[unisog] Slashdot's UCSB Article
Jim.Dillon at cusys.edu
Mon Sep 30 21:09:25 GMT 2002
Didn't read the article, just the web page...
While I can understand taking the target-of-the-day out of circulation, it
is not an apparent example of great support for the end-user/customer
community. While universities are not well known as hotbeds of sterling
adoption of TQM principles, (the customer is always right, even when
clueless...), this seems to serve the network more than the customers.
Seems like the higher priority should be to serve the customers, as a
network without them doesn't really accomplish much. Perhaps having a
network isn't serving them if it is really this hard/difficult to manage?
No charge of being lazy or ignorant, no attempt to flame here, just
curiosity. I'm certainly more ignorant than most on this list, but couldn't
a well designed group policy be enforced for those that do bring W2K to
campus to ensure good configurations? This is a question out of ignorance,
I've never worked with AD or group policy myself, but theoretically it would
appear that a well designed group policy could force compliance with secure
practices. We get patches, virus updates, timeouts/disconnects, password
management, etc. at our desks due to group policy, no user intervention, so
it seems that students could be given the right to compute under group
policy control. Are you going to have to cancel XP next year when it proves
to be the problem this year?
Seems the underlying issue is the failure from a strategic level to properly
assess risks, prioritize accordingly, and fund/manage a secure network
infrastructure, not just a lousy Windows OS. 95/98/ME and Out-of-the-box
Linux aren't exactly security champions. Why provide the tool (network) if
the institution is not willing to invest in it sufficiently to do it right?
Not an administrator/operational problem, but a strategic near-sightedness
problem perhaps? Couldn't a properly staffed and funded network function
ensure all boxes ran the CIS and Top Twenty patches to achieve a "mostly"
secure environment? NIMDA et al would not have been a problem in that type
of environment, or so I'm told. I've been led to believe that those two
steps will throttle 95% of the risks/problems, am I wrong?
Seems to me to not lose paying customers, the right answer is never "No", it
is "We'd love to help you. It will take/require xyz for us to do so."
Perhaps the customers will foot the bill for the difference? Perhaps they
will eventually see no value in the residential proposition and simply go
elsewhere and there will no longer be a need for a resnet? Maybe I'm way
over estimating the number who would actually have W2K to begin with!?!
Again, no attempt to attack the administrative position, but the strategic
and planning position is flawed if it ignores the market leader at the
detriment of its primary customer, and such a policy will eventually fail in
the face of market pressures. Business policy 101 if I believe my higher ed
Great social experiment anyway.
From: Daxter Gulje [mailto:dgulje at housing.ucsb.edu]
Sent: Monday, September 30, 2002 10:49 AM
To: Robert Bird; unisog at sans.org
Subject: RE: [unisog] Slashdot's UCSB Article
From: Robert Bird [mailto:RobB at housing.ufl.edu]
Sent: Monday, September 30, 2002 6:48 AM
To: unisog at sans.org
Subject: [unisog] Slashdot's UCSB Article
>Is there any truth in this article? Does anyone know?
Yes there is, and yes, we do ;). Before anyone decides to fill
their flamethrowers with Napalm and accuse of being ignorant, lazy,
loafabout network admins, I encourage you to read our reasoning behind it
(most of you already know why we would do such a thing, seeing as how many
of you are busy dealing with Win2k compromises, and have been since school
started up) at www.resnet.ucsb.edu.
I love all the hate mail we're getting from the /. zealot
community..."Haven't you idiots heard of Service Packs?", "How much money is
M$ putting in your pockets?", "WinXP is more secure than 2000? Your [sic]
retarded!", "Linux would be WAY better than XP!".
What I know that many of you will get a chuckle out of is the
thought of trying to convince Amber the Cheerleader or Race the Fratboy to
install Linux...or to maintain proper patches/upgrades to a Win2k box.
/Dax <--ig'nant network administrator, or BOFH?
Assistant ResNet Coordinator
University of California, Santa Barbara
Robert Bird, Supervisor of Network Services
University of Florida Division of Housing
robb at housing.ufl.edu
More information about the unisog