Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: product liability (was 'we should all be uncomfortable with the extent to which luck..')

  • From: Ryan Tucker
  • Date: Wed Jul 25 09:47:32 2001


On Wednesday, July 25, 2001, at 09:17 , Joe Shaw wrote:
And with this latest threat of code red, Microsoft would have been covered
anyway, because a patch for this exploit existed well before CodeRed hit.
They released a patch for the indexing server on June 18, 2001, which as
you know is a full month before CodeRed. So, people had a MONTH to
prepare for something like this, and it's a sad statement that they did
not.
We did, and are quite amazed at how few others did.

None of *our* Win2k servers were affected (thanks to our NT admin's frequent overnight patchfests), but numerous customers were... most of this manifested as "your network is down" or "hi, we'd like an SLA refund" or "my web server keeps crashing, you guys sell hardware unworthy of a ghetto trash bin".

Windows is NOT easy to administer. Unix (any of 'em) is NOT easy to administer. You can NOT install and not think about it again. You MUST continually think about it, look for updates for it, apply updates (usually overnight, as many of them require a reboot, and some of them wedge the machine), and keep the server in operating condition.

Reality is in direct contrast to Microsoft's main advertising pitch. How many of you have seen the Win2k Datacenter commercial with the unmanned array of large machines, with the voiceover falling just short of saying you can fly to Mars and back without having to do any administration oncesoever?

How many affected customers think that, because of that, no resources need to be devoted to administering their much smaller servers?

How many probably still think that?

It made it through the firewall and didn't set off the virus scanner, so obviously it's not that bad, right?

Something that might help is PSA's -- you know, those radio spots that tell you never to shake babies, drive drunk, or keep a pile of old tires around. Perhaps it's time that everyone also knows keeping your servers secure is not only in everyone else's best interest, but your best interest as well. Awareness is a wonderful thing.

I'll throw in a couple bucks towards airtime. -rt




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.