so you are saying that their priorities are to wait till they are compromised and then try to deal with it?? Is it just me or does that seem like a bad idea? I have dealt with reloading compromised servers, (NT and unix) and it seems to take me alot longer then 10-20 minutes a week looking for patches.... Maybe thats why stuff like what we are talking about here is a good thing... Force the bean counters to stop stuff like code red BEFORE it has done its thing... Give the IT guys some slack and leeway,, the only way that can happen, is for the bean counters to realise that its more expensive to fix a server once its been hacked then to patch it before hand... Unintented downtime is as good a way as any to convince them of that... Since they insist on running MS server software, they should be prepared to have to patch it, they go hand in hand... If they didn't patch this one, which has been around for ages, how many other holes are there in their security? Having said that, I have not implimented it either... don't have time to mess around with stuff like that.. :-) I am too busy writing perl shopping carts and stuff for our company. much rather be doing that then patching servers or reloading compromised ones.. rgds Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John J. LeMay Jr. Sent: Tuesday, 4 September 2001 5:13 AM To: expert Subject: Re: [expert] The CodeRed -- BZZZT! it does not work ** Reply to message from "Franki" <[EMAIL PROTECTED]> on Tue, 4 Sep 2001 04:28:07 +0800 > I beg to differ here... > > The people effected by code red are not competent sysadmins,,, > This is not necessarily true. Many of today's sysadmins need to wear many more hats than that of Uber-Geek sitting in a corner over their servers applying patches. Today's SA is more of a manager juggling between scheduling outages to maintain 99.9% or better uptime to meet SLA's. Bouncing servers to apply patches is in many cases out of the question except for a small window of an hour or so per year. While this uptime can be maintained via clustering or L4+ switching, many companies have little interest in spending the capital required to implement such solutions. Training, hardware, and ongoing support costs make implementation in many environments out of the question. The results of an IT organization being driven strictly by the needs of the business results in a force that must work in a reactive mode. That is, once a problem like CodeRed hits, the staff is permitted to deal with it. John LeMay Jr. Senior Enterprise Consultant NJMC, LLC.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com