BOFH: Unfriendly ghosts

The expense of defence


Episode 33

"But why can't we visit the site?" the Boss bleats one morning when we shoot his idea of seeing the ghost facility down.

"It's a defence site," I lie. "They host defence computers as well as stuff for companies like us. They're probably not allowed to show people through their server rooms."

"We should just turn up unannounced and say there's some server problem that we have to fix urgently that can't be fixed over the network," the Boss suggests.

"That would assume (a) that we can create some legitimate sounding problem requiring a site visit, and (b) that we even knew where their site is," I counter.

"You don't know where our servers are?!" the Boss gasps.

"Of course not," the PFY says. "It's part of the contract. If we knew where our servers were, we could theoretically compromise the security of the country's distributed IT defence systems."

"Exactly what defence data is held at these sites?"

"We could tell you, but then we'd have to kill you."

"Perhaps we'll skip that bit then?"

"So we don't have to tell you?" the PFY says.

"Look," the Boss says, ignoring him. "We pay good money - no, VERY good money for this external hosting arrangement, and I'd like to know how it's being spent. I'm not paying top dollar for hosting when our critical services could be operating out of the back room of some office building! I want to see what we're paying for!"

"They don't let you visit," the PFY repeats "It's a security thing."

"Then perhaps we shouldn't pay!" the Head Beancounter responds, entering Mission Control from his lurk-point outside. "That's a financial thing!"

I realise now that this is a setup and the Boss has been committing IT treason in actively conspiring with the Beancounters to find some unmet SLA in our external hosting service contract, so as to derail the 'external hosting' gravy train of the PFY and myself...

"Maybe we can get some photos?" the PFY suggests.

"We'd want to see the facility," the Boss says.

"Both of us," the Beancounter adds.

"I'll make some calls," I say.

Half an hour later the PFY and I have a rough plan of them being hooded (for 'security reasons') at night (to 'coincide with shift changes') bundled in the back of a van and driven around local streets for half an hour before being brought up through the freight elevator to our ghost facility.

To disguise the server room a little, the PFY's going to flip all the floor tiles upside down, remove the rack doors and slap lots of anti-terrorism posters everywhere. We've also lined up a bouncer from a local pub to dress in khaki and 'act military', dropping the occasional bit of IT patter. To complete the picture we've asked the Boss and Beancounter to supply scans of their passports 'for ID verification and validation purposes'.

. . .

A day later and the Boss and Beancounter are ushered out of the freight elevator looking slightly dishevelled - thanks to the PFY's high speed negotiation of a couple of the city's parks.

"So this is it then?" the Beancounter asks angrily. "All that money for this?"

"State of the art facility, this," our bouncer says.

"It's no better or worse than we have in our own building!" the Boss snaps.

"It may as well be our building," the Beancounter fumes. "We're being ripped off!"

I'm wondering if the PFY can hear any of this, watching us - as he is - from the CCTV monitor beside the Halon release in the next room...

"And we pay all that money for THIS?" the Boss snarls as our security guard departs 'to do his rounds'.

"It's a state of the art room with redundant UPS, Environme-"

"I don't care if it's got state of the art bloody environmental monitoring with round the clock surveillance..."

"Actually, it has," I murmur.

"...we're being ripped off! This is never a defence facility! I worked in defence and they'd never use this sort of equipment."

"I think..."

"There's no log book!" the Boss says triumphantly.

"Pardon?"

"There's no log book - we didn't sign in and out - I'm sure that's part of the contract!" the Boss says triumphantly.

"They got photocopies of your passports."

"Yes, but we didn't sign in and out - it says they'll do that, in the contract!" the Beancounter says happily.

"So you're going to void the contract over a technicality?" I ask, rubbing my jaw thoughtfully.

"YOU BET!" the Boss says.

"And we'll go back to hosting it ourselves?"

"Hell no!" the Beancounter says. "The current on site facility cost us a fortune - there's no way we're going to expand it to house these servers! No, we've found an excellent hosting place in Luton which is dirt cheap."

"You're going host our servers in Luton?" I ask, looking at the CCTV camera, thinking about that scene at the end of Wag the Dog.

"Yes. Only it's cheaper if we provide the technical support - so one of you's going to have to be relocated to Luton."

"Luton?! Yes. Yes, I'm sure we can work something out," I say, creaking the door open. "I'll just let the security guy know we'll be leaving..."

*Nod*

>Slam<

HISSSSSSSSSSSSSSSSSSSSSSSSSSSSS


Other stories you might like

  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading
  • Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

    NotPetya started over there, don't forget

    US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.

    In a statement issued on Tuesday, the Cybersecurity and Infrastructure Security Agency said it "strongly urges leaders and network defenders to be on alert for malicious cyber activity," having issued a checklist [PDF] of recommended actions to take.

    "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," added CISA, which also advised reviewing backups and disaster recovery drills.

    Continue reading

Biting the hand that feeds IT © 1998–2022