On Thu, 16 Nov 2006 20:50:58 +0000, Roy Schestowitz wrote:
> The psychology of a Windows user
>
> ,----[ Quote ]
> | It was then that I told him that my theory was that Windows was an
> | operating system that was for people that have nothing better to do than
> | constantly fix problems and remove spyware. Windows is a time burner
> | that doesn't really allow you to get any real work done. It was his
> | reply here that stopped me and got me thinking. He said "you don't
> | understand, I like to tinker with my computer".
> `----
>
> http://www.applexnet.com/node/565
I like tinkering, too. Just finished one round of tinkering which:
a) Affected some 6,000 users
b) Had no discernible negative effects on any of 'em
c) Caused many of 'em to write in or call in with comments such as "Right
on, this works great!"
One thing I really, really, REALLY like about Linux is its concept of
modularity.
Take, as a simple example, email management. Mail comes in to, say,
postfix. Can be handed to top-level filters such as postgrey,
blacklists, etc. Postfix hands off to Amavis. Which in turn hands it
off to spamassassin, clamav, etc. Amavis hands back to postfix. Postfix
hands off to the delivery agent (eg Cyrus). Agent delivers to mailboxes,
to be picked up later, via pop, imap or webmail.
Note that any component of that can be switched out for a different
component, which is nice. However, the other thing you can do is put
your own components in (or configure existing components) to see what
_would_ happen.
So for example, suppose I want to put in a blacklist. I can tie that
right in at the postfix incoming level. I can check each email against
the list, then record what would have happened if the blacklister were
active. If it's doing the right thing, I can enable it for active, rather
than inactive, processing.
Of course, all this generates a lot of log activity, and, frankly, the
default log manager for the system really just isn't enough for the job,
so in goes something such as syslog-ng. Considerably more flexible
filtering of what goes where, plus a few more options on just where that
"where" can be.
'Course, since I've got decent logging, that gives me other options, such
as periodically checking the authorization logs to see if there are any
attacks on the ssh ports; if so, add the little blighters to the
hosts.deny file. Automatically; I don't have to worry about it, they just
automatically go in.
'Course, there are other issues to worry about, but, of course, I've got
tools for alerting me about them, or dealing with them automatically.
Yes, I like tinkering. I also like it when that tinkering improves
performance for my users, security for my servers, and workload for me.
Long live tinkering - where it's worth doing.
|
|
