Re: [tlug] Networking two Linux computers harder than Linux toWindows?

["Stephen J. Turnbull" <stephen@example.com>]

Godwin Stewart writes:

 > There is, I think, a big difference between desktop software like a
 > media player, graphics package or mail client, and server software like
 > a webserver or a DB server. That the former category "just works" seems
 > perfectly normal to me. Not the latter, which caters to a totally
 > different user base because it has a totally different function.

Your definition of "normal" seems to imply "sane".  That is
unrealistic; "the norm" includes spam and 95% market penetration for
an OS that collects malware the way the space under your sofa collects
hairballs.

 > [I]t's a zoo out there. Whoever is managing the server has to be
 > mindful of that and do whatever s/he can to protect the server from
 > attack. That takes knowledge, experience and information channels
 > that the average desktop user probably doesn't have or even know
 > about in the first place.

Which is an excellent argument for prohibiting the sale of Microsoft
Windows and probably Mac OS X too.

Ain't gonna happen, though.  All we can do is try to educate new users
... and that isn't going to happen if we don't take their frame of
mind into account.  They are conditioned to believe that epidemic spam
and malware is the fault of the bad guys, not their own lack of
personal hygiene, and that there's nothing they can do about it,
except to give money to an industry which exists in symbiosis with the
bad guys the way crooked cops live off bribes from drug dealers.

 > The non-BOFH-geek ought to go at least part of the way towards becoming
 > a BOFH-geek if s/he wants to start mucking about with server software,

Sure.  Isn't that exactly what DaveG for one is doing?  Hey, AFAICS he
figured out the firewall angle for himself, so (a) he's progressing
rapidly and (b) he actually has a firewall.

The problem is that he wasn't there for the Internet Worm (hell, of us
all probably only Jim Breen actually saw that happen, and maybe not
even him), Serdar Argic, the green card spam, the Kobe 'quake, and
Frethem; he probably doesn't know who Cliff Stoll is, let alone Gene
Spafford or Wietse Venema or Steve Bellovin, and I know he's never
posted to n.a.n-a.  Lacking that experience is no sin, but lack of
experience doesn't foster a proper paranoia, either.

 > and learning how to start daemons manually

But *nobody* does that any more.  As Arwyn correctly pointed out, a
Linux user would be crazy to not at least use stop-start-daemon, and
more likely the whole /etc/rc.d paraphernalia.  Hell, I don't even
know how to start Apache by hand any more; can you still just say
"/usr/sbin/httpd &" like with NCSA?  I haven't used anything but
/etc/init.d/apache for years because it gives more intelligible
warnings and stuff, and because many of the diagnostics are common
across all the servers I need to consciously manage.

 > and configure them is a necessary part of that process. Using
 > package managers and glitzy point'n'drool wizards while you're
 > learning is fine as long as the server you're administrating that
 > way is nowhere near a public network

Again, ain't going to happen.  Too many people are making a living off
those things.  They need to access their own systems from customer
sites and the like, or for work-at-home purposes, or to share with
their family, etc.

 > Maybe I'm just part of a nearly-extinct species: I don't *want* to run
 > software blindly.

Nah, it's not that we're growing fewer; our numbers probably double
every couple of years, and I don't even expect that to slow down for a
while.  The problem is that those who don't know anything at all, or
those who think they "know" that Ubuntu software is "safe", have been
doubling every few months since 2000.