What To Do If Linux Sneaks Onto Your Network 334
BrentN writes: "Network World is running an article on how IT managers should deal with Linux "sneaking in" to their networks, or more precisely, being surreptitiously installed on workstations on their network. Opinions of the IT managers they interview range from 'Reformat the hard drive and fire the person who installed that renegade operating system' to 'Don't ask, don't tell.' The article's author (rightly) points out that this is probably an unstoppable phenomenon."
Bring 'em down from the inside! (Score:2)
So it was until I was hired 2.5 years ago, at which point I commandeered a slightly below average machine (P166, 24 MB of RAM) and installed linux. (RH 5.2 at the time.) I just wanted something stable to use for my workstation and something to play with and waste time.
The boss wasn't really concerned 'cause he trusts me, so I got to keep the rogue OS installed when it was discovered. (A co-worker tried the same thing with SuSE and had to dump it for some reason -- a shame.)
After a few months, the boss wanted that machine back into regular service, WinNT and all. So I came up with a nefarious plan -- I set up apache and made the thing into a web server, serving a tech support FAQ for the labs I worked in. (I was a student support tech at a university, you see.)
Now the system had been transformed from my simple toy/workstation to a server that students could use for help. It became indispensible and is still running to this day. The boss and a few of his cronies were impressed with the fact that in 2 years, it has only crashed once and only been rebooted, like, 8 times.
Word got around work how seriously stable linux was and I was offered another job -- setting up linux and unix servers for the entire system there. What started off as a toy suddenly became a phenomenon at work. Recently, I've set up:
- a helpdesk system using MySQL, apache, PHP4 and IRM [redshift.com], a GPL'd helpdesk/tracking package. Gross cost of the system was $0, compared with the $20,000 for a package they were considering (for 2 seats!).
- slash on another system for the students and faculty to use.
- two weeks ago, I set up a Red Hat 6.2 box with apache/PHP4 on it for the frickin' web development department. These are the guys who are paid to know how set up servers and stuff on their own and they couldn't figure out how to get apache to compile.
- this past week, I set up OpenBSD on a box which starting next week will take over for the WinNT DNS piece of crap they currently have running.
There's even talk of replacing their Exchange servers with some linux SMTPs, but that won't be my concern as I'm moving away.The morale of the story is, businesses don't use linux because they assume because it is free and because it isn't Microsoft, it isn't worth their time. At my work, I showed them differently. My new boss is so impressed with linux and now OpenBSD that it's all he can talk about with his colleages. What was a predominantly WinNT environment has, over the past 2 years, slowly become more and more free, with many of their Internet servers making the jump from the crash-weekly NT to linux. None of the servers I've set up for them have crashed yet, and they simply cannot believe it, considering they didn't have to fork out big $$$ to Microsoft for any of the software, including the web servers, OS, etc, RDMBS, etc.
Show the management what it can do. Show them it's stable, affordable, reliable, roboust. I did, and it impressed the hell out them.
J
The IT anti-world. (Score:2)
This is done for these reasons:
There are some piracy issues around here and we don't wanna take even the slightest risk of supporting a pirated platform, specially after the dumb M$ sneak-under-your-desk-for-pirate-soft campaign in Moscow.
We have a quite long experience with M$ platform soft. On servers the results were from bad to catasthrophic. The only thing we managed to do with such systems was to create small one-task servers for a very specific range of problems and conditions. Our specifics demand that servers should carry several tasks, generally process some terabytes per week and serve a few thousands of users. That is impossible to achieve under an M$ environment.
There is also the financial aspect. We have highly qualified experts. The TCO for *NIX soft is nothing to be compared with Windows. M$ support is frankly miserable here. Windows workstation support is the heaviest cost we have here. Our practical experience has shown that the support for NT reaches 10-60 hours week in a network of 70 machines and needs 2-3 people tied in their seats. On Linux it is an amazing 4 hour/week and requires only one person who doesn't need to stay 'round the clock in his place.
And, to end the financial aspect, we had a case when we paid Microsoft for nothing, just because they force OEMs to bundle soft in their machines. Probably only 10%-15% of this soft is really used here. The rest was humanitarian help from us to Bill Gates...
Re:From an IT Management standpoint (Score:2)
Who cares? I prefer an educated user (Score:2)
--Cheers
Re:Did you actually read his post? (Score:2)
In some cases this is the case, in others not. For example, in universities, the machines that researchers use are in fact purchased with the researcher's grant money -- not university money. And the people using the computers -- the professors, postdocs, and grad students, generally know far more about computers than the typical community college graduate IT drone. If these researchers want to use Linux, they have probably have a damn good reason for it. The IT people, like the secretaries and the janitors, are only there to support the researchers, but for some reason IT people tend to forget their place in the scheme of things.
Re:It's not that we hate Linux... (Score:3)
What many people don't realize is the troubles that most IT staff have to go through to maintain sanity in a typical company network. Many sysadmins I've met are responsible for keeping hundreds or thousands of machines on speaking terms with each other and the rest of the internet, within corporate policies, and ready to do work at all times. To do this, he uses scripts and other automated tools, and makes assumptions about how each machine is set up - it has the Company's OS, applications, network settings and security measures installed. Unauthorized OS's and applications break these scripts and tools, cause mayhem in the networks and drive sysadmins completely insane.
When some schmuck decides to install something unauthorized on his machine for gits and shiggles, he risks not only his own time and money, but he may be putting the entire network at risk. A misconfigured machine could break entire networks and cost the company thousands of dollars before it is fixed. When this happens, don't be surprised when the BOFH sysadmin rises up in righteous anger and takes his furious vengence upon the luser.
Some sysadmins do make allowances for staffers such as programmers to install Linux and other software on "sandbox systems". Presumably, there is a business need for this software, and it won't fight with present software. They always make it clear that if the software breaks, it is the user's problem to solve, not IT's, and if it causes problems for others, the user is expected to pull the plug and find a solution immediately.
The Next Microsoft Ad (Score:4)
A computer starts beeping and the operator looks at it with shock. He stands up and runs over to his supervisor to whisper a few words.
The supervisor runs toward the middle of the room and gets everyone attention..
"Break out the NT CDs! Bring our Exchange server online! Get those Bill Borgs out here in five minutes!"
There is a dramatic pause as the supervisor mutters in a low, gravelly voice.
"Someone's installing Linux on the network."
Re:The FUD grows.... (Score:2)
Presumably, Network World is worried about what's going to happen when a well-heeled advertiser goes the way of the Itanic.
Re:I'm disappointed (Score:2)
Hello, anyone with a laptop taken to work on any given day.
The idea of 'keeping prying eyes from seeing the data' and enforcing that idea with draconian IT rules is ludicrous. Anyone who wants to see that data will be able to. If internal security is that big an issue, you've got WAY more problems than if linux is 'sneaking in', and probably need to do retinal identification to enter the workplace as it is. For the vast majority of COMMON workplaces though, it's real hard to enforce security-through-obscurity when people have physical access to the hardware.
Typically, companies with "very very strict rules" are those ones who's upper echelons are so totally in the pocket of some major vendor that they swallow EVERY bit of crap, no matter how outrageous, that is in that vendor's interest. If vendor says "Don't let any other operating systems on your network, it could destroy everything!" many policy makers are too ignorant/lazy/busy to know otherwise, and simply make that law. I'm not aware of any IT department who has a CTO/CIO who knows more about details than his/her subordinates.
Companies with FLEXIBLE arrangements are the ones who demonstrate at least some knowledge in what's going on, and a willingness to pad their bottom line through the optimizations and research (unpaid) of employees... or at least, it's a hallmark of a CTO/CIO who realizes that better answers come from employees than from vendors. True, sometimes these things fall down and go boom, but that sort of thing happens even with the most seasoned professional or group.
Any company living in fear of 'rogue OSes destroying the world' suffers from a lack of robust IS planning and needs an overhaul far more than it needs gestapo policies.
--
rickf@transpect.SPAM-B-GONE.net (remove the SPAM-B-GONE bit)
But who are you going to call? (Score:2)
The most dangerous end-users (Score:2)
Aren't the ones who know what they're doing. And they're not the ones who don't know what they're doing (although they suck alot of time)
They're the ones who think they know what they're doing. There are plenty of people out there (and even here on /.) that think they're the shit because they can install RedHat (really not trying to slam redhat here) off of a bootable CD, or they can extract an Apache RPM and now they know how to run a web server, or they know how to 'program' in perl. Or the guy who used to program Z80 assembly and needs direct access to your SQL Server. These are the people with the most potential to screw things up.
And judging the general responses here, alot of /.'ers are going to loose alot of credibility/ respect with the company and coworkers when they get busted and start ranting about M$ Windoze/Bill Gates/Closed Source. Fair or not, it will happen.
I didn't think iw was so serious (Score:2)
it's not just linux (Score:2)
Hey, if your network's virginity is so precious, install switches and turn on port security.
I have to laugh anyway, I was a teacher for a while, and the idea of an IT person getting anyone fired about anything in a public school system is beyond belief. Even the lunchroom ladies are laughing at this one.
On the other hand, I'm working in a hospital now-a-days. We have had someone more than once (doctors have unlimited self-funding) setup something unauthorized on the network with some poor choices that randomly killed access to something else that was mission-critical.
So now other doctors couldn't get to lab results, patient histories, etc. This is a Very Bad Thing.
The people who pay the IT managers' bosses' salaries did not _ask_ if it can be prevented from from happening again.
It's not Linux that's the problem. For everyone that got hurt with samba's NT pdc hijacking, there was someone that got buggered when an unauthorized WIN2000 server went up and tried to take over the network.
The problem isn't Linux or NT or "the unknown" per se, but rather risk assesment. If you are responsible in any way, when faced with making decisions you have to ask:
1)What does the organization gain from this?
2)What's the worst that can happen?
1) Having a policy of letting anyone setup their own servers is ludicrous. This is something that IT MUST be in charge of. If someone is smart enough to discover a way that Linux/BSD/AmigaDos can make the company run better, then they should understand Linux/etc well enough to make a formal presentation of the specific solution and its benefits. Most people can't do this because, frankly, they do not understand either Linux, WINNT, or Win95 well enough to explain it to someone else. This also means they don't understand it well enough to install or support it except in the most superficial way. Why should IT have to drop what they're doing to figure it out for you? And even if it's a great idea, some things can't go on the general network _today_ because the bandwidth isn't there - consider what a Napster infestation can do to your bandwidth
2)You figure it out next time you're in a hospital bed.
Re:But who are you going to call? (Score:2)
The only thing that made my job bearable was that I spent alot of time in medical research labs working, and I get off on that sort of thing. I think the researchers liked me cuz I had some clue as to what they were doing and showed interest
(that and I would give them the straight talk on my own department I was quite used to answering the greeting "Your department sucks" with "Yes we do, but since im here you want me to look at the problem?")
I have found that in front level support you get 2 types. The first is people like I was - very clued and very skilled, just not enough work experience and stuff to land a better job. The second are complete idiots who know how to navigate windows and "run installsheild" better than most users.
The first type does it for a year or two and moves on. The second type stays there forever (this is espcially true at helpdesks). If the first type doesn't leave after a year or two, then they get lots of crap dumped on them and eventually have a breakdown and get fired - then recover and move on.
The worker shortage doesn't make this better. There is too much work and too few people. Its no wonder that things like "ghost" are seen as a god send. When you have a 24 hour turn around time policy, but real turn around is more like 4-5 days because of shear call volume - its not like you have the time to devote to really solving problems.
I litterally worked where 7 people or so doing desktop support for several thousand machines. Spanning 3-4 types of supported PC hardware (the standard had changed a few times over the years) 2 main OSs (Windows 3.1 and Win95 - the Win95 rollout was still going on in 1999 when I left) PLUS macintoshes (which got a lesser level of support due to myself and one other tech being the ONLY mac experienced techs)
-Steve
Re:It's not your computer (Score:2)
People work differently. People who like linux and work best in linux, might not work well in windows.
Its like telling a person how to decorate their cubical walls. Sure - certain things would be very inapropriate (like say playboy centerfolds), and its the companies cubical. However - setting rigid standards and forcing people to work under them is just goin gto make the workplace less enjoyable of a place to be.
Making the place less enjoyable will just make people want to work elsewhere. Work already isn't fun, at least give a person the ability to "personalize" the place a little bit.
Now, if their use of linux interfeared with actual work and made it so they couldn't do their job - then certainly the company needs to step in.
However, if they can support the machine themselves, and they can get their job done - then why should it matter at all? I don't know about others but I am all for letting people do what they want - as long as they can get the job done then leave the details up to them.
As for IT support - its simple. You just need a policy that says "This is what we support. This is standard. Diviate from it at your own risk - we will not fix it for you."
--Steve
Re:IT people are assholes. (Score:2)
In a "regular office" the IT department is there to make sure the entire organization is able to work via their computers. That organization is often HUGE and is composed of a bunch of business people who don't know their computer from their butt.
Advanced users and programmers are treated differently in my organization since they display something special: competence. Anytime testing is necessary these people are the ones who we ask to test it, with our help. And although all programs not developed in-house must be approved by IT, there is a clear channel to request such installations. Users can always make a case with management for why they need a program; so what is stopping you?
Re:Of course (Score:2)
Personally, I have *yet* to find GUIs "usable" in the first place, and I try to keep them as stripped-down as possible. If I find a powerful and useful metaphor that helps me out a lot from the GUI camp, I'll let you know, but so far, I'm not impressed, and I'll continue to program with a text editor, toss files around on a shell, and read my e-mail in text mode...
As for Windows 2000, I haven't used it much, but it sounds like a different set of trade-offs were taken in producing it, and it's getting closer to Unix. They must have made it more stable than '98, since they broke some games and applications that were probably using some buggy stuff in the first place.
Hopefully they'll clean up the API enough to make those apps fast *and* stable eventually, and maybe one day, they'll even keep track of their libraries correctly, or implement some real hard or soft links (i.e. at the filesystem level)! Until then, I'll continue to use Linux.
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu].
Re:Have to agree (Score:2)
Do you why they have this policy? Because they know how much people get paid, how much the insurance and lighting and floorspace costs, lost productity costs due to IT issues, and what the work backlog looks like.
The fact is that the price of managing a corporate network is about 15% software licencing, 15% hardware costs, and 70% labor costs. If it takes 2 hours to fix someone's Pentium, the sad fact is that it would have been cheaper to just throw it away and drop a brand new $800 Celeron box on the person's desk.
Back in my sysadmin days, I was a decent troubleshooter. Yeah, I enjoy it too. I also had pride, I hated to admit defeat, but there was one thing I learned -- There is no such thing as 15 minute problem -- If you can fix it in 15 minutes, it really wasn't a problem to begin with. I also did most of my sysadmin work as a contractor, so I could hear the cash register bell ringing in my head while I was dinking with this stuff.
Files do not magically disappear from an AutoCAD setup. Finding the real problem and CHKDSKing to hell is probably going to take far longer than an FDISK and image dump. One place I worked had a sign in the technicians cage that read Thou Shall Not Open the Case. One of the smartest places I ever worked.
Re:Why are all IS guys fat? (Score:2)
SHAPIRO: Heh, so, anyway, Trixie, anyway I says to the guy, I says, "You have installed Red Hat on your Optiplex. Prepare to FACE MY WRAFTH!" And then I whipped out my Windows 98 bootable CD and wiped his crappy installation clean off his hard drive. Then I told his boss on him. He's in for a heapin' helpin' of trouble come Monday morning!
TRIXIE: You smell like armpit.
TRIXIE'S FRIEND MARCIA: Good God, did you bathe in sweat this morning?
SHAPIRO: So, what say? Wanna go back to my van and screw?
TRIXIE knees SHAPIRO in the GONADS. MARCIA laughs to herself. TRIXIE and MARCIA leave with A LEET LINUX SYSADMIN.
---------- END
- A.P.
--
* CmdrTaco is an idiot.
Re:I don't see the problem (Score:2)
It takes significantly more knowledge to set up a secure Linux box.
Obligatory Car/Computer Analogy (Score:3)
"I worked at a place that gave me a company car. I didn't like that it used gasoline, so I spent the money and time and had it converted to use propane. Propane is not only cheaper, but is also better for the environment."
The problem isn't Linux, the problem is people who are overstepping their authority and possibly creating more work for someone else.
Re:But who are you going to call? (Score:2)
You don't really save your important files on the local drive, do you? Please tell me you save them on the network where they are backed up nightly. Please?
Re:My employer gave me an award (Score:2)
Re:It's a corporation, not a democracy (Score:2)
While there are often legitimate reasons to constrain operating environments, rhetoric (to steal your word) about firing people who dare to install a "non-standard" operating system or application is inflammatory and, in most shops, unenforcable as well. (Often, IT has a job to do other than micro-monitor the users--if they have time for that, they're ripe for downsizing and/or outsourcing.)
While there's an awful lot that can be read into what I posted, the fact is that I only said open source tools that are useful will displace closed source tools that aren't as much so, whether IT likes it or not. Ultimately people with the best interest of the whole organization are in control, not the self serving people in some IT departments that want to follow some particular vendor's line because it makes their jobs easier.
Translation: IT would often like to dictate platform and get paid for mindlessly implementing a single (or few) vendor system to the exclusion of better tools. The people forced to use inferior tools will, (in organizations that aren't dysfunctional, within and outside of the "rules") get around having to use them. Then the rules will change.
(Also, your reference to Brezhnev is quite appropriate--the Soviet Union didn't make a profit, and other organizations run that way won't be making much money in the long run, either. (Although Shapiro is more like a wannabe Stalin, but I digress.))
Clueless Management (Score:2)
Look at the sources (Score:4)
Don't ask, don't tell, don't waste time (Score:2)
I realize some companies have rules about this sort of thing, but maybe it'd take someone being surprised to learn they are really using Linux to get them to wake up to the possibility of using Linux as a viable alternative.
Are you guys serious? (Score:2)
In addition to that, if a user installed NT on my network, I would be reluctanct, because I don't know NT. If the employee goes, I'm shafted. It's the same as an NT admin being concerned about me walking onto a site with *BSD CD in my hand.
Lastly the costs of running a multi-OS environment are much higher due to the fact that you either have to pay somebody who knows all the OSes (very expensive) or hire multiple people to support them (also, obviously, very expensive).
You might think it's all good fun sneaking your favourite OS onto your work machines (I couldn't give damn what OS it is, just that it's not corporate policy), but in my company it goes strictly against the security policy, and therefore as a result, you're looking at a bare minimum of a verbal warning, and possibly immediate dismissal depending on the circumstances.
The company's machines are just that - the company's. They're not yours, you have no right to alter the OS on them, and if you have a legitimate claim for another OS, perhaps you should suggest it and let the people responsible for looking after your network (and therefore your jobs) make an informed desicision. In other words - grow up!
Re:It's not that we hate Linux... (Score:2)
The main gripe I have against IT people is that they think the point of computers and networks is to serve their interests. No! The point of IT is to enable employees to best get their work done, not to provide the most elegant and tractable system for the admins to preside over.
If you're barring employees from using tools that would make them more productive because they don't serve your interests, you're falling short, not them.
You can take my Mac when you pry it from my cold dead fingers ;-)
What To Do... (Score:3)
Turnning the tide (Score:2)
But for many it IS posable to turn this around on a grand scale.
Basicly talk the IT into certifying a Linux setup.. maybe a inner office build using Linux From Scratch (optomised to the standard hardware used in the office).
Talk em into a "clean sweep" of the office.. Not just one machine but the whole department.
This will more than cover for the few ITs who say "NO" and refuse to install anything but an approved NT system.
Don't look at all thies situations as a roadblock to getting Linux implemented. It may be a bit of durty pool to get whole departments to drop NT but then this IS how Microsoft plays it and it's not wrong if an intelegent IT dose it for the benifit of the busness. You simply need to sell him on some key points.
(Do some net research I don't really feel to good right now and really can not provide a good rundown of keypoints for selling Linux at this point in time)
Once you have whole IT departments changing over to Linux you pritty much kill all the MsFUD.
I think this may be the short road to getting Linux compleatly into the mainstream.
From there it's a short road to premoting BSD and Solarus as well.. "Linux is just one of many *nix solutions"...
Promote them to IT staff. (Score:4)
I'd also address why they hadn't felt comfortable talking to me about it. Communication problems can bite you in the ass later on. Mostly, though, I'd be proud, and a little bit scared, to have a fellow geek on board.
Re:Just like company email servers... (Score:2)
So?
Load up BSD then the NEXT time you run into such a road-block.
If they don't like BSD licensed code, point to the BSD copywrites in Windows and ask when they will get rid of that.
Stop thinking the Open Soruce OS world is all Linux.
Sneaky Linux. (Score:3)
A lone penguin comes out of a nearby pool of water (connected directly, of course, to the Alaskan sea). THe annonymous bird leans up against a cubicle, and checks down the corridor. Seeing an IT worker, he ducks back behind cover, and quickly runs up behind when his back is turned, and then ducks down another way. he eventually makes it to the elevator, and presses 'up'.
The penguin removes his infiltration gear, and the words blare across the screen:
METAL GEAR LINUX
Tactical Operating System Installation Action!
----
Samba is what samba does. (Score:2)
Yes, I feel for you. I'm one of those programmers that "illegally" installed Linux on my machine. But I was able to prove my productivity due to it.
But....
One day trying to set up a Lab NT machine to verify users to a global account through my Samba/Linux box, I tried a few configurations, and later gave up on it. But what I didn't realize is that I left "local master = yes" and work group equal to my companies domain. Opps!
It took our IT department three days to find my machine. ALL windows machines in my subnet were not able to access net drives or printers. I came in on a Monday morning to see a piece of paper on my machine that read:
ATTENTION: one of your machines is preventing all Windows machines on this floor from accessing the network. We have disabled your port. To be reconnected, call the help desk
Lets just say, they don't like me very much
I don't agree with all that you say, but I do feel your pain!
Steven Rostedt
How to make a killing on banner ads (Score:4)
Admissions of Linux reliability (Score:2)
. .
"We sat down with them and agreed that they could use their Linux box as long as our phone didn't ring when they had critical problems," Maday says. "So far, we haven't heard one thing from them since the meeting we had a few months ago."
Could this be the second (see MS advert article)inadvertent admission of the day by a Windows IT zealot that Linux has advantages? Or am I missing a trend?
== Idle Random Thoughts. Usual Disclaimers Apply ==
Re:Sneaky Linux - dammit that would be great TV! (Score:2)
that scenario you named would be hiliarious. Imagine 15 seconds of that followed by a quick, funny blurb on Red Hat (or VA or anyone else with the money to make TV commericals
gentle humor is a good tactic. Portray the particuloar kind of Windows-centric IT bureaucrat who's autocratic, stuck in the past and narrow-minded, and contrast the open minded, creative, dynamic Linux guy. (There are both types in both camps, actually, but the perception I have is certainly the other way
MS has lots of people in marketing, remember. If companies like Red Hat and VA are to survive, they have to at least defuse the MS marketing bomb
timothy
Re:IT people are assholes. (Score:2)
Prepare for a perceptions-shattering revelation: those computers are their responsibility! If you bring in your own box and keep it off of the company network, then go ahead and do whatever you want. But until then don't treat someone else's property as if it were your own.
They are the enemy for anyone trying to get work done.
No, they're the ones who enable stuff to get done. You think the people in accounting and HR know how to configure a network? Hah!
As a programmer I need to install programs all the time. Programs the IT monkey can't even grasp what they are. So he'll say no.
Then segment your network. But all programmers on their own net and let them configure away! Then when you take down the network you only have your peers pissing on you, and not the people who sign your checks.
but in a programming environment, the programmers can usually run the network better in their spare time.
Hee, hee! That's the silliest thing I've ever heard. Please don't remain anonymous. Let us know who you are, so when you get canned by IT we don't hire you by mistake...
I never knew I had it so good (Score:2)
Our company did something that I've never seen before; we merged the IS and NetOps into one department. Now you would think that this would cause a great war but it's turned out to be wonderful. When they needed to setup a file server that would talk to all the OS's we showed them how to build a samba box. When Exchange was having problems with open relays and mail floods, we showed them how to have a sendmail box in front of it as a kind of mail spool/firewall. And when I needed to run visio or outlook, they set me up with a switchbox and a windows box. All the sysadmins and programmers are available to ISNOC and input on all projects. That way the best solution (NT/BSD/Mac/Linux/Sun/Cisco/etc) gets implemented. We also act as our own ISP since we push about 1Gb/s out to the net. We have a wide body of knowledge that can deal with anything the users need. Each user is allowed to use the OS that they feel will let them get thier job done.
If you are a large firm that has lots of programmers, admins and IS gurus, get them together and let them rock.
How about developing policies ahead of time? (Score:2)
However, if the IT department isn't keeping on top of things like this, then they suck. If they don't, today, October 21st 2000, already have a policy on Linux, I would wonder, probably aloud, about where the hell they've been for the past five years, whether they had developed a plan to deal with the release of Windows 3.1 yet, if they'd heard of this newfangled thing called the "Inter-net", and how their horseless carriage has been working out for them.
Thirdly, I think most people understand the need for IT departments to have control over their networks, and that it is important to get permission to modify settings on a machine on the network. However, what many IT departments don't realize is that many of them have no clear path for getting said permission, and it usually comes down to a purely political decision by someone who doens't understand or even care about the user's needs.
So, IT people, before you start flaming people for complaing that it sucks that they don't have any control over their computers, pose as an average employee and see if it's possible, using the resources an average employee would have (IE, not being able to just log in as root and do it) to, for example, switch operating systems, or even just get something installed that would make their lives easier.
Sneaking, dealing, slithering (Score:2)
It is my understanding that most IT departments are SO lax that they don't have the time to worry about what people are running except for those who are always asking the questions - usually these people do not want to run Linux. In most places Linux is ran by Administrators and people who need a real X server or something with a REAL terminal program. Hell half of the people in the Operations Department where I work run Linux with VMWare simply for Outlook.
Just like company email servers... (Score:5)
That said, there's no reason to actually take steps to see if Linux can be installed on a box. Write your IT department or supervisior, explain what benefits you *and* the company will get from installing Linux on that one machine. Make sure you explain you'll be completely responsible for that box from technical support to making sure it works with any priopritary protocols on the current network to making sure that it's secure. The latter point is probably most important; your job will be riding on the security of that box, so *you* need to be willing to take the risk and responsibilty to lock it down to the best of your ability. (This brings up the point how much more secure a well-maintained linux box is even compared to a expert NT person -- but you need to define how secure is secure.)
If they don't agree, then there's probably no reason to stay at that company, if they don't understand why different people need different tools to work. Particually if they are in the IT business.
What To Do? What? (Score:2)
Network World is running an article on how IT managers should deal with Linux "sneaking in" to their networks, or more precisely, being surreptitiously installed on workstations on their network.
Is this a trick question?
Well, hell, break out the Jolt and pepperoni pizza and party! Next, someone'll be asking you if you have any clear idea of what you'd do if Natalie Portman [celebritycd.com] made a play for you. Geez ....
Hmm... And I Thought The User Was The Customer... (Score:2)
Different kinds of users (Score:3)
However, there are times when linux has presented valid problems - having samba set up and declare itself the master browser in such a way as to disrupt windows systems from connecting to shares on the domain, etc. (this may no longer be a problem, but it has happened). However this just points to the need to document how new elements must behave, and make it clear that new things must be tried in an environment that is not critical to production. This can teach real lessons and improve networks a lot.*
IMO an IT department that resists change above all else is one that will resist itself out of existance. It's the users that try new things for themselves, and from these evaluations learn new things, that make systems and networks useable.
-Peter
* Anyone else remember when doom first hit big novell networks? Networks were being crashed by the flood of ipx broadcast traffic. Even though this killed business in many places, in the end it fixed configs across the world to keep private networks private. Disruptive events like that, and like linux have to be evaluated and lessons learned. They can't be squashed.
Bad management (Score:2)
Hell, this doesn't just apply to programmers. I'm the sysadmin. My users use a variety of operating systems, both because of personal preference (the animator loves SGIs, the programmers love NetBSD and Linux, the engineers have settled pragmatically for Windows, and the managers are, well, managers -- except for the CEO, who's a Unix weenie just for the sake of Emacs) and because we write software for a variety of platforms. It's not hard to maintain a diverse system like this, and it's certainly not insecure -- it's easier to break physically into our office than it is to steal the appropriate passwords or keys to SSH/PPTP past the firewall, and we trust each other.
So I think that the problem you think you're solving with a fascist policy of "The Company [i.e., the managers or their IT toadies] decides what you get, and you'll damn well use it, even if it's like hammering in a screw with a fish" is actually a problem of either management's misplaced distrust of the programmers, or of actual incompetent programmers and accurately placed mistrust. Either way, the people are the problem; with the right people, fascism can only make things harder.
As for this crap about "It's not yours. It's the company's. They can make you use it however you like.": yes, it's literally true. If my company were run by idiots, I could be ordered to use the wrong tool for a job, and to fuck it up in whatever they please. But you know what? I'm better than that, and I've got a no-notice contract and a year's rent set aside in savings, so I can damn well tell them to fuck off and find a company that will treat me with respect. And you know what else? They know that, and they're good and smart people themselves, and they're not going to do that. They don't consider it worthwhile to hire people they don't trust and respect, and I don't consider it worthwhile to work for people who don't trust and respect me.
<flame> I'm glad I don't work with you. I hope that some day you will grow up and go to work for a company with a future. Do you get off on timesheets, too?
I especially love that comment about how you wish the poster luck finding a job that fits this "skewed outlook". It sounds like you've found your way into an unsatisfying job, and rather than being sensible and getting another job, or being considerate and committing suicide, you're lashing out at others who have some self-respect and have spent the minimal effort to get jobs at places that treat them as the valued assets that they are. Remember: down, not across. </flame>
Re:But who are you going to call? (Score:2)
Re:I'm disappointed-again (Score:4)
I respectfully disagree. I happen to believe that the VAST majority of today's Linux users are indeed less than skillful at administering Unix. Inept, if I may say so.
I see it everyday. People who claim to be Linux masters because they've been using this lesser-known distro for so many months/years.
And then I watch them login to their home machine (using telnet no less).
And this is one of the brighter ones who knew to disable remote logins by root. It scares the hell out of me thinking that these people consider themselves knowledgeable. The problem is that these are the people who will go around installing Linux overtop of Windows machines at work without asking because they presume that the sysadmin doesn't know how or (even worse) they believe that they don't need to ask permission.
An intelligent, well-informed Linux user will understand that control over what is deployed on a network is not just a luxury for a sysadmin. He will understand that he's treading on somebody else's toes by installing another OS where it shouldn't be.
For one thing, it's called common courtesy. For another, it's common sense. Unless your job is to maintain the workstation you're given, what the hell right do you have to mess with it? It's a tool, supplied to you by your employer in order for you to perform your work, not a God-given right.
I feel bad ranting like this, because I know there are some very knowledgeable people out there who are locked in by some short-sighted contract signed by even more short-sighted managers. But the reality is that it's not your call. Installing Linux without permission isn't going to help the cause 99% of the time.
--
It's all about genetics (Score:2)
The only problem is, deep in the back of your subconcious, you'd know that sooner or later, those recessive genes will pop up at the most inopportune time.
Re:The Next Microsoft Ad (Score:2)
Re:Safe from packet sniffers? (Score:2)
With your kind of logic, what's the point in locking doors? An experienced thief can pick the lock anyways, right? Or break it down.
Not to mention you missed the point entirely. I never said nobody should be allowed to have Linux. I only said that sysadmins have good reason to be pissed when someone goes and installs Linux on a workstation without telling them.
--
MAIL MACHINE is HOLY (Score:2)
FIRST: The mail machine is holy, and must not be used for experimentation or installing insecure or unstable (development) software. If the IT dept issues you your email machine running NT (blah) then keep it that way. And don't take your chances repartitioning and adding linux on the back of the current drive.
*** SEE HERE: the IT guys issue you a machine that they can support, and are required to support, no matter what. When you change that to something other than what it was issued with, they no longer need to support you.
SECOND: When running more than one OS, keep one secure, and stable. if the experimental one goes down, you have the stable one to fall back on.
In my office, my mail machine is NT 4 sp5. I requisitioned two other boxen, one runs TurboLinux and the other has Debian 2.2 Potato (Espy!)
Our mail app runs on Lotus Notes (when will they write a client for linux?!) which runs (slowly) in WINE.
The site is networked with Token Ring, and I have to socksify to use anything outside the intranet.
None of these things would, or SHOULD be supported by IT. They were hired to decide what will be issued, and are bound to support what they issue, not what I decide I would rather run.
I can understand their hesitation at Linux creeping onto the network, they didn't issue it, and will be derided, guilted, and profaned at for doing their jobs and refusing to support it.
A host is a host from coast to coast, but no one uses a host that's close
IT, Challenges, Missions... (Score:2)
That said, if someone just ignores policy and installs something over their workstation, of *course* something needs to be done; but not because they installed 'linux'.. simply because they trashed their workstation!
On the flip side.. the guy who says, in the article, 'we allowed our Finnish group to continue to use Linux as long as we could manage it with NDS' is bunk. If you purchase a company that does all their work on linux, you evaluate the total cost of switching them to a different (preferred) system, or supporting their current one. EITHER is a viable option; as the IT manager, it is up to you to provide that support.
SImply saying 'fuck you, install NT' is *NOT* providing support. Showing the boss how the cost of switching to NT & making this fit with your current support structure, and the rest of the organization's devleopment -vs- the downsides of changing the office over, THAT is the way to show it.
Same here.. (Score:2)
When Mr. Schapiro-whatever is asked 'what would you do' he responds with what he woudl do if *anything* outside of what people are *clearly informed* is allowed is installed. He does not say 'oh, well normally we wouldn't care, but if it was linux, we'd fire them'. Sheesh.
Communication is absolutely the key. I expect that if the developers need to hook a bunch of linux boxes up to my network, they come to me and say 'Hey, we need to get access to the file server and shit from these LInux boxes, because that's what we're doing our code on now'. As the IT manager, it's my *JOB* to accommodate this (preferably, they tell me BEFORE they make this decision to switch platforms, so I don't have to make a bit of a fuss. The fuss is because the cost of me supporting it must be factored in to the cost of switching over, and may reflect badly on my own budget otherwise.)
Re:'unstoppable phenomena' (Score:2)
The chief reason that IT departments (well, mine, anyway) wants to approve all software (well, the first reason.. there are two), is because of licencing. We must not open the company up to liability. With linux, the common user thinks (rightly so) there is no licensing, so doesn't need to tell us.
The second reason is, of course, support. Support, as in making sure all our infrastrucutre works as well as possible.
Re:I didn't think iw was so serious (Score:2)
While the situation in the article was not as clear-cut as the example I used, the fact remains that if a company (or its Admins) has a definitive stance against running Linux on their networks the n you have an obligation to abide by that stance as an employee of the company.
If you don't like it you can quit (or face dismissal for breaching their guidelines)
A large number of slashdotters have voiced their discust at any company that looks to firing an employee for installing Linux... thats bullshit. It's their money and their gear. You get paid to do a job the way they want you to do it, and the only alternative is to convince them that your way should be their way - if they disagree you've got a choice to make.
Re:I'm disappointed (Score:2)
You miss the boat too. Nobody is saying that Linux should be outlawed. I'm talking about employees going behind admin backs and installing Linux (or any other OS for that matter, NT is just as capable of f-ing with a network) without asking permission.
--
Re:But who are you going to call? (Score:2)
Second: I work at a high school, in an engineering technology class where all the dumb football players and stupid skaters and ninth-graders end up, and if you give students access to the network server, you're going to have all sorts of problems with porn, games, napster, e.t.c. By limiting network access through the simple means of taking the cords away, access is effectively controlled. However, when the incompetent boob running the IT shows up, things like this happen.
Tell me what makes you so afraid
Of all those people you say you hate
There are good reasons to prohibit. (Score:2)
In my department we allow Linux systems, but people who intend to install it must notify a computing committee, and they are expected to run only ssh, and possibly smtp and a small, secure, non-cgi capable httpd like djb's publicfile [cr.yp.to] (intended to serve a Java ssh client or test pages, not as a production server). We had a box rooted before this went into place; the user of the box was running an old version of Redhat, and the box was running a buggy, absolutely unneeded amd daemon. The attacker transferred a rootkit and a sniffer using ftp-- the ftp daemon had not been used for anything else in that box, ever...
Of course (Score:2)
"The horrors! The insanity!"
Don't be hypocritical by trying to turn the situation around.
I don't see the problem (Score:4)
Really though, this is just one more piece of software that people are bringing in from home because of a personal preference. In my last company we had people bring in copies of Corel Office suite because they were sick of Word crashing on them so much. We install Netscape on all of the computers we deploy so people can make a choice, and generally make it so that the employees can be the most productive.
Besides, at least Linux is free... How many rogue copies of Quake do you have running around in your company? Most places have at least one guy who has the quake cd sitting in their desk, to be passed around when new people come in or computers get moved around ;)
Its not your network or your computer. (Score:2)
It's not that we hate Linux... (Score:5)
The problem we have is with unauthorized anything on our networks, not just Linux. You see, planning and running the corporate network is what we're paid to do. In most structured environments, nothing gets installed without IT's thumbs-up. Period. The business (and our jobs) depends on the network's being as stable and predictable as possible, and even though Linux is wonderful stuff, workers are required to use what the company provides because we know it. It's not just Linux that can get a worker fired at my shop. It's any software that didn't come in through our department's OK. And all those cute little
That's an important distinction. Some IT folks just reflexively hate that which they do not know. That's the wrong way to go about their job, but it covers the butt well. My attitude (and our policies are derived from it) is that the company provides the PC, so we get to decide what it runs, based on what you need to do your work. You don't get to decide unilaterally what runs on it - we do.
However, we're not entirely closed off to running "other" things or operating systems. If someone came to us and had a reason they needed Linux to do their job instead of NT, I'd test to make sure it didn't interfere with anything else on the LAN (like a misconfigured Samba could), and they'd get their Linux after we tested it. But the important point here is that we are flexible, provided you follow the "right way" of making sure your software is OK. When people do that, and give us the chance to test things, we approve things unless we find a specific technical reason not to.
But if someday Linux became our standard desktop OS at my company, you know what? We'd fire people who used Windows without authorization. Wouldn't that be an interesting turnabout?
- -Josh Turiel
Have to agree (Score:2)
They didn't want to FIX machines. There was litterally a policy "If you can't fix it in 15 mins, escalate the problem". Anytime the problem required more than a scandisk or running some IT-aproved simple fix - then it was "rebuild" (which used a system much like ghost)
It made the job boreing and unbearable. I ENJOY finding problems. I don't want to have to look at a problem and "blow it away" just to have it surface again in a few months.
As for linux - I was one of those "Insurgent linux users". What was IT policy? Simple..."If its not standard software and hardware - we don't touch it" That was it - anyone can run whatever they want - if it breaks, don't come crying to us (unless its "100% aproved").
Was a very sensible policy, and it worked. Those who were able to manage linux boxen ran them. Those who could manage NT (which was unsupported for Users) could run it. Those who had Macs - could run them (though macs were unsupporte dbut we fixed them - was kind of a weird grey area for political and practical reasons).
Personally I think that what a person uses on their desktop machine doesn't need to be much of an issue. As long as they can handle any issues that come up, and they can get their work done - why does it matter? (other than some people feel a need to feel like they are in control of everything - I never did understand that mentality)
-Steve
Re:very classic (Score:2)
Don't be angry. Imagine being in charge of a department wide MS network that constantly has problems from the users up to the servers. The poor souls are killing themselves trying to get things working reliably, and so when someone suggests an OS they don't know or understand, they freak. Don't be angry, pity them.
Re:Damn... You just described my life. (Score:2)
I stuck it out for around 8 years at one place doing 3rd line support. I knew just too much about our core product, and was able to resolve more problems than the UK office of the software manufacturer. I was irreplacable - they just couldn't find anyone else who both understood the product and was able to fix it quickly when things went badly wrong, as was proved when I was off sick and confined to bed for a week.
Unfortunately the product we sold began to die off a couple of years ago, and my employer went into publishing their own product, which was clearly inferior to competing products. I ended up doing first line support for this junk, and I also had all kinds of *crap* landed on me by the head of this software team, such as trying to get document conversion libraries to to what they were clearly not designed to do.
After 3 months of this new regime I just walked out of the place, never to return.
Re:It's not that we hate Linux... (Score:2)
I know more about computers than most IT deparments. The last time I called the IT deparment was to ask them to set me up on the server side for VPN. The time before that was to get my static IP address. I know that most users are not like me, but if I had to call the IT department evertime I needed something installed or uninstalled or my registry edited or whatever, you'd want to assign an IT person to my desk as my personal slave.
I don't want a lot, I just want it all!
Flame away, I have a hose!
Re:Linux (its not about support) (Score:2)
Besides, who really cares if Linux gets on the desktop or has more installations. It is scarcely different from AOL gaining market share. If you use it an enjoy it, great, but it adds nothing to your user experience if every Tom and Joe uses it as well.
My Tuppence (Score:2)
What to do if Microsoft sneaks onto your network (Score:2)
After all, we fire anyone that brings Microsoft onto our network
Well, not really, becauses we'd lose all the fun of the instant bluescreens from the regular background radiation of death packets.
Re:Sneaky Linux. (Score:2)
----
Bane of IT (Score:2)
Yeah, because it makes IT obsolete. MSCEs are terrified of the day that they end up in the unemployment line because the users don't need them anymore.
---
How much power do IT mangers have, anyway? (Score:4)
In fact, at several companies I worked for, where Linux was definitely disapproved and IT was pissed off that I was running it, if the IT manager had pulled the stunt suggested by that quote (reformatting my hard drive), I likely could have gotten the IT manager fired, since I could have easily shown that such an act resulted in the destruction of valuable company property.
A good IT manager does not view the users as the enemy. If an employee is running an unapproved operating system (or any unapproved software), but does not cause a disruption for anyone else, a good IT manager will let that employee (and perhaps his or her manager) know that he can't expect any support out of IT, but that as long as he doesn't cause problems he can keep running it. If the employee's use of unapproved software does cause problems, or prevents that employee or other employees from doing their jobs effectively, then IT can get the employee's manager to intervene.
At one company I've worked for, every time anything went wrong on the network, IT tried to blame it on my machine, but in every case it was in fact determined to be a configuration error on their NT servers. For instance, at one point my machine was getting the same IP address as someone else's, so neither of us could use the network. IT claimed that the DHCP client in Red Hat Linux was broken, and assigned me a static IP address (becase they knew my manager wouldn't let them force me to run Windows). Afterwards, however, the same problem occurred with other people who were only running Windows. It turns out that in the interest of redundancy they were running two DHCP servers, but they were serving up overlapping ranges of IP addresses.
Then, months later, another IP address conflict occurred between my machine and a Windows machine. They were all set to blame Linux again, when I found out that they had expanded the DHCP pool to include several previously assigned static IP addresses.
After that they seemed to realize that I knew what I was doing, and that rather than trying to blame me for network problems, they should have me help out.
Re:IT people are assholes. (Score:2)
I can't stand people like yourself who sit around all day congratulating themselves over how above everyone else they are. You sit in your little cube gritting your teeth because IT won't instantly give you everything you want. You don't give a rat's ass if your freeware Backstreet Boys screensaver f*cks with the network, because you're the only one in your entire office who matters anyhow. They just must not understand it.
It's not your job to dick with your computer. Get back to fucking work.
----
More rubbish (Score:2)
Who cares.
What's important is how YOU would respond, not someone you don't even know, or care about.
Rich...
Re:"Reformat their hard drives" (Score:2)
They are in support positions. It's their job to make sure everyone can work and it's their ass when anyone can't. On the other hand, it's the programmer's job to punch out code all day, not to be spending time messing with your system. You tell me who ought to be dictating network policy.
It's not fair to the IT people to make them fully responsible for all of the computers on the network and then not give them carte blanche in systems management. They have every right to do what they need to to keep the systems running.
Of course, it's also IT's job to be responsive and give the developers what they need -- not doing so is like having the janitor refuse to wash out the restrooms twice a day. Still, recognize that IT still has to strike a balance between their budget, systems stability, the demands of other people and your needs.
----
"... GNU/Linux or I'll look for another workplace" (Score:2)
In the case of the second example you have better chances of achieving 'your' ambitions on the workfloor. If your willing to go this 'hard' way you can explain the power of OSS, the different license models and the business-risk reduction it brings in the longterm for your customers.
Remember to also pay attention to the functional requirements of your managers, services and your team members(probably in that order
Personally I'm in this second stage at the moment, I've installed about 10 boxes with Debian GNU/Linux [debian.org] ranging from critical production servers to desktops and test-environments for developers. I'm also gonna do a presentation about the methods and consequences of OSS methods for inhouse software. Eventhough I don't consider myself an expert on opensource software(TM) development or the GPL or any other license, I still feel I can teach my co-workers (and offcourse managers) something about this wonderfull (but slow) revolution called free software.
My presentation will be made available next month on: DebianLinux.Net [debianlinux.net]
Re:It's not that we hate Linux... (Score:2)
Windows may not be anything wonderful, but it's predictable, and we know what the important flaws are, and how to work around them for minimal user impact. We do use NT Workstation (and 2000 Pro on laptops), and we test patches and service packs before deploying them in production as well. I work for a corporate employer (an insurance company), not a small mom & pop company or a university or anything like that. Our idea of multiplatform development is writing COBOL code that runs on both the PC and on DOS/VSE.
Another thing the standardized environment gives us is the ability to actually take advantage of some of Microsoft's stuff - their development models aren't too bad in a homogenous environment. For instance, as a year 2000 project, our developers replaced a noncompliant mainframe-based financial system with a homegrown system based on SQL Server 6.5, writing procedures in COBOL to drive it. It works very well, and since the new system is on SQL Server, we were able to build an intranet site that uses embedded Office 2000 components to build ad-hoc queries off it. Since we built that, users can now get the information they need themselves and run their own "what if" scenarios directly from a web page - they don't need to have analysts go and do batch repots off the mainframe anymore. It may be Microsoft tech we used to do it, but it worked and it helped our productivity.
Unfortunately, you need Windows to use it. Virtually all our tools (and we have a lot of vertical market code in our company) are Windows-based, and, as a result of all this, Windows is our standard, for better or for worse. In a way, this reminds me of a discussion I was in on Usenet a few month ago. One fellow was insisting that vi + TeX was all a user should have for producing business documents, because the documents came out looking prettier, and that was what he gave his users.
I countered that I'd rather have nice, easy-to-understand writing from people made with tools that let them easily use things like mail merge, spell checking, and pasting in things from other programs if needed. In other words, Word (or other Office software). Let the users concentrate on just getting work done, and give them the environment and the tools to do so. If legitimate exceptions emerge, deal with them the right way when they happen.
It's not about power or ego, it's about doing our job (at least, that's how it is for most of us). Most people here who don't understand that will eventually, I hope, rise enough in their careers that they'll realize the difference.
- -Josh Turiel
"Reformat their hard drives" (Score:2)
> range from 'Reformat the hard drive and fire
>the person who installed that renegade
> operating system
I've worked at companies that made software, and at Research and Development departments where there was an IS/IT department that assumed our computers were not to be tocuhed.
Sometimes it got silly--like we were trying to ship a product that ran on WinNT 4.0, but IS would prohibit us from running WinNT 4.0! And if we'd complain to management (in this case it was John Warnock and Chuck Geschke) they wouldn't have a clue why were were trying to make life hard on the poor IS department!
We had to _sneak_ in operating systems that we were required to support for our product!
Currently, I work for a Research and Development group and I've learned to just humor the IS department. I let them set up my PC with Windows 98 and Norton Antivirus, etc, and as soon as they're gone I wipe it clean and install what I need to get my job done.
IS departments should support the engineers, not the other way around!
--- Speaking only for myself,
Sandbox systems (Score:2)
Whereas I work in the Math-Based Manufacturing Technology dept. for GM Vehicle Operations, corporate IS&S wants to maintain a sane network environment.
For that reason, I'm in charge of our dept's Windows 2000 engineering CAD pilot. We have sandbox Win2K boxes installed for testing of locally-developed applications.
Furthermore, the company is slowly moving to ONE domain for engineering (corp.gm.com). They've been told to eliminate compilers, eliminate locally-developed applications, etc. Yet, we have a business-need for those same locally-developed apps.
So IS&S has had no choice but to admit that, since we have a real business case, they need to allow us to KEEP those locally-developed applications and locally installed software, provided that testing is done in a locked-down sandbox area.
If we wanted to install Linux on a box or two, once again, they wouldn't have any choice. We would be ready with business case in hand, and they just wouldn't have a choice. They'd have to let us have our sandbox systems.
Limerick (Score:5)
Linux sneak'd to his desktop PC
The OS, not supported
His boss so purported:
"You're fired, we run FreeBSD!"
Re:Linux (Score:2)
Oh god.
With applications like StarOffice
You're not helping your cause.
Open source methods create the best software. BIND - 95% of the market. Apache - 69% of the market. Sendmail - 90% of the market.
And Office? Mathematica? Non-free software stands quite well on its own.
GNOME is an ideal replacement for it under Linux, and is actually more advanced.
...when it works. Maybe nautilis will be better, but gmc is crap. I believe even Miguel has send so in not so blunt terms.
Ease of use.
Completely subjective. I know many people who find the MacOS UI infinitely superior to Gnome/KDE/Windows
You've got a case of the "blinded-by-obession"s. Remember, what's best for you may not be best for another. Remember, Linux is all about freedom...some people choose to use non-free OS/software because they feel its better.
--------------------------
Re:But who are you going to call? (Score:2)
Tell me what makes you so afraid
Of all those people you say you hate
Re: (Score:2)
Re:Safe from packet sniffers? (Score:2)
No, the logic is that you _should_ be locking your doors (ie, using crypto) rather than just nailing some of them shut but leaving the others open and unlocked on the grounds that they are too small for a thief to find.
Trying to secure a network that spans more then a single room through physical security is monumentally stupid.
It's a corporation, not a democracy (Score:2)
Do I particularly care for it? No. In many ways its a bullshit structure. It makes work like some kind of proft-making bastard child of the Brehznev-era Soviet Union. It stifles innovation. But a corporation is an organization that relies on a coherent, structured and standardized environment to be effective.
If you don't like the rules, don't play by them. Go someplace else and make your rules/declare there's no rules. But don't break the rules that you voluntarily agreed to follow and then declare that the rules are unfair and that they don't apply to you.
I'm disappointed (Score:3)
When a sysadmin installs an OS such as Linux, Solaris, or even NT usually administrative privileges are withheld from the workstation user - with good reason.
However, if someone comes along and installs their own Linux distro suddenly you've got someone other than the admins with root privileges on at least one machine in the network. Hello, nmap. Hello, packet sniffers. Yes, you can encrypt everything to death, but it's better to keep prying eyes from ever seeing the sensitive data in the first place.
If I'm the sysadmin and you go and replace the OS you were given, you're damn right I'll be pissed. There goes all my planning. You are using the company's equipment and messing with something that it's not your business to mess with.
If Windows is handicapping you so much, tell me. If your sysadmin is so ass-backwards that he doesn't recognize a good explanation of the benefits you'll get from using Linux, then he's an idiot and what are you doing working in an IT department with this guy managing your systems? Chances are he's missed the boat on more than just this one issue.
If you work for a company with very, very strict rules in place about changes to the network, there's probably a reason for that. You should know better than to mess with stuff that 1) is not your responsibility and 2) others probably know more about than you do.
Why is it assumed that if the person is running Linux they must be some Unix god incapable of messing up their system (and possibly the services provided for others) quite royally?
--
hmmm (Score:2)
I'm a Sys Admin, I know of several boxes on our network running Linux (dual-boot or not), some of which are very useful boxes that we installed ourselves, some are ones that non-IT staff installed.
I work for a software company, however, and some of the software we produce works on Solaris, so people playing around with Linux isn't a big thing. We're not 100% Micros~01 here... At my last company, however, I had to set up a Linux box "behind the scenes" without letting my manager know. When I left they and they discovered the box they pulled out the network cable, and threw the machine out. (It was an old P75 - ideal for Linux
Support Issue (Score:2)
At my current work they gave me machine with NT 4 taking 4 gigs and 9 gigs of empty space. They said I could install anything I want, but they would only support NT and, surprisingly, FreeBSD up to some extent. I decided to go for BSD since I wanted to learn it. So I fixed NT in a usual fassion (mkfs) and had no problems with IT anymore. I also have Linux on laptop, use it in company. I know that almost every tech in my company uses either Linux or BSD, or Solaris for those with Sun boxes, graphic designers use Mac. The only thing they require is for you to be compatible (SAMBA to access printers, have to be able to read .DOC, etc). And officially IT is not supposed to help you if your Linux box is screwed - I know my bos got about 5 different Linux distros from IT when he asked for it - but officially they aren't responsible. Beyong that - who cares what you use as long as you do your work ?
On my previous work, when I was admin myself, I used Linux as universal troubleshooting tool - had it work as print server for Macs and reroute all print jobs to Netware server, etc. Had to fix couple of linux boxes for professors - it was a college work - I know that most other admins never bothered to fix Linux, or for that matter anything that they had any excuse not to fix. That's probably why some IT managers dislike Linux or anything else that is new - they don't know what security measures are needed for system, how to support it, would it interfere with anything (one of my friends used Linux with Netware, named machine/share or smth like that using Russian characters, half of their windows boxes started crashing when trying to browse network).
Simple Solution (Score:2)
I can almost hear them on the phone to accounting, "Yes, yes, we did get 20,000 hits on that one but the ad people said their server only sent 1,000 ads!"
Re:There are good reasons to prohibit. (Score:2)
There is no firewall here at all. This is a university, and all systems are out in the open.
If installing OS's at your site is a security risk then I would see why the IT people responsible for network security allowed anyone access to that machine at all. There might be good reasons to prohibit but this is not one of them.
First of all, there is no prohibition here on running anything-- my department's policy is that if you want to run a unix-like system, you should tell us, so we can help you run it securely (essentially, as few daemons as possible, and no cleartext-password services, no ftp of any kind, secure daemons like qmail or other djb stuff, etc.).
Exploitable unix systems are a risk, firewall or not. An insider could still break into a box.
sometimes you can't allow different oses (Score:2)
Support
A lot of organisations have to deal with lusers or even worse: self proclaimed power users who regularly make a mess of their workstations, and the organisation spends money to keep everything going. Allowing ppl to use something different can set a precedent. How are you going to explain to a user that (s)he can't use this application when another user installs a different OS ? (anyone who's ever been a sysadmin knows what i'm talking about)
Security
Some organisations have security requirements. Some are even required to be able to prove that they are secure. This is usually done by getting certification from experts who will create a setup that has been configured and tested to be secure. Linux isn't secure, nor is WinNT, but they might be when they're run in a specific setup. Allowing users to do things differently means you cannot guarantee security on your whole system, simply because you don't know how it's been set up.
Compatibility
In some organisations software is used that's not compatible with non MS OSes. My current client requires me to use Outlook to plan my days so they can see what i'm up to. Even though i might not like using Windows, I don't know a way to do this on Linux (yes i know about Outlook web access, but you need a server for that). Other organisations have custom applications, same story.
This is all I can think off right now, but there is probably a lot more.
Bottom line is that a lot of organisations are Windows based, and it might not always be possible to do anything sensible with a Linux box in those.
Re:Just like company email servers... (Score:2)
ftp over the ftp.exe program to your unix box
then strings | grep -i copy
FTP.EXE is an example of Microsoft programs using BSD licensed code.
If BSD licensed code is forbidden in your company, so is Microsoft.
silly article. (Score:2)
Manager: "This new server -- why are you ordering it with Linux?"
Admin : "We use linux increasingly for all our servers, and a few programmers are using it as well."
Manager: "Shouldn't we just use NT?"
Admin: "Nope. My calcs show about $10,000 in software licensing if we use NT, but only about $500 if we use Linux."
Manager: "Okay."
[Actually, the fact that she let us do it was a ray of light in an increasingly gloomy workplace]
PS: We need permission to install Linux -- I got some heat awhile ago when I put a linux box on our net without approval. After I explained why, they left it up.
From an IT Management standpoint (Score:3)
Our network infrastructure is NT 4 w/ Exchange, so everyone has a Windows box. The developers have two boxes, NT and Linux, and they are responsible for their own Linux boxes.
However, that didn't stop a bad Samba configuration from causing nightmares. Samba is getting close to being banned.
It decided to claim to be the Master Browser, but the PDC was and knew it was right. Faulty election code, and the Samba box forced enough elections to crash my PDC.
Is this buggy code on MS's part? Absolutely. Was I annoyed? Absolutely.
Linux creates new headaches if SAMBA is installed. Without SAMBA, there really isn't much of a reason to worry about it. Let it do its own thing.
It is likely being used as a workstation, and you are not going to have licensing issues (normally), so there isn't a problem.
If someone is setting up an unauthorized server... well that person may need to be fired.
Now, a tolerant IT staff will have a policy on unsupported systems. They should allow them without support, but if they disrupt others, they need to be decommissioned. Rediculous overreactions are stupid, but having no policy and allowing a free-for-all is asking for spending Friday nights at the office debugging...
Alex
Did you actually read his post? (Score:3)
Did you actually read the post you're now slamming? His comments were, imho, quite reasonable. If you consider them Draconian, I wish you luck finding an employer that meets your requirements of an IT department.
its the people who USE those workstations that make money for your company - not you or that IT department.
This narrow minded view is about enough to invalidate your entire post. Does the concept of a team effort mean anything to you? The presence of programmers, marketers, customer service reps, etc. wouldn't be worth five cents without a solid IT department keeping it all running. Don't think for a moment a qualified group of network admins doesn't help a company make money.
Indeed, one of the biggest concerns when a company is being considered for a contract is the quality of their network. Speaking as a programmer for a company that's been scrutinized and approved by more than a few large corporations, I assure you that one of the key factors of our getting contracts is the quality of our network and the reliability of the systems.
by definition people who use workstations should be allowed to do whatever they like assuming that they dont interfere with the network in any way.
By definiton? Oh, please. The definition of a workstation is not "You can do whatever you want with it, as long as it doesn't hurt the network". Your workstation is not your responsibility when it breaks, or when it acquires a virus. It's IT's responsiblity. They're the people who will be held accountable for your workstation's functionality, not you. Therefore, it is most certainly not yours to do with as you please.
'd be really horrified to work at a company which didnt let me install the OS i liked on the machine i have for my exclusive use.
Again, I wish you luck finding an employer that meets your somewhat skewed outlook on reality. I'll also assume you didn't read his entire post, because he explicitly stated that if somebody presented a good reason to install an alternate OS, it would be considered, tested, and approved or disapproved. It's not Draconian as you'd like to scream and wail, it's the protection of their time and their responsibilities.
Another point. It's not your box, it's not yours for exclusive use, and it's certainly not your property. If you're home sick one day, the company has every right to let somebody other than you use the system, or log into it to look up something in your mail. It's a reality check: The computer isn't yours.
if i want to be my own admin what rights does the IT department have to fiddle with my personal workstation or fire me ?
This should be obvious by now, from what I've covered above, but I'll say it again. It's not yours. You didn't pay for it, you didn't install it, you don't maintain it. The computer belongs to the company, and the company can do with it whatever it wants. How is it you don't understand this?
you must be at some really brain dead firm to be considering policies like that.
Well, the rest of your post isn't worth responding to, so I'll just leave it at that.
Re:I'm disappointed (Score:2)
If you ask that incompetant guy "why did you install Linux?", and he replies "But Bob two cubicles over has Linux", you're stuck.
Which brings us right back to the beginning... IT. Someone in the company needs to say, "these are the company computers and this is what you're allowed to do with them." And users installing their own software shouldn't be one of them. Then you can ask the much more appropriate question "Who authorized a installation?"
It's all about power. The end is predictable. (Score:4)
As someone here pointed out, the glass house saw PC's as a threat to their power base, and IT created policies against them. They're doing the same thing with Linux--it's something they don't understand, don't want to learn, that cuts into their power base.
The article chronicles Netware sneaking in when mainframes dominated. Then NT slithering in when Novell dominated. Now Linux is permeating (currently) NT dominated shops.
Anyone else see a pattern here? Ultimately, Linux, FreeBSD, or other open source tools will come to dominate because they meet the needs of the organization.
Just like computing managers saying things like "PC's are just a fad, big iron and dumb terminals are where it's at" adapted or left, those saying "Linux is non-standard, unauthorized, and a fireable offense" won't be able to stay in denial forever.
Re:Of course (Score:3)
This really bothers me, but I try to keep mum because it's been addressed before. This is supposed to be "News for Nerds" not "News for Linux users".
You may not use Windows 2000. I use it all the time. I like it. I like Linux as well, but Linux has a LONG way to go before it even touches the usability in the GUI department for me.