This from
the GNOME sysadmin team via
Slashdot:
We've discovered evidence of an intrusion on the server hosting www.gnome.org
and other gnome.org websites. At the present time, we think that the released gnome
sources and the gnome source code repository are unaffected.
Wow. In the last six months, Debian, Gentoo, and GNU (twice!) were compromised.
Now GNOME... say what you will about the state of things with Windows servers - goodness
knows it's not perfect. Just how hard is it to harden a Linux server on the
net, when the sysadmins of these übervisible websites can't get it right?
I first had my eyes opened wide to the threat of widespread security problems while
I was working for MS PSS, on the IIS team, during that wonderful summer of Code Red,
Code Blue, Code Red II, Nimda... there was more, but I've lost count. Staying
up until all hours of the night helping the world's sysadmins that had been caught
with their pants around their ankles (so to speak) led me to make a promise to myself
- that I was never going to work for a company that allowed security and patch management
to be so slack.
When I joined my current company, in my first week I decided to get an idea of what
the security situation was - it took me two days to get all the data, format it, and
determine a good course of action. As fate would have it, a new critical patch
was released during those two days, rendering my work obsolete... that pissed me off
like I'm sure all too many of you would understand.
In the pursuing 6 months, I took HFNetChk's XML output, built an app that would scan
Active Directory for servers, use HFNetChk to scan them, wrap the XML up, ship it
to a central webservice, and used ASP.Net to put together a decent looking (I'm no
designer, but I thought it looked good) reporting website. Now, we've got all
26 sites polling and submitting data for over 2000 servers worldwide, and we know
exactly which servers need what as soon as Microsoft releases a patch. SMS 2003
and Group Policy handle the workstations - not my jurisdiciton. It's special, and
I'm damn proud of it, but I'm sure a good percentage of the people reading this could
do the same - but have you? Have you decided to pick up NetIQ's Security Analyzer,
or some other tool to do your patch management? What's your story?
Microsoft's
Security Summit is coming up, and there's actually a breakout session scheduled
for Patch Management - I'll be there... in Raleigh, not the previously reported Charlotte
- longish, boring story. Are you planning on going? Why? Why not?
It is, after all, free.
- G
This
work is licensed under a
Creative
Commons License.