|
Monday, 08 March 2004 |
I guess I shouldn't be complaining, but I'm discovering that administration of Linux servers is pretty boring in comparison to the world of patching and crashing that is Windows administration. I setup two SMTP gateways back in October on RedHat 9 with SpamAssassin. That was 150 days ago. In all that time I've upgraded SpamAssasin twice, bumped up the process limits for spamd after the myDoom worm tripled mail volume for a few days, and changed a postfix configuration or two. That's it. No patches, no crashes, no worms, and not a single reboot in 150 days six hours and forty-one minutes. In contrast, I have to patch and reboot all of our Windows servers at least once a month.
Do you administer linux servers? What has your experience been like?Write Comment (0 Comments) |
|
Thursday, 04 March 2004 |
There is speculation that the recent flood of various worms and their variants are the result of online gang warefare.
I guess that makes us all innocent bystanders shot in a drive by worming.Write Comment (0 Comments) |
|
Thursday, 04 March 2004 |
There has been plenty of FUD (Fear, Uncertainty, and Doubt) spread by SCO lately about Linux. I haven't blogged about the whole mess in some time because while plenty of news stories popped up the situation wasn't fundamentaly changing. SCO continued to make claims about their intellectual property illegally being used in Linux but refused to provide evidience to prove those claims, while IBM, RedHat, and the rest of the OpenSource community fought back with countersuits and demands to see proof.
SCO took the liberty of wiriting a letter to congress about the "plague" of OpenSource (more discussion here). Minor court rulings were made one way or another and SCO did finally release some code. Also along the way a few angry anarchists unleashed the MyDoom virus to DoS the SCO website.
Today SCO "kicked it up a notch" by suing two users of Linux - DaimlerChrysler and AutoZone (/. and news.com coverage). This is disturbing. More than any other previous action by SCO this has a chance of discouraging people from using Linux. Now when companies or individuals consider Linux they also have to consider the likelyhood and cost of being sued.
I hope the courts act quickly to send these cases where the belong - the bit bucket!
News.com just published this article covering industry reaction to this move. They interviewed Linus himself via email who calls the whole mess a "charade". Well put, Linus. ;)
There is one light hearted bit to come out of all this: Netcraft reports the web server of the district court where SCO filed suit runs Linux.
Speaking of servers running Linux... This server runs Linux, so come sue me, SCO.Write Comment (0 Comments) |
|
Wednesday, 25 February 2004 |
The Netsky.C worm started showing up in my inbox and on the systems I administer a few minutes ago. NAI has their description and so does TrendMicro. That's very nice of them to describe the worms but in both cases the virus definitions you can download do not yet contain patterns to detect the virus. Trend requires pattern 779, but 777 is the stable download and 778 is listed as the beta download. NAI requires 4328 but only offers 4327. In fairness, NAI offers daily dats that are updated more often, but it's not made clear if the current daily dat contains the pattern for this particular virus. In addition, like the beta pattern from TrendMicro, you run the risk of untested pattern files causing other problems.
There has been a lot of talk recently about the shrinking window of opportunity to get your defenses up. I think this is an excellent case in point.Write Comment (0 Comments) |
|
Tuesday, 24 February 2004 |
The other day I sent an email announcing downtime needed to reboot about 17 servers to complete installation of the latest round of security patches from Microsoft.
While mindlessly rebooting server after server, it occured to me the patch game has changed the uptime equation. Administrators used to worry about downtime due to system crashes, power outages, upgrades and so on. Now a server in perfect working order can be taken down by the discovery of a vulnerability and the ensuing release of a patch.
Microsoft recently adopted a policy of releasing patches on a monthly basis. They have already broken this policy at least once after the discovery of a particularly serious vulnerability. Assuming the best case scenario of patching once a month and each round of patches requiring only a single reboot that takes about ten minutes, the patch game adds 120 minutes of downtime per year to a system.
To put that in five nines perspective (99.999% reliability being the nirvana of system availability) the very best you could hope for is somewhere between 99.90% and 99.99% availability (99.977% to be exact, assuming 120 minutes of downtime). Three nines allows 525 minutes of downtime and four nines only 53 minutes.Write Comment (0 Comments) |
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
