A Denial-of-Service Tale of Woe
Once upon a time there were three systems administrators. They were
great friends and spent the summer playing ultimate Frisbee, roaming
the street markets and drinking espresso at the local java joint. But
the days passed quickly, and soon it was time for them to turn once
again to matters of business. There were rumors of evil hackers afoot
on the Internet, and tales of deadly distributed denial of service
attacks being launched from unguarded systems.
The first systems administrator, his mind still full of Frisbee and
flowers, told his friends that he wasnt going to take any precautions.
"After all," he asked, "what could possibly happen?"
"It's not safe!" the other administrators cried. "The evil hackers will
break in and destroy your systems!"
But the first systems administrator didn't listen. He was too busy
having fun to bother with silly things like firewalls and systems
security.
The second sysadmin was more industrious. She built a firewall using an
old PC and the Linux operating system. She was very proud of her
firewall and moved all of her department's systems behind it.
"I built a firewall," she proclaimed. "Now I can relax and have fun."
"Not so fast," the last systems administrator warned. "You haven't
secured your systems by installing TCP wrappers, and you built your
firewall in five minutes. Don't you know that a poorly configured
firewall is worse than no firewall at all? And have you even bothered
to study the SANS Top 10 list?"
But the second sysadmin didn't want to listen. She was already on her
way back to Starbucks for another espresso.
The third systems administrator shook his head sadly.
"Poor innocents," he thought to himself. "Their time will come. The big
bad hackers will huff, and puff, and blow their systems down."
He trudged back to his office and began installing the latest systems
patches.
Not long afterwards, the first systems administrator was sitting in his
office enjoying a cup of coffee and thinking of nothing in particular.
Suddenly there was a horrendous crash in the hallway and his door flew
open.
"You have to help me!" shouted the wild-eyed faculty member. "All of my
research files are GONE! And I can't get them back! I've lost
EVERYTHING! Do something!"
The first systems administrator grabbed his keyboard. Tappity-tappity-
tap -- his fingers flew across the keys. What he saw made him very
frightened. He slowly turned a sickly shade of green.
"Ummm, I think you've been hacked," he muttered. "Excuse me. I'm going
to be sick now." And he pushed his way past the wild-eyed faculty
member and ran across campus to the office of the second systems
administrator.
The second systems administrator looked up in alarm as the first admin
burst into her office.
"What's wrong?" she asked? "Why are you so green?"
"I've been hacked!" cried the first sysadmin. "All of our files are
corrupt. They own root!
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
