On April 8th 2014 the extended support period for Windows XP and Office 2003 will finally cease. No more security updates, no more paid support, 3rd party support will end, dead.
If you are still running and supporting Windows XP or Office 2003 this is pretty bad news. If your organization has any form of IT Security or Privacy Compliance to deal with (PCI DSS, HIPAA, SOX etc) this is really bad since it could put you out of compliance and facing the threat of fines or worse. To be clear this isn’t a small problem either, Feb 2013 browser stats suggest between 22.59% and 38.99% of PCs were still running Windows XP.
Install Request Tracker
Since covering an install of Request Tracker 4 on Debian (Part 1/2, 2/2), my most common request has been a guide for Ubuntu. A lot of the material is the same, since Ubuntu is a derivative of Debian.
This guide assumes you are installing a fresh install of Ubuntu 12.04 LTS Server onto a new computer or virtual machine. I have chosen the latest LTS release as it will be supported for far longer than regular releases. These instruction should also work on any version of Ubuntu released after 11.10 (minor changes may be required).
A couple of weeks ago Paul Brislen posted a really good post on the TUANZ blog about PABX security. It seems some criminals had used a local companies phone system to route a huge number of international calls, leaving them with a colossal ($250k!) phone bill. These attacks are increasing common, and I have heard a number of similar stories.
Phone systems increasingly rely upon IP connectivity and often interface with other business processes, putting them in the domain of IT. But even if your PABX is from 1987 (mmm beige) and hasn’t been attacked yet, doesn’t mean it won’t be.
Both Telecom NZ and TelstraClear NZ have some good advice to start with, and you might find your PABX vendor can also give expert advice. Unfortunately many PABX systems are insecure from the factory, and a number of vendors don’t do a great job with security.
In a previous role I ended up managing several PABX systems spread across multiple sites, and learnt a few lessons along the way. Here are a few tips to get you started:
If you live in NZ, or follow the IT Security press, you are probably aware of a security flaw recently discovered on public kiosks at the MSD (Ministry for Social Development). The story has really gained traction, spreading quickly across Twitter and the International press.
In short, it was possible to open sensitive files across the organisation using the Open File dialog in an application, on public kiosks, in Work and Income NZ offices. This sort of problem is as old as network file shares, and trivial to do. For more information I highly recommend reading the original Blog post and the follow-up posts by Keith Ng.
Not all of the facts are available, but it seems there are three good lessons we can all take away from this breach:
Have a quick look around the IT press, and you will notice a number of articles discussing BYOD and the Cloud as being disruptive to the industry. This isn’t exactly a new trend either – it happened with the original PC, Inkjet Printers, PDAs, Laptops and many other new products. They were all revolutionary at the time, and allowed people to work in new ways.
Many people in IT get defensive and even angry about new tech. Someone outside IT will buy a shiny new toy, then try to use it at work. It might work and no one in IT is the wiser, but it often leads to confrontation between the user, their manager, and IT. Do this a few times and you quickly become known as the Department of “NO!”.
It could have killed you
As a SysAdmin I am used to being around potentially dangerous situations like people working with high Voltage/current power feeds, fire suppression systems, heights and dealing with heavy equipment. The cost of a mistake can be serious, and possibly fatal. However, these are all jobs where you need to hire a trained professional to do it.
There are plenty of other hazards to deal with. I have had several computers burst into flames, dodgy wiring (230V has a bite..), and there was the time a Doberman try to attack me on a site visit. There are also the less exciting/entertaining little cuts and bruises, tripping hazards and the ever present stress.
Continued from Part 1/2
Previously we covered installing Debian and configuring some basics. This time we dig into installing Request Tracker 4 and making it work.
Install Required Packages
Edit your APT sources file:
Previously I talked about why you need a ticketing system, this post (and the next) will cover installing Request Tracker 4 on Debian 7 using packages.
Install Request Tracker
This guide assumes you are installing a fresh install of Debian 7 onto a new computer (or virtual machine). I strongly recommend using 1GB+ of memory. Feel free to change settings to suit your environment and use your favorite text editor (vi, emacs, butterflies etc) instead of nano.
Like most Sysadmin’s you have a lot of projects to work on, issues to resolve, and still somehow try to stay sane(ish). You have a big long to-do list, but the odd things are getting missed, your team can’t easily delegate requests to each other, you don’t work as a team, some projects aren’t getting worked on, and you have to deal with the consequences.