l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2002 Oct 03 12:10

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] ucsb outlaws win2k and NT 4.0 from its resnet
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] ucsb outlaws win2k and NT 4.0 from its resnet

Quoting dugan@passwall.com (dugan@passwall.com):

> AFAIK, we don't charge money. Though this would be very effective, you
> would be amazed at how many different departments have to be "on-board"
> before money can exchange hands at a state university, *and* it is very
> likely that you (personally, or your department) won't even be able to
> keep the money, as it will go to build new housing, or parking lots, or
> help pay for a new building. If you are lucky, it could pay for
> networking/telecommunications infrastructure, but collected money often 
> does not stay to help the place it was collected.

I can well imagine.  The loss of money on the student's part would have
its therapeutic effect on that end, though.

> Here, I would go one step further in the line of the BOFH, and have a
> function that is linear at least, or exponential at best.
> Say, "Deposit=$100(incident)" or "Deposit=$10^(incident)"
> Do you know how much bandwidth many of the DDoS use? How about the
> latest SSL worm? This impacts everyone. The cost of the used bandwidth
> is often far greater than $100. If you include the cost of HR to
> diagnose, troubleshoot and actually make the change, it is even higher.
> Passing on the cost to "fix" the problem would be easily above $100 for
> each incident. Depending upon the work, it could easily exceed $1000.

I like your thinking.  

The strategy behind my approach involves the supposition of finding the
problem early, ending it efficiently via disabling the student's port,
and setting up a situation where the student is motivated to prevent its
recurrence.  In so doing, it would aim to fix the structural problem in
the original situation, namely that action (running incompetently
insecure systems) had been divorced from consequence.  

People behave irresponsibly with depressing regularity when they can
pass off consequences to other people -- in this case, the university
NOC staff.  The best remedy is, speaking in general terms, to repatriate
that responsibility, where it belongs.  

The larger society does that, for example, with automobiles.  

"Hey, man, I'm not responsible for running over that pedestrian.  My
brakes are shot, and I'm not a mechanic.  You can't expect every citizen
to be a car expert."

"Tough.  You're responsible; find a way to deal with it.  Hire a
mechanic, or buy a new car every time your brake pads wear thin:  We
don't care.  It's _your_ problem."

running over -> DDoS
pedestrian -> everyone else on the Net
mechanic -> someone to set up and advise you on your computer system

And so on.  Time to put an end to this notion that you're not
responsible for what your computer does to other people.

[Happy outcome, including sysadmin beer bash:]

> Working at a university, I can say that too many people would disagree
> with this. However, this procedure listed above could be *very*
> effective at a university - the very place where people would strongly
> disagree with using it. If the network were permitted to be less stable,
> then the call for a fix would be better received. (Along the lines of
> allowing terrorists to blow stuff up pushes Americans to be quite happy
> to go to war and go blow the enemy's stuff up - not saying this is what 
> really happened, but that it would be very effective if it were done.)
> (Certainly, my prowess at *getting jokes* is often not up to par, so
> your #4 comment could entirely be a joke, in which case this part of my
> response would seem rather silly. :-)

The beer-bash part was somewhat tongue-in-cheek, but the notion of Papa
Darwin being an excellent teacher was not:  Immediately shut off ports
of people whose machines attack others, and make recovery the _owners'_
problem, and you'll be surprised how quickly they learn to cope.

> At universities, there is often a duality of contradiction:

Oh, believe me, I do know.

Hi! I'm a .signature virus! Copy me into your ~/.signature  to help me spread.
Hi!p I'm a .signature spread virus! Copy into your ~/.signature to help me
Hilp I'm .sign turepread virus! into your ~/.signature! help me! Copy
Help I'm traped in your ~/signature help me!       -- Joe Slater
vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.