Feeds

BOFH: Beware Mad Ron bearing Linux

Bright spark

  • alert
  • submit to reddit

Application security programs and practises

Episode 14 BOFH 2004

"Yep?" I ask, as the boss rolls into mission control with a perplexed expression on his face.

"It's my machine," he says, "Got a bit of a problem accessing the I.T. Management share and I need to pick up this month's budget figures."

"And you're logged into your machine ok?" I sigh, looking vainly around for the PFY to palm this off to. Worst luck tho', he's doing some urgent installs in some new racks so I'm lumbered with the responsibility.

"Yes."

"And your network cable is in?" I ask, knowing the boss's habit of kicking cables out.

"Yes."

"And how do you open your share?"

"With the 'run' option."

"And what do you type?"

"\-\-I-T-S-E-R-V-\-I-T-M-G-T," he spells, slowly.

"And does nothing?"

"No, it gives an error message."

"OK," I sigh, knowing that this is the quickest way back to peace and quiet. "I'll come take a look,"

. . 1 minute later, in the Boss' office . .

"You're running Linux!" I gasp.

"Yes."

"Why?"

"Because it's more advanced!"

"In what way?" I ask, prepared to be pleasantly surprised.

"Well, it's developed by thousands of people!"

"So was the Black Death, but that doesn't mean you want to expose yourself to it!"

"Yes, but it's the latest version!"

"And YOU installed this yourself?"

"Yeah. Well, with a couple of pointers from Ron."

"Ron?"

"Yeah, you know, the electrician guy."

"MAD RON THE SPARKY?!"

"Yes..."

"And you took the opinion of a fat bloke in shorts over that of your desktop support person?"

"You say desktop support are crap!"

"Of course they're crap, but they're a hell of a lot better than Ron!"

"But he says he runs Linux at home ok!"

"And his home bears a resemblance to our office how?" I ask, sarcastically.

"It's similar. He's got his own LAN!"

"That just proves he's SAD with no mates!"

"Well I think this Linux thing is worth looking into! AND I'm going to save a bomb in license fees!"

"Not when the company's got a site license you won't!"

"Well, Linux is more secure!"

"You're behind two firewalls protecting you both from the Internet and the rest of the company, AND you WERE on automatic update for both Apps and Antivirus definitions. A vanilla Linux install is a potential minefield!"

"Well it's... got a nice look-and-feel!" he says, really grasping at straws now.

"I'll put the swimsuit picture onto your windows background" I say, realising a pivotal argument when I see one.

"Would you?" he asks, problem solved.

Sigh...

"So... What else did Ron recommend?"

"Well he gave me a couple of sites to download some useful Linux applications from.." the boss responds, hesitantly.

"Tell me none of them ended in .nl or .fi ?"

"Uh... well... maybe a couple."

"Of course" I sigh, pulling his network cable out of the wall after just realising that the activity light on his NIC hasn't flickered OFF at all during our conversation... "And what were these backdoors to bring the company to its knees - I mean useful applications - going to do?"

"Uhhh… filesharing for music, cheap phone calls on the internet, and speed up downloads," he suggests.

Sigh.

>thinking<... >thinking<

"Ok, so here's what I think we'll do: We'll get the desktop support team to recover your machine from a backup, remove your CD drive to reduce the risk of this happening again, have Ron's legs broken - after making it look like an accident - and forget this ever happened."

"I don't think that w..." the Boss simpers.

"Or alternatively, I could track the source of the virus which is most likely running rampant around the company - to your desktop machine - tell the Head of IT how it occurred, and watch on as you're escorted from the building... Your call!"

"Ok," the Boss sighs. "But you weren't serious of breaking his legs..."

"Of course not" I respond "That's a hardware job. I'd get someone else to do it!"

"I..."

"Only joking. We're not that brutal. No, I'll just give him a quick talking to about how we in the IT department are responsible for technical advice and how he's responsible for changing fluorescent tubes and scrubbing toilets when the cleaner's sick."

"Changing lights and installing powerpoints," the Boss adds.

"No, like I said that's Mad Ron - A. He's colour blind and B. he's been electrocuted more times than the Northern Line. We contract out our real electrical work for Health and Safety reasons."

"No, he installed those powerpoints in the server room two days ago because you'd said it was a rush job..."

"No, he's not allowed in the computer room after that time he slapped his current tester across the UPS to determine what it's maximum output would be. It took 1/2 a day to bring the room back up."

"Oh."

"Oh?"

"Well, he said it was a rush job to put some racks in and so I let him..."

!!!!

Come to think of it, the PFY is taking rather a long time with that install....

. . . ®

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.