On Wed, 2 Jan 2002 02:58, Jason Lim wrote: > You are thinking resource-intensive work, which would require more than a > basic or low level sysadmin to do. I would not trust a low level sysadmin > to start performing restoration work on a system. At least if we catch it > within 12 hours or 24 hours then the sysadmin could at least pull out the > backup hard disks from the drive caddies, plug them into the backup system > on standby (basically has everything except hard disks) and have a working > system up and running instantly. A high level sysadmin can slowly sift > through original information carefully once the system is up and running.
If you believe that someone has cracked your security then the absolute last thing you want is a junior person messing with the system and destroying evidence. If you believe that your network has been cracked then your best person should work on it, the second best person should watch, and everyone else should leave the room. > Your assumption is that you can have a sysadmin onsite within a certain > amount of time to perform said restoration work on the filesystem, which > may not be possible especially with cutbacks everywhere and everyone > tightening their belts. Calling in a high-level sysadmin at 3am in the > morning to perform such tasks is not always possible resource-wise. Then the network stays down overnight. If the network isn't important enough to deserve good quality hardware and payment for overtime for skilled people then it's not important enough to be running 24*7 all the time. It's that simple. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]