Sasha Pachev wrote: > A) Tell him he's got it all wrong, he needs a sysadmin to run his > system. Since he does not have a backup and who knows what his > application does now after being hacked, he needs to re-install the OS > on his dedicated server that is 1000 miles a way, and the application > needs to be re-written from scratch to be sure. > > B) Find the offending code, remove it. Investigate the break-in, close > the holes. Instruct him on how to make a backup and encourage him to > do it regularly. Spend the rest of the time permitted by the client's > budget securing the most vulnerable parts of the system.
The right answer is a more than B. This sysadmin should also put the customer's application and configuration under version control and tell the customer that a complete reinstall is still necessary sometime in the next year or two. That will give the customer time to consider alternate hosting setups that are easier to manage than dedicated servers. > A real-life analogy to illustrate what I am talking about. Hwy 6 is > dangerous, many people have lost their lives driving on it. When you > go to Moab from Provo do you take I-15/I-70 route instead to avoid Hwy > 6 just to be sure? Our government spends a little extra money on highway 6 to make it safer. So should the customer whose site was hacked. Shane /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */