Feeds

BOFH: Blast from the past

Old flame ignites trouble

  • alert
  • submit to reddit

3 Big data security analytics techniques

Episode 18

"That's...odd..." the PFY says early one morning, looking at his screen distractedly.

"What's odd?" I ask, coming to the point quickly so that I can get back to recounting the story about myself, some raspberry vodka and a handful of female reps from an anti-virus show booth...

"The Financials Database - it's just sent me an email saying it hasn't been backed up for 187 days."

"Ridiculous!" I cry, hastening to the PFY's side as I realise that any problem with this system could impact the paying of my monthly invoice - which might in turn impair my ability to purchase sufficient quantities of raspberry vodka with which to entertain enticing young women from anti-virus show booths....

"It's true," he says, pointing to the screen. "There's a stack of them. And there's some saying that the redo log area hasn't been archived for 187 days, 22 hours."

"It can't be!" I say. "I have a batch job which exception-checks the backup log output - it's seen nothing!"

"Nothing because it isn't running, or nothing because there's no errors?"

"I...No, it's working - it flagged a tape drive that needed cleaning just last week!"

"So what's sending us the errors?"

"I dunno - what was different 187 days ago?"

"I'd only heard the story about the anti-virus women and the vodka about 200 times?" the PFY says unkindly.

"No, what happened around that time in our system? Did it reboot or something?" I ask, ignoring the PFY's sad attempt to ridicule the Everest of my career as a tradeshow attendee.

>clickety< "Uptime on the financials server is 203 days" the PFY says.

"What about before then?"

"Before then it wasn't there - it was a hardware upgrade, remember?"

"So it was," I reply thoughtfully. "But we checked that the backups were running at the time - so the email must be spurious - UNLESS..."

"Unless what?"

"What happened to the old server?"

"Server Graveyard," the PFY says, pointing into the tape safe room.

"You're sure?"

"Put it there myself," the PFY says, opening the door. "Right there in the corner by the..it's gone!"

NGGGAAARGG!

"Check the server info database, get the old hardware address and find out where it's plugged in!" I snap.

...

"Yes?" the Boss asks, as I bounce his door open without knocking.

"Where is it?" I demand.

"Where's what?" he asks, faking innocence.

"The old financials server!"

"What old financials server?"

"The old financials server you took from the tape safe room. The one plugged into port E-145?"

"I don't have a 'port E-145' - whatever that is - and in any case I'm in a meeting - do you mind?"

"Don't mind me," the helldesk geek gasps from behind the door.

"No no, this is an important meeting!" the Boss counters. "We can deal with whatever they're on about later."

"Oh, well I'll just wait outside till you're done then..." I suggest.

"We could be here for some time," the Boss burbles, obviously trying to think up a plan to sneak the machine out of his room while I'm not around. "A couple of hours even."

"Got all the time in the world!" I respond.

"A couple of hours at the earliest..."

"Fine by me...although I won't want to miss lunch. They've got Chilli Bhajis on the menu as a Johnny Cash tribute!"

"I can't promise anything," the Boss lies. "We might still be talking..."

"Tell you what, I'll camp out here in case you get finished earlier than lunch, otherwise I'll pop in tomorrow when the old Ring of Fire's died down."

"Ok, fine" the Boss says, pushing the door closed...

...

"Did you find it?" the PFY asks when I get back to Mission Control.

"Nah, he's got it hidden away in his cupboard. I couldn't hear any noise, but I noticed a cable going in there."

"So what do we do, disable the port?"

"That would be at most a temporary fix. Bear in mind that he somehow got E-145 livened."

"You mean to say he's been in the comms room!!!" the PFY gasps.

"It would appear so."

"What do you want me to do?" the PFY asks, realising that this is serious.

"Flip the breaker on the building airconditioning, while I login to the old server and disable one of the power supplies."

"Why?"

"So the redundant supply will switch to double speed - and about quadruple noise."

"Won't he just switch it off?"

"Not when you go in to investigate the 'loud computer noise' in his office and he makes up some lie about his desktop always making that noise."

"And what will you be doing?"

"Getting his desktop and the server to exercise their CPU and disk drives aggressively in an effort to..."

"...raise the room temperature by a degree every three minutes or so.." the PFY nods. "And with the aircon off he'll have heatstroke by...uh...just before morning tea time..."

"Indeed."

"MASTER PLAN!" the PFY chirps.

...

In retrospect, no one could have known the Boss would stash the server beside a stack of papers in the cupboard, or that the thermal cutout in the machine was located in the disabled power supply...Suffice to say that the resulting fire was contained inside of five minutes - although the PFY did leave the firehose running inside the Boss' briefcase for a couple more minutes in case there was a potential 'hotspot' amongst the Boss' cellphone, digital camera, PDA or watch.

Not the way we normally decommission servers, but still, it all worked out well in the end and that's the best we can hope for...

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.