[TriLUG] How not to run a network

Kevin Flanagan kevin at flanagannc.net
Wed Feb 16 07:11:24 EST 2005


Of course they are not very realistic, it appears that they just don't
understand some basic things.  It doesn't matter about MS, vs. FOSS,
ignorance will always be there, showing itself for what it is.

Jeff suggests pointing out their own breaking the rules, that sounds
good, but also documenting the real business cases where complying with
their edicts will cause more work, and of course what kinds of resources
it will take to work around them.


That said, hard coded username/password pairs inside any job is just
bad, doing away with that would be one of my priorities, ftp or not.
sftp with shared keys, scp, etc would be so much better.


I live with stupid edicts to, move all user home directories to this
expensive EMC device sitting in a central location, was one.  Never mind
that it now takes far too long to enumerate my home directory over the
WAN.  It was on a windows file server in the same computer room, and it
was a lot faster.  We spend about a million dollars on it, I don't care
if it's not as good......


Kevin



On Tue, 2005-02-15 at 23:58 -0500, William Sutton wrote:

> Humm.  I wonder if some of the tech bigwigs at my company have been 
> reading the same M$ glossies that your .edu friends have been reading.  We 
> recently had a number of firm and unalterable decrees on the subject of IT 
> policy sent out, some of which were not particularly well thought out:
> - no downloading software from the internet (we do all know that the 
> internet isn't trustworthy, right?  by the way, if I do Perl development 
> for the company, does that mean my job is now outlawed?)
> - no installing software unless it comes on a shrinkwrapped CD from a 
> vendor with whom we have licensed the software (yeah, now how about 
> running those Microsoft updates that my PC wants me to do?)
> - no embedded account/password combinations in plaintext in programs 
> (wait...just about every program we have ftp's a report to a client 
> somewhere...are they going to allocate time/money/resources to bring the 
> existing infrastructure into compliance?)
> - no external IM clients...use the corporate IM server with the corporate 
> IM client (no file transfer capability)
> - any files with extensions (it seems) other than .txt or .dat are banned 
> from email attachments (but you can rename them to .dat if you like...)
> 
> **major frustration**
> 
> This isn't even just about blaming virii for everything.  This is about 
> people (dare I say, microserfs?) who believe that anything that can't be 
> administered with a few mouse clicks is somehow black magic, and suspect 
> at that, and the fact that they admin with a few mouse clicks somehow 
> confers upon them wisdom and knowledge equal to their perceived admin 
> power.
> 
> It seems that while Microsoft has succeeded in dumbing down the system 
> administration process on their servers, that a correlating trend has been 
> overlooked:  the dumbing down of Microsoft admins.
> 
> Is there a solution for this sort of ignorance?
> 
> William

-- 
Kevin Flanagan <kevin at flanagannc.net>



More information about the TriLUG mailing list