the cassandra syndrome
Somewhat sparsely explained on Wikipedia.
Honeynet has an interesting (although somewhat dated) paper on the survivability of machines exposed to the internet. I’ve just been watching logs (not really my job, but no one else seems to be doing it) and I’ve seen the firewall and proxy log hits from places as diverse as China Telecom (that’s Taipei), various places in the western seaboard of the US, Europe and Australia. They’ve tried things like proxying a connection to IRC channels, connecting via Yahoo Messenger (yes, really. I was so tempted to let it through and snatch a password or three… damn being all corporate and law abiding) and sending email (to advertise random pharmaceuticals, no doubt).
It’s only a matter of time before someone really does break into the machine and make free with the juicy bandwidth. If they haven’t done it already. I know it for true. The statistics (and even Netcraft) bear it out. It’s only a matter of time.
No one else seems to get it though.
To become the Cassandra or not? Do I really care if it happens? (Hey, I’m not using that bandwidth, so should I really care at all?). Do I have the time to seat people down and explain it to them? Do I have time to secure it myself? The answer to the last two questions is probably not. So… I let it slide.
It’s a crappy way to run servers, but I’m going to pick a battle I really want to fight.
update: Ubuntu Server truly does suck donkey shlong. I quote from Information Week because this is priceless.
… Ubuntu doesn’t recommend its server version for truly mission critical tasks. By contrast, there are plenty of big companies running things like SAP and Oracle on Red Hat and big server iron.
Just say it
Can't post a comment ? Any other commenting problems ? email lair - at - fierydragon . org