Yes, a can of worms... But general direction would be nice...

Shane Hathaway shane at
Thu Jul 16 15:15:23 MDT 2009

Sasha Pachev wrote:
> A) Tell him he's got it all wrong, he needs a sysadmin to run his
> system. Since he does not have a backup and who knows what his
> application does now after being hacked, he needs to re-install the OS
> on his dedicated server that is 1000 miles a way, and the application
> needs to be re-written from scratch to be sure.
> B) Find the offending code, remove it. Investigate the break-in, close
> the holes. Instruct him on how to make a backup and encourage him to
> do it regularly. Spend the rest of the time permitted by the client's
> budget securing the most vulnerable parts of the system.

The right answer is a more than B.  This sysadmin should also put the 
customer's application and configuration under version control and tell 
the customer that a complete reinstall is still necessary sometime in 
the next year or two.  That will give the customer time to consider 
alternate hosting setups that are easier to manage than dedicated servers.

> A real-life analogy to illustrate what I am talking about. Hwy 6 is
> dangerous, many people have lost their lives driving on it. When you
> go to Moab from Provo do you take I-15/I-70 route instead to avoid Hwy
> 6 just to be sure?

Our government spends a little extra money on highway 6 to make it 
safer.  So should the customer whose site was hacked.


More information about the PLUG mailing list