Paul,
I sympathize with ya man. I know that the clean-up work can be a real
headache. Good luck on that.
With regards to your TCO, imagine if you had to make a switch to an OS that
you're not savvy on. Lets assume that you're a Linux newbie. Lets go through
the steps:
1) Ensure that your hardware is compatible w/ the distro you're using. If
not, swap out hardware ($$$).
2) Install the distro. If you don't know how, hire a consultant ($$$).
3) Fortify your installation. Turn off services. Close ports. et al. If you
don't know how, hire a consultant ($$$).
4) Install ColdFusion for Linux. If you don't know how, hire a consultant
($$$).
5) Migrate your apps over and hope they work the same way. If not, start
modifying code ($$$). If you need help on OS specifics you don't know how,
hire a consultant ($$$).
6) I would assume that if you were on an NT platform, you're also running MS
SQL Server. If you migrate it to your new platform, then you'll probably go
with Oracle. If you don't know how, hire a consultant ($$$).
7) Send your staff to Linux admin and Oracle admin training ($$$). Hire a
consultant to manage your site in the interim ($$$).
8) Wait until your staff gets over the initial learning curve of managing a
new platform and database ($$$). Hire a consultant to manage your site in
the interim ($$$).
Now, once you've done that, you're back in the same position you were when
you were using IIS because you still have people prodding and probing your
servers everyday. The only difference is that your knowledgeable, MCSE-cert
admin is now a quasi-knowledgeable Linux/Apache wannabe admin that will
freak when your system gets rootkiitted.
Tony Gruen said it perfectly: "It comes down to responsible administration.
We have watched this come and
still going on without incident and several IIS servers."
Rey Bango,..,,
----- Original Message -----
From: "Paul Sizemore" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Tuesday, September 25, 2001 4:35 PM
Subject: RE: Check out what Gartner is recommending. Drop IIS!
> We have a handful of servers that were affected by Code Red and Nimda.
Nimda
> shut us down for over 36 hours (complete shutdown - in a panic). It came
in
> through a shared drive before we could cut it off (the Network Admin
didn't
> know it was shared to a third party). I hate to think how much this cost
us.
>
> The Gartner report said for those companies affected by both viruses. That
> implies companies that do not have a Security Administrator, or companies
> that are "at risk" for contracting these type of viruses. Also, as you
> suggested, I'm sure the author meant to light a fire under MS.
>
> I don't make the decisions as to what OS our servers run, but TCO is
getting
> to be pretty outstanding on our (MS) servers, especially the ones that
could
> easily be hosted on another OS . Don't get me wrong, MS servers are great,
> but we don't need all of those features on some of our servers.
>
>
>
> -----Original Message-----
> From: Rey Bango [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 25, 2001 1:59 PM
> To: CF-Talk
> Subject: Re: Check out what Gartner is recommending. Drop IIS!
>
> Paul,
>
> Rejoicing for a more secure product is certainly understandable but
> Gartner's recommendation to dump IIS altogether is just plain dumb.
> Replacing every IIS box makes absolutely no business sense and the cost
> would be astronomical. In addition, a bigger part of the issue is the way
> security, in general, is handled. Security through obscurity is not the
way
> to deal w/ a publicly accessible box and that seems to be the trend. I've
> seen the way that many admins work (whether by choice or, in most cases,
> because they're overworked) and they tend to ignore security advisories.
>
> I am glad, however, that the report lit a fire under Microsoft's butt so
> that people can continue to use a good web serving platform w/out having
to
> shift focus to a totally foreign platform (eg: Linux/Apache or
Sun/iPlanet).
>
> My 2 cents.
>
> Rey...
>
>
> ----- Original Message -----
> From: "Paul Sizemore" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Tuesday, September 25, 2001 2:00 PM
> Subject: RE: Check out what Gartner is recommending. Drop IIS!
>
>
> > When I read this from Gartner I rejoiced; check out how MS is responding
@
> > http://www.theregister.co.uk/content/55/21869.html
> >
> > Paul Sizemore
> >
> > Finish Line
> > 3308 N Mitthoeffer Rd
> > Indianapolis, IN 46235
> > W: 317-899-1022 ext 3516
> >
> >
> > -----Original Message-----
> > From: Rey Bango [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 25, 2001 12:03 PM
> > To: CF-Talk
> > Subject: OT: Check out what Gartner is recommending. Drop IIS!
> >
> > Now, I've always found Gartner to sway in a particular direction based
in
> > the wind changes and the phases of the moon but this recommendation is
> just
> > plain stupid. Check it out:
> >
> > http://news.cnet.com/news/0-1003-200-7294516.html
> >
> > Rey Bango
> >
> >
> >
> >
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
