Linux: Renegade or ally?

[William Knowles <wk () C4I ORG>]

http://www.nwfusion.com/careers/2000/1016man.html

Here's some advice about what to do when Linux moves into your network
uninvited.

By DENI CONNOR
Network World, 10/16/00

You may not plan to deploy Linux on your network, but that doesn't
mean that your company's users won't sneak it in. As the operating
system makes inroads in the enterprise, you need to decide whether you
want it on your network before a renegade user brings it in unnoticed.

The use of unauthorized software and hardware has been the bane of
IT's existence. When mainframes were prevalent, the PC-based Novell
NetWare often moved in through the back door, led by departments that
said mainframes and minicomputers didn't give operating flexibility or
application capability they needed. Before long, NetWare was the
dominant network operating system and IT managers complained about
unauthorized Windows NT workstations and servers entering the company
through that same old door. Now that Windows 2000 and NT are
displacing NetWare, IT has Linux to worry about.

If you discover Linux on the network should you treat it like any
other application added without your control, or welcome it into your
overall IT plan?

The answer depends on whom you ask. Some readers Network World
interviewed were starkly intolerant; others were more forgiving. In
many cases, IT managers dismissed any incursion of Linux as just that
- a hostile takeover of the network that shouldn't be tolerated.

Although, most folks say they would slap the hands of the offenders
who add anything to the network that IT hasn't approved; some would
take harsher measures.

"Destroy their servers and fire them," says Jeff Shapiro, director of
technology for the Kingsport, Tenn., public schools.

"IT organizations have standards and policies and renegade anythings
should not be tolerated," he says. "If the company's IT structure is
so weak that it's politically impossible to prevent or correct this,
then it points to larger problems within the organization."

Chip DiComo, network manager for shipping firm Hellman Worldwide
Logistics in Miami, says, "Linux should be dealt with as any other
standards violation . . . and removed."

However, DiComo concedes that he recently worked out a compromise with
a group of technically adept users in Poland who are running Linux on
the company's global network. "We're allowing them to run Linux as
long as they allow us to manage it with Novell Directory Service," he
says. The IT pros in the Polish office support the Linux box and
understand that if anything goes wrong, it's up to them to fix it.

Others recommend taking this type of moderate approach and assessing
how Linux fits into the IT infrastructure before you decide to rip it
out. Consider the merits of the Linux operating system, such as the
fact that it's free and in-house teams can develop to the source code.
What's more, look at the applications and hardware your company uses.
If Linux will play a part in the network, you need to find a way to
support it.

"Investigate to determine if a business case has been presented to
management for the offending box," says Mike Maday, network manager
for the Art Institute of Chicago in Illinois. "If so, we'll be blessed
with managing it. If no management approval exists, take it down
quickly."

One department of the school insisted on using Linux to share about
30G bytes of Macintosh files even though IT suggested other options.

"We sat down with them and agreed that they could use their Linux box
as long as our phone didn't ring when they had critical problems,"
Maday says. "So far, we haven't heard one thing from them since the
meeting we had a few months ago."

For Mike McKinney, an IS manager for Americorp Financial in
Birmingham, Mich., it's important that the rules of introducing new
technology to the network be followed so you can retain control. "IS
management and staff must support all operating systems and guarantee
that they work on all third-party applications and other hardware we
have," he says.

Americorp's IS department is thinking about using Linux for a Web
server, though McKinney notes that the majority of its third-party
applications don't support the operating system.

Regardless of how you feel about Linux, discovering it on your network
may be more difficult than it appears. In many cases, it has been
deployed on Web servers that IT may not control. That's why it's
important to keep a careful watch over your own back door to see
what's coming in uninvited.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".