Serious investigations into UNIX and Windows

[Ted Mittelstaedt]

> -----Original Message-----
> From: Micheal Patterson [mailto:micheal at tsgincorporated.com]
> Sent: Tuesday, October 26, 2004 9:23 AM
> To: Ted Mittelstaedt; TM4525 at aol.com; stefan at swebase.com
> Cc: questions at freebsd.org
> Subject: Re: Serious investigations into UNIX and Windows
>
>

> >
> > I've seen the stuff with my own eyes.  It ain't pretty.
> >
> > If you think that administering a Windows server is so simple then
> > answer the following test:
> >
> > How do you lock down an Exchange 5.5 server to prevent a spammer from
> > using it as a relay.
> >
> > I know how to do it.  No, it does not involve grubbing around in the
> > registry.  No it is not documented, either.  I know for a fact that
> > it isn't because I was in the conference call
> > where we had to do it, and the Microsoft support tech himself told us
> > it wasn't documented.
> >
>
> Are you referring to reconfiguring the IMC with:
>
> "Reroute incoming SMTP mail", then in Routing Restrictions,  selecting
> "Hosts and Clients with these IP addresses" and leaving the data fields
> blank?
>

Yes, this is a perfect example of what I'm talking about - as this is
non-intuitive, and not documented in the help files.  Nor on the Microsoft
knowledge base, although now it may be.

> If that's the method that you're talking about, it's only "non-documented"
> within MS's help files. It's plastered all over the web. Do a search on
> google for "MS exchange 5.5 open relay" and just look at the info that you
> get. If that's the issue that you're discussing, someone in your admin
> section just cost the company the price for the trouble ticket
> for no reason
> because they didn't bother to look for it.
>

When this call took place was a number of years ago, the Exchange
servers that we are installing today are not 5.5.  This was right after
the open relaying with 5.5 began to become a serious problem - because
the UNIX servers had been rapidly switching off promiscious relaying
and the spammers were switching over to Exchange servers for relaying.

All those websites that your talking about started popping up AFTER
people like us started bitching at MS about this - and if I recall right,
you have to have one of the service packs loaded on Exchange for this
to even be in the IMC.  I don't remember if this went in as a result of
problems with spammers relaying through 5.5 or 5.0 though, it has been
some time since we dealt with one of these older servers.  5.5 doesen't
run correctly on Windows 2003 server after all.

>
> People in the type of network that I'm in, only use Windows for
> applications
> that require it's use. Telerad, Centricity, and various other medical
> software that requires MSSQL. All other applications here on my
> network are
> using FreeBSD from 4.9 to 5.3.7 or AIX.
>
>
> Oh, yes.. I've had my share of issues with Windows. Just as I've had with
> every other OS that I've used. I also know how to use login
> restrictions to
> force users out of the network so that the backups can occur to reduce the
> amount of open file skips as well.
>

That is a fine idea except that SQL manager keeps the database file
open so all your doing is -reducing- as you say, the number of open
files.  It doesen't work for exchange either.

And yes, there are of course ways around these problems, you can write a
script to shut down exchange, run your backup, then bring it back up,
if you want to use the free backup included with Windows and not have
to pay thousands for veritos.

But I never said it's not possible to DO these kinds of things under
Windows.  What I said is that administering Windows is as complex as
administering UNIX.  And by the time you get done writing your scripts
and such for Windows to make it usable, well there you go.  Complexity.

> > > The human race as a whole, is always looking for something to
> make doing
> > > something easier for them. That's what drives our desire to
> contstantly
> > > design new technology.
> > >
> >
> > Hate to wake you with the clue phone but WE don't design new technology.
> > The people who design new technology are the companies that produce
> > it.  And they have agendas OTHER than just making your life easier.
> > Such as making money.  Why do you think that there's a new version of
> > Microsoft Word every couple years?  Can you tell me with a straight
> > face that each new version of Word has made it easier to type a
> > typical business letter?
>
> Clue phone? How about letting me smack you in the forhead with a clue bat.
> You speak about companies having other agendas. Yes, that's true.
> Pray tell,
> do answer the inevitable quesiton. How is it that companies, corporations
> and other big business are able to make that profit?
>

If they are in a competitive market they generally provide what the
customers want to buy.  Often that includes propagandizing the customers
into wanting the item in the first place - companies like Pepsi and
Coke are good at that - and sometimes it actually includes providing
things that the customers really do need and want.

But the rules change in a monopolistic market, they change very greatly.

> Do they force their wares onto the unsuspecting public and force us to
> purchase them?
>

Monopolies do, as a matter of fact.

Before the breakup of AT&T in the 80's, the Bell Telephone company was
the phone monopoly.  Sure, you can argue that nobody NEEDED a phone and
nobody was FORCED to buy a phone - this is technically true, but
completely unrealistic.  Even in the 70's society was so integrated
with the telephone that if you were living in the typical home, a
phone was a requirement.  You were, in fact, forced to have it.

Sure, some people didn't have phones.  People who might have lived
100 miles out in the boondocks or some such.  A few diehards didn't
have them.  But, allowances were made in society for those people,
simply because the number of them were not great.  Sure, the local
police precinct had a walk in counter that your phone-less person
could come down and fill out a paper criminal report.  But if everyone
in society tried to do that, instead of calling them in, they couldn't
have managed it.

You have a very naieve understanding of how modern monopolies operate.
A monopoly does not HAVE to force EVERYONE in the general public to
buy their products.  All they have to do is get ahold of the market
and by default, everyone ends up being forced to buy their product.

If for example, I cornered the milk market, and every gallon bottle
of milk sold in the country I controlled, sure, someone could refuse to
participate in my monopoly and never buy milk again, or milk products.
But the first time they went to a friends house and ate dinner there
that had a dish that was prepared with my milk, now they are
participating in my monopoly.

>
> Do they force upon you the car that you drive, the furniture in your home,
> the home you live in, is that forced upon you by anyone? Wait for it, wait
> for it. Clue bat time.
>

Perhaps not the furniture, but your forgetting a little something about
the car that I and you drive.

You think that everyone has a choice to buy and use a car, don't you.
I'm sure you do.  But did you ever stop to think for a moment that
everyone who drives a car buys gas from the same people, and those
people all buy oil from a couple of places in the world?

Some of the examples your spouting are not monopolies, and so there is
choice available.  But it doesen't take much to find monopolies
involved with them, or near monopolies.  Particularly in auto
manufacturing.  Parts like the catalytic converter - there's only
about 3-4 manufacturers in the world that make them. (engelhard, etc.)
Airbags - TRW is 1 of about 2, and TRW makes most of them.  SRS
(airbag computers) look up Autoliv, they are the monopoly for that.

You sound like some kind of primitive conservative that thinks that
the world's economy is filled with companies that are just waiting
with eager little tails wagging to compete with each other.  It
ain't like that at all.

There's lots of monopolies out there in many different segments.
Many are good monopolies, in fact, the majority of them are not
what would be called malevolent.  As many exist solely at the
sufferance of many governments out there, most of them are well
aware that they need to be on their good behavior.  And many
of them are tolerant and even encouraging of young upstart
competitors, as much innovation comes from those competitors, and
if the competitors ever do hit on a good idea, it is much
cheaper to buy them out then to spend the money on R&D themselves.

But there are a few evil monopolies that do great damage.  OPEC
is one.  Microsoft is another.

>
> Let's talk about the net for example.
>
> The Internet wasn't designed by corporations or big business. It has it's
> roots in a very small amount of people. People who thought, hey,
> wouldn't it
> be cool if we could do this? And the rest is history. Big business and
> corporations take the credit for many things that has come to pass since
> recorded time within the industrial revolution. However, when you
> look right
> at it, WE, as in the human race, have thinkers, and people who are able to
> step beyond the bounds of their constraints and "imagine" what something
> would be like. It's called ideas. You have them, I have them, we all have
> them. This is the basis for our technology, not companies or corporations.
> The companies / corporations and big business take the credit for their
> conception and implementation, but it all boils down to a single thought
> process of one person.
>

The Internet wouldn't have ever existed if that core group of thinkers
were completely underwritten by millions of dollars of academic research
money provided by those corporations and big businesses.  Don't you
realize that the 56k dedicated circuits that made up NSFnet in the
beginning cost something like $10,000/mth?  You really need to go
read up on the history of the Internet!!

The people that started the Internet were able to leverage a huge
amount of grant money and such (provided by the US taxpayers, mostly)
and spent enormous sums for very small amounts of bandwidth to get
it going.  The internet most definitely did NOT come out of a garage.
Your confusing the history of the Internet with the history of the
personal computer.

> easier.  I know
> you think I'm wrong. I'd like you to consider a few things though please.
> If you prefer meat in your meals, would you raise cattle, swine, chickens?
> If you like vegetables, fruits, and such would you grow a garden
> for all of
> your needs? Do you like bread? Do you bake it yourself? Due to
> convienience
> and limitations on where you live, chances are you don't do
> either of those.

I don't do those things because it is cheaper for me to just buy them
from the store.  This has nothing really to do with convenience, in
fact, I would be quite willing to be more inconvenienced to grow
vegetables in the back yard, etc. simply because they taste far better.
But, the cost in water, renting/maintaining machinery, and so on
is higher than just buying them.  Sure, I could use a hand hoe, but
there is not enough time in the day to cultivate the acerage needed
to be self-sufficient purely by hand.  Even farmers 150 years ago
that did this used horses, and back then property ownership was quite
different - if you wanted property you just rode out and killed some
Indians and there you go - instant land.

> > Windows WAS simpler than UNIX.  No longer.  You need to get out into
> > the field again, you have been sitting behind a desk managing things
> > for too long.  I'd love to see you setup a Active Directory network of
> > any size that contains mixed Windows versions.  You would lose a lot of
> > these misguided preconceptions.
>
> Ted I do this every day. I have 4 hospitals, 3 cancer treatment facilities
> and currently 29 other remote locations that are running Windows
> AD, behind
> FreeBSD firewalls, whose internal systems, are anything from
> Windows 98, to
> Windows XP Pro that all converge to the central center via ipsec tunnels.

And how long did it all of this take to get setup?  And since Windows is
so simple according to you, then why don't you quit and let your bosses
hire some $25K a year greenhorn to take care of all this?  I'm sure
you would think that it would just go humming along with no problems.
Har har!

You take any inexperienced Windows 'administrator' (and I use the
term loosely) block diagram out your network, give him a bank check
and tell him to go duplicate it.  You wouldn't see more than 2% of them
be able to do it.  So much for Windows being 'easy'  It's only easy
if you know what your doing.  But, then again, so is UNIX.

Ted