what may result.
No.
It's more like the doctor exposing you to several deadly viruses/bacteria and then charging you an annual fee to give you perscription drugs that will cure the ailments.
It depends for me...
If it's a US based IP, and has a LOT of failed attempts, I report it.
I don't think it's just web site stuff.
I think it's attacks period.
LogWatch is constantly telling me that people are trying to break into my servers via sshd or via ftpd.
The really sorry part is that since most of them take place from outside the US, I dont even bother to report it, since the ISPs wont do anything about it.
Really I do...
But DAMMMIT!!! They have got to start keeping these people on mahogany row quiet.
That seems to be Sun's biggest problem at the moment. Allowing these people to just shoot from the hip in public.
It really turns a lot of people in the open source community away from what is actually a very open source friendly vendor.
95% of the time, the ones promising delivery dates aren't even TALKING to the IT staff to find out if it's even possible before making promises.
Errr....Not that it happens where I work or anything...wait, today is my last day, what the hell do I care....that's ALWAYS how it happens around here.
Some PHB who doesn't even understand the technology promises it can be delivered in 30 days. Nevermind that we can't even get the equipment in 30 days. Then IT is made to look like "the bad guys" [tm] because we didn't deliver on time.
It's nonsense like this that causes retarded rules like the one causing me to leave my current contract.
Bottom line, if you sign up to do the job, then do it, and move on. Don't sue because you're jealous. That just ruins it for the rest of us.
Not only that, but you reduce the amount of weight you're carrying in rations, which could then be replaced with additional water equal to the lost food weight.
Agreed. I've met his type before. They're the worst type of prick imaginable. They expect you to work 60 hour weeks...look at you like you have a penis growing out of your forehead if you leave before 7PM...the list goes on.
Bottom line...fuck them. Start looking for new employment now before you're on stress medication to keep from beating that guy with a bat in the parking lot after hours.
We're going through some of that where I work now. They said they are evaluating our on call pay for carrying a pager. I said "Evaluate all you want...the minute you take away the pay, I'll be turning in the pager."
NOTE: When we're on call we're expected to be available 24/7, within 50mi of the office, and have our laptop on us whenever we're away from the office. For those kind of restrictions, pay isn't a nice thing to have, it's a requirement in my book.
Crushing by Slashdot. ;)
Purely in the interest of "research" of course. ;)
Look at it like this...Doctors, Lawyers, Accountants, etc, all have to pass some exam to become certified.
Does that mean they're all knowing? Of course not. You still have to shop around for a good doctor, accountant, or lawyer.
IT certs are no different.
erm...No thanks. I'd rather poke my eyeballs out with rusty paperclips.
That's a good point.
I actually write "ASK FOR PHOTO ID" on the back of my cards. Only about 50% actually do it.
Once IBM's lawyers get through with the Prison Style [tm] gang rape of SCO, then Sun can open source Solaris.
Course I could be wrong...maybe the original AT&T contracts have some wording in there about things like this.
The only thing I would say regarding your second point is that, as other posters have mentioned, if that MSFT $ is keeping the business going, theoretically, they could threaten to yank it if they don't run more "pro MSFT" content.
You are correct though that purchasing ad space shouldn't entitle them to any say over the directon of the website.
Sun is also producing turn key Linux cluster solutions for pharmaceutical companies. How does that say "don't use Linux"?
I think you're getting the wrong message. The message is, we've always prided ourselves on our committment to open standards and open source, and that trend will continue with Solaris.
I for one don't see anything bad coming from that.
But I do know that gaim was placed on our SMS remove list, along with all the other popular multi-protocol clients. :(
I know we don't block the firewall for these applications, however, SMS will uninstall them if detected on your PC when you logon.
That means P2P is out, and IM is out except any of the web based IM such as AIM express etc...
The application people just have to keep on top of what P2P and IM applications are out there so they can add "definitions" for SMS to look for.
Example: One the rare occasion that you have a switch software problem (such as contention for which switch is the primary and which is the failover) and you suddenly seem to have intermittent network connectivity, using a sniffer will show a huge number of Cisco HSRP packets flying back and forth. That's a good clue to start looking at the switches and see what's going wrong.
That's a fate generally reserved for web servers containing articles which get posted on /. :)
I recently swapped from an ATI Radeon 9000M to a GeForce 4 Go in my Inspiron 8200. Took me about the same amount of time to update drivers on Linux as it did on WIndows.
That's just me...YMMV
It's not as though Linux or the BSDs have never had one.
At this point it becomes a matter of "how much do I trust the users on my systems?". Since none of my boxes are exposed to the public, and all my users are known/trusted employees, I can't say that this is really that big of a deal.
Don't think I won't be patching it, all I'm saying is that the mere fact that the machine is powered on and connected to a network doesn't mean it's going to be 0wn3d.
Save your energy/bashing for the next Windows worm that comes along that doesn't require having an account on the machine to break in.