14 thoughts on “One Of The Many Reasons…”

  1. “Why would anyone use Microsoft on their server?”

    I’m guessing because products like MSSQL don’t run on Linux, among other reasons.

  2. I’m guessing because products like MSSQL don’t run on Linux, among other reasons.

    And what’s wrong with MySQL? To me, that sounds like “because products like Microsoft Office, or Internet Exporer” don’t run on Linux.” What’s so magic about MSSQL?

  3. The question could also be, “What’s wrong with Oracle?” The 800 pound gorilla of databases has bet it’s company on Linux. If you’re running a serious database shop, you’re running Oracle on Linux.

  4. IIS is a favorite target.

    You have to be pretty clueless (or lead by the clueless) to depend on it for mission critical stuff.

  5. MySQL – ***shudder*** If you want to use a powerful, scalable, well-supported open source database, please consider PostgreSQL instead. Far better in my (enterprise data architect) opinion. OK, MySQL is easier to throw together as a small, single-system setup without much expectation of performance. But anything other than running blogs or few-user apps requires something better.

    In any case, though, as much as I detest IIS and SQL Server, the security hole is apparently a SQL injection attack, and that has nothing to do with IIS and SQL Server per se; rather, that is a black mark against the coders on these sites, who haven’t done their user input parsing correctly. It could as easily have happened with any other web server/database combo, assuming equally clueless coders. I suspect that this particular combination was chosen primarily because the combination is well known and well understood, and because MS systems are generally run by lower-quality administrators and programmed by lower-quality coders, which makes those systems more vulnerable.

    Let me say, before I offend (or to remove any offense that I may have given), that I know some excellent admins and coders who work extensively or exclusively on MS products. However, there are only 10% of IT staff in the top 10% of IT staff, and since you (as an IT manager) tend to put your best people on running/coding for the most difficult-to-get-right-enough systems, the best people tend to end up on UNIX or mainframe systems. The economy as a whole balances out this way, too: UNIX experts command higher salaries (statistically, not necessarily in any individual case) than Windows experts.

  6. SQL injection attack

    This reminds me of a well-known web site, which I shall not name, where entering “O’Hare” into a certain web page caused an SQL error (due to the single quote causing the parse to fail when they lazily stuck the string into an SQL query.)

    I hope they’ve fixed that since then.

  7. Many moons ago I did a course to convert from UNIX sysadmin to NTServer admin.

    The first thing the instructer said was:

    “You will notice that you have to reboot NT a lot more than unix.”

    He was right.

  8. “If you’re running a serious database shop, you’re running Oracle on Linux.”

    Nope. DB2 on z/OS.

  9. As with many things there are several categories to consider with system selection: software costs, implementation lead times, interoperability, and maintenance needs.

    MS products are easier to implement over all and provides access to a very extensive support base. Microsoft also has Active directory which gives an admin the ability to affect changes to thousands of users or objects with a single click of a mouse. Compared this to Unix which doesn’t have a slick user interface and a powerful directory system like MS active directory or Netware NDS. Microsoft does however have very high license fees and software costs.

    One has to be really on their game in order to implement and configure a robust UNIX system. However, once a Unix system is properly setup the cost of maintenance is extremely low compared to MS products — set it and forget it. Unix is a much older network operating system when compared to Windows NT based systems and therefore is more stable and has a wider hardware compatibility base. Unix costs a lot to implement because the admins fetch higher dollar and development lead times are high.

    Linux is free to procure which offsets implementation costs but there are a lot of question marks ???? when it comes to support on the free distro’s. Relying on support through internet forums is not gonna cut it when major outages are costing your company millions by the minute. Then, in the end who would you hold accountable? Things are changing a lot for Linux, though, in that companies like Novell are moving in the open source arena and pairing up their Netware services with a Linux based desktop.

    Overall, Unix is hard to beat, especially for upper level implementations that would service an extremely huge object base. Next, Linux would be hard to pass with such low implementation costs. Windows would be the next consideration for middle tier system implementation and mission critical support functionality. Then, in the end don’t forgot Netware and even the Mac OS X. Mac OS X makes for a great kerberos authentication portal or Apache server.

  10. Finally, just wanted to add that MS is just being hoisted by their own petard when it comes to virus infections. If Mac or Linux gained market share to over come then no doubt they would have 1 million viruses target their system structure as well.

  11. Of course, the problem was that this attack was on data types that were supposed to be protected from SQL injection attacks, and so even some relatively careful codes may not have been checking the inputs.

    Still, this is a well known problem

  12. I’m not going to address Josh’s FUD, because it’s too pathetic to waste my time on it. However, Rand’s experience with Fedora upgrades was troublesome indeed. And it’s on the Web for everyone to see. I think it’s a clear signal that not everything is so great in Linux. The operation should be as painless as an upgrade from XP to XP SP2. This reminds me, I really need to talk to Seth Vidal about old off-arch packages getting stuck and derailing upgrades.

  13. This is probably too late to mean much, but Jeff Medcalf is right. I’d use Microsoft in a small shop without hesitation. The OS uses the hardware less efficiently, but because so much of the “easy” stuff is simple, Microsoft IT guys are usually the guys that can’t do the Unix/Linux stuff; of course, the “hard” stuff is impossible, but the minimum ease of doing anything on ‘nix systems is higher and the IT guys that can do it cost more.

    The same goes for programming. In Microsoft Visual Studio it is so easy to edit, test, debug, build, and package code that it’s great for developers that don’t understand the real lifecycle of software development. If you have one or two people on your team maintaining a low-visibility system, you can’t beat Microsoft develoment languages. But, if you have a team of 10 or 20 people and your system is viewed by 10,000 people a day, you need to be more careful coordinating edits, releasing code, building the code identically in several different environments so that you can test it before release, etc., and you can’t even do that with Microsoft; it wasn’t until Visual Studio 2005 that they separated the build engine from the editor so that you could build on a headless box. Microsoft has so many applications because any community college graduate can write mediocre code for their system, which is a good thing and I don’t want to downplay its role. But, you need really good developers to be working on the big systems and they will always be in Java or other “industrial strength” languages. I’m one of the best programmers I know (in all modesty), and I started in Microsoft, but when I interview potential developers, only knowing Microsoft is a flag that they’re not very good. It’s not 100% accurate, but it’s a starting place.

Comments are closed.