When you set up an internet connection for a customer you do everything you can to protect them, you set up a restrictive firewall, you have a proxy that enforces policy for web surfing as far as possible. You also use all possible means to block spam and viruses in e-mail before they reach the lusers that still believe Bill Gates will give them free Nokia cellphones.

After you did all the technical stuff, you tell everyone (you know it falls on deaf ears, but you have to try) that they must not visit those porn sites, that they must copy links in e-mail and paste them into their browser rather than simply clicking on them etc. So what happens when one of the lusers that actually listened goes to a legitimate website and still have his windows computer exploited? Or if they are lucky the lusers get a warning from their anti-virus software and the site gets blocked.

The sad part is that even very competent IT professionals have extreme difficulty to prevent all exploits on the internet even when they do all the right things. You can read a fascinating account in the Gauteng Linux Users Group mail list archives of such a case where someone’s web site got exploited by quite a nasty man in the middle attack.

In short, a windows server (every one says, we are not surprised) was compromised in a data centre and intercepted traffic from other servers on the same local network. By doing this it managed to redirect innocent visitors of well managed websites to malicious websites that attempted to compromise the visitors’ machines. You can read the gory details at http://www.linux.org.za/Lists-Archives/glug-tech-0905/msg00009.html and more detail at http://www.linux.org.za/Lists-Archives/glug-tech-0905/msg00026.html. Links to the whole thread is at http://www.linux.org.za/Lists-Archives/glug-tech-0905/threads.html

The real scary part is that you cannot do much about something like this because even if you do have a secure local net and the web server you visit has a secure local net, this type of attack can be done anywhere in the path between you and the web server you are visiting.

Be careful out there.

You may ask “What is a System Administrator?”

The answers you will find at http://www.sysadminday.com/ are as good as any. Being a System Administrator is a somewhat stressful job and turns you into a cynic very quickly (see http://www.sysadminday.com/time.html ) and you start hanging out in places like the scary devil monastery. Your (l)users also stop talking to you mainly out of fear of hearing the truth because the last time they complained about not getting e-mail you answered “Well, maybe nobody likes you anymore”

Why does one stay a System Administrator then if the stress is so much. You will find the answer in the scary devil monastery FAQ

Sysadmins are driven by a desire to _make_it_work_. We loathe non-functioning
pieces of crap. Similarly, we hate seeing equipment working at substantially
below its potential due to moronic admin decisions.

After a while, you quit and go to work for somewhere else, where you’re
promised you won’t have to be a sysadmin.
But the machine on your desk crashes every five minutes…