Fun fact: The outdated software runs on outdated hardware, too.
In January 2021, Microsoft pushed a kb that would make your server reboot constantly if it was running server 2012 and was either a domain controller or a hyperV host.
Guess how many domain controllers went down that day.
Yeah but domain controller so hard to migrate and so sensitive! Better let them rot on old unsupported software versions!
i mean yeah but bean counters up top want me solving the current emergency (caused by similar forms of neglect from years ago)
ill get to it when it breaks i guess
So fight bean counting with bean counting
Best formula is average employee pay × number of employees × time to fix = money lost.
The trick is to find a solution that is lower than money lost.
Say 20 employees at €35/h for 4 hours. €2800 is how much the company lost in wages.
You will find bean counters are more acceptable to a €5000 server over 5 years if it prevents €2800 of lost wages per patch Wednesday.
i wish i was in a good position to argue them out of their dumb greed.
Please tell me that was a bad patch and not on purpose
Who knows? :D
Trigger me timbers
What has two thumbs and just spent all week hectoring the boss to upgrade from Server 2008 to 2022 so docker and ssh would finally work?
👍🏻👍🏻
Well girls, we’re living in the future now! Five new 2022 servers, all turned into dumb ssh+docker nodes in my job cluster!
Wipes brow with a trembling hand
Grumble grumble… they wouldn’t let me upgrade to Linux just yet though… But the plan is coming together… evil laugh
Do they hate money? Paying for Windows server just to run docker is an expensive option.
TBF all the jobs are a decade old and written by our researchers in dotnet framework as Winforms apps I hacked up to be console apps so it’s gotta be windows. I’m converting them one by one to dotnet core and moving them to my Linux containers but it’s a slow process and I’ve got a v1 release to prepare for next month.
Everyone is just stoked that no longer do a half dozen researchers have to twice a day log in to their pet server, open their Winforms app, run it, and copy paste the results to a shared drive. Now my docker harness does it all on a scheduled task triggered automatically from rundeck server I manage. WE’RE LIVING IN THE FUTURE BABY
I’m sure it’s not that simple but .Net is and has been on Linux https://learn.microsoft.com/en-us/dotnet/core/install/linux
Docker images I have run dotnet in a container but the docker server host is Ubuntu. Though I really should flatten it and run it on proxmox.
However, it’s not like that would save real dollars on licensing we have Windows servers still for AD et. al. and therefore have to license all CPU cores in a hypervisor cluster so having fewer windows servers is irrelevant in our environment with regards to license costs.
Oh yeah, all my code is dotnet core running on Ubuntu servers in docker.
Just all this legacy code is written in dotnet framework which doesn’t run on Linux, and requires some moderate effort to switch (relies on libraries that are framework, and those also rely on framework libraries, etc)
It’s completely possible, but for now, I’ve got these 2022 servers running “good enough” to go to production, and I’ll convert them as soon as the first issue arises.
I feel ya man. I spent a year arguing for the existence of a pilot environment.
Because when you test in production, it’s bad, mmmkay.
Oof that’s a rough one indeed!
Me: “Hey whats that feature we need to implement into our software?” Boss: “Ntlm passthrough” Me: “… Hey boss about 90% of the stuff i find online is about how ntlm is insecure and should be shut off wherever you see it?” Boss: “Yeah… But everyone still uses it everywhere. Just implement it and dont think about it.”
Cries in Windows Server 2003.
I’ve said it before and I’ll say it again - Cybersecurity as an enormous global industry owes it’s existence to Microsoft. Period.
If Microsoft suddenly disappeared, cybersecurity would be more like Accounting - basic systems, managed in-house.
I was going to make a Linux joke being why my company’s security has been stable… Until the XZ Utils exploit.
Yes, cybersecurity wouldn’t disappear, it just wouldn’t be the humongous, roiling, clusterf**k it usually is.
Name a high-profile breach on a *nix system not due to configuration (user) error. I’d add “or a hardware/firmware hack” but you get the idea.
Just this months patch tuesday notes:
Today is Microsoft’s August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day.
Sure, security vulnerabilities exist in the linux world, but luckily not that many.
yes and no. if you look at the number of reported CVEs, debian takes the crown of all operating systems. still feeling more secure on linux than any closed source system
Yeah, that’s because there’s an entire cottage industry of people scraping old bug reports, and linter errors to create CVEs they can sell to customers worrying about security. It creates a huge number of false positives. E.g. see https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/
I think any measure that is looking at a raw count is going to be meaningless. Particularly, comparing raw counts between open and closed software.
(Running machines with windows 2000.) You guys are running windows server 2008?!
Real story: our primary and backup DCs are still on server 2003. 🫠
Can confirm.
We have several Server 2008 still running.
On the bright side not my problem to fix.Just don’t as me about that switch that is 2 generations old or the AP that has +1000 days uptime.
For context, Vista was 2007.
Vista and Windows Server 2008 are very closely related. In fact, they even use the same installer for Service Packs.
And server 2012 has the windows 8 Fullscreen start menu (and classic shell is compatible, if you can’t install SP2). In recent years I hear they’re separating from year/Pc version parity? Thankfully I now work in Linux admin, so that’s not longer my concern.
GCC 4.1.2 on linux 32-bits system. No worries it’s only for hospitals…
Guys who just got put in charge of managing our end of life process
<---- this guy
Servers are about to die
My system at work was built in the late 1960s, but it’s not Microsoft software, so it’s all good
One of my friends recently commented on how its funny that they have Server 2008 experience. They’re 21 years old and just graduated college last fall, meaning that was a server they encountered in the Year of our Lord, 2024
Shoutout to the accountants still running RTS Advantage in 2024 via vDosPro
Accountants have it hard even if they do keep up-to-date. We migrated one to a new server, but some of their clients still use archaic versions of accounting software. Unfortunately beyond a particular age it won’t activate the new install, so they are stuck telling the client to upgrade or continue to run the old server as well.
The British government still uses Windows 98 in some capacity, I believe.