Hi, On Mon, Feb 24, 2003 at 06:08:43AM -0700, Tim Spriggs wrote: > On Mon, 24 Feb 2003, Russell Coker wrote: > > > BTW As a rule of thumb, if you can crash it then you can probably > > exploit it, I hope that server isn't running as root. > > I realize that too. Unfortunately, Universities (at least around here) > tend to be VERY political and getting something like linux as a main > college server in place would be "making waves" with the type of > people that run the money upstairs. Just rest assured that a non-firewalled box containing backups will make a /lot/ more waves upstairs when (sic!) it gets cracked. You don't need to push Linux, you just need to explain the current risks, their cost and what it costs to implement a solution (be it Debian or Windows-95 based, ultimately they won't care), and the risks associated with that. Even the people upstairs have their gut feelings or prejudices about things they don't understand -- and we all know how hard that can make things -- they do tend to be sensitive to talks that mention well founded estimates of risks and costs. Cheers, Emile. -- E-Advies / Emile van Bergen | emile@e-advies.info tel. +31 (0)70 3906153 | http://www.e-advies.info
Attachment:
pgpkMM6vXW4Ok.pgp
Description: PGP signature