HI all: How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled? Paul -- Sizofik a Ninila' Siyakhona? ポール
Oh, not a server but my home linux computer gets re-installed all the
time, luckly I have a server!! I just love to fiddle!!
At work though 2 of my 8 servers need re-installing as they are
running Mandrake 10 and you can no longer get updates!!
Jo
On 12/8/05, Paul Taylor
HI all:
How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled?
Paul -- Sizofik a Ninila' Siyakhona? ポール
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
On Thursday 08 December 2005 20:45, linuxgirlie wrote:
Oh, not a server but my home linux computer gets re-installed all the time, luckly I have a server!! I just love to fiddle!!
Indeed, that's a given with Linux, especially with so many tasty distros to try.
At work though 2 of my 8 servers need re-installing as they are running Mandrake 10 and you can no longer get updates!!
Not quite what I had in mind. I have an ISP running all of my client web sites on a Fedora server (I run a web hosting and design company with my 6th form as part of their AVCE - now GCE Applied). It locked up on Tuesday as all the sites run Mambo/MySQL. After a lot of hair pulling, shouting etc at my ISP they sent me a message today that the server had been hacked "probably" and that I had to ftp all the files somewhere and re-install the server OS. I am appalled and I wonder if this is something common with "reputable" ISPs? Paul
Jo
On 12/8/05, Paul Taylor
wrote: HI all:
How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled?
Paul -- Sizofik a Ninila' Siyakhona? ポール
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
-- Sizofik a Ninila' Siyakhona? ポール
Ahhh,
You mean hacked as in crack...sorry got confused there!!
Well I have stupidly had my hosting server (hosted by
flexihostings.net) hacked several times but never needed a re-install,
but these where just website hacks, the company once had the server
hacked big time, but it was then down for a day while they sorted it
out, they tend to always be doing maintenence on it so I assume it
must be pretty secure at the moment!!
Never had to re-install it myself though.
Jo
On 12/8/05, Paul Taylor
On Thursday 08 December 2005 20:45, linuxgirlie wrote:
Oh, not a server but my home linux computer gets re-installed all the time, luckly I have a server!! I just love to fiddle!!
Indeed, that's a given with Linux, especially with so many tasty distros to try.
At work though 2 of my 8 servers need re-installing as they are running Mandrake 10 and you can no longer get updates!!
Not quite what I had in mind. I have an ISP running all of my client web sites on a Fedora server (I run a web hosting and design company with my 6th form as part of their AVCE - now GCE Applied). It locked up on Tuesday as all the sites run Mambo/MySQL. After a lot of hair pulling, shouting etc at my ISP they sent me a message today that the server had been hacked "probably" and that I had to ftp all the files somewhere and re-install the server OS. I am appalled and I wonder if this is something common with "reputable" ISPs?
Paul
Jo
On 12/8/05, Paul Taylor
wrote: HI all:
How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled?
Paul -- Sizofik a Ninila' Siyakhona? ポール
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
-- Sizofik a Ninila' Siyakhona? ポール
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
I've had similar, my hosts have a RHES4 solution running I believe. My personal site was fine but another that I had (for a large gaming clan) hosted on one of their servers just 'disappeared'. It took me a while to even get more than a "we're investigating" out of them, all the whilst I was fielding questions from about three or four hundred gamers who were all blaming me (naturally). Eventually my hosts aknowledged that they'd been hacked and were trying to ensure they'd got the systems locked down more securely this time which was what was taking the time. They did refund me for the down time though, which was better than I've heard from some. My hosts are a little on the unusual side so far as practices go, its not been unusual for me to go to sleep with the website running on a php5 server and wake up the next morning with error e-mails as my php5 XML parsing script failed to work, only to discover the server was now running php4... and no communicatino from the hosts about it at all! About all I can say is that in my opinion servers getting hacked/cracked is inevitable. No matter how good you are at securing a server there are always liable to be new security holes found, and people trying to use them as soon as they're found. About the only thing you can really do is just insure that you're always backing up your site/servers regularly so that you're in a position where you can recover the site without too much stress. On 9 Dec 2005 at 8:32, linuxgirlie wrote:
Ahhh,
You mean hacked as in crack...sorry got confused there!!
Well I have stupidly had my hosting server (hosted by flexihostings.net) hacked several times but never needed a re-install, but these where just website hacks, the company once had the server hacked big time, but it was then down for a day while they sorted it out, they tend to always be doing maintenence on it so I assume it must be pretty secure at the moment!!
Never had to re-install it myself though.
Jo
On 12/8/05, Paul Taylor
wrote: On Thursday 08 December 2005 20:45, linuxgirlie wrote:
Oh, not a server but my home linux computer gets re-installed all the time, luckly I have a server!! I just love to fiddle!!
Indeed, that's a given with Linux, especially with so many tasty distros to try.
At work though 2 of my 8 servers need re-installing as they are running Mandrake 10 and you can no longer get updates!!
Not quite what I had in mind. I have an ISP running all of my client web sites on a Fedora server (I run a web hosting and design company with my 6th form as part of their AVCE - now GCE Applied). It locked up on Tuesday as all the sites run Mambo/MySQL. After a lot of hair pulling, shouting etc at my ISP they sent me a message today that the server had been hacked "probably" and that I had to ftp all the files somewhere and re-install the server OS. I am appalled and I wonder if this is something common with "reputable" ISPs?
Paul
Jo
On 12/8/05, Paul Taylor
wrote: HI all:
How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled?
Paul -- Sizofik a Ninila' Siyakhona? $B%]!<%k (B
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
-- Sizofik a Ninila' Siyakhona? $B%]!<%k (B
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Please do not send me Microsoft Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Karoshi: http://www.karoshi.org.uk Karoshi@Home: http://www.karoshiathome.org.uk
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
----- Paul Graydon Network Technician Haywards Heath College http://www.hhc.ac.uk (01444) 456281 "Joy is not in things; it is in us." Richard Wagner
--- Paul Taylor
HI all:
How many people on the list have had a Linux server hacked to the point that it needs to be reinstalled?
Do you mean this from the point of the computer being compromised maliciously, or via your own tinkering? If the former, then never. If that latter, then only once. Actually, people that say: "Oh, I had to reinstall Linux today, since XYZ didn't work" tend to do so because they're operating under the assumption that Linux acts like MS-Windows in that "a reinstall cures all". Not so. One of the challenges I often set people, is to _fix_ their Linux box without reinstalling. It's a really good learning-curve, and through doing it, it's surprising at just how much one can learn. Of course, I realise that it isn't always that straight forward -- especially where the machine in question is in a critical environent. But consider for a moment why you would need to reinstall. If your machine is "broken" it could be for any number of reasons. These might include: * A specific application fails to run anymore. * The init sequence fails. * Some applications randonly start to crash * The kernel panics. In all of those cases, it is trivial to attempt to ascertain why. If the first point, for instance were a daemon -- that is, a "service" program then: /etc/init.d/foo start will often tell you if it was successful or not. If it isn't then most daemons log to /var/log/<application>/<filename>. Tailing that file, might prove useful. The classic example here, is squid. I have had squid fail on few times. But nothing was being written to the logfiles. It transpired /var was full, so no logfiles could be written to. The caveat here is to always check the output from "df -h". Hardware failures though, tend to present themselves in many different ways -- but the precursor is usually where multiple applications that used to work, start to itermittently crash with SIGSERV or SIGABRT, or SEGFAULT. -- Thomas Adam ___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
On Friday 09 December 2005 22:34, Thomas Adam wrote:
Do you mean this from the point of the computer being compromised maliciously, or via your own tinkering? If the former, then never. If that latter, then only once.
A bit of both perhaps. My ISP told me that some critical system files had been damaged by hackers which caused the system to segfault on normal mode. I could log on in recovery moe and get my data files. I'm not sure however if the hacking was caused by my liberal application of open source files on the server without detailed security oversight.
One of the challenges I often set people, is to _fix_ their Linux box without reinstalling. It's a really good learning-curve, and through doing it, it's surprising at just how much one can learn. Of course, I realise that it isn't always that straight forward -- especially where the machine in question is in a critical environent.
I have done that on my home machine but was a bit nervy with a remote server. I also naively thought that paying someone to look after my server meant they would do just that. Their argument is that it was a root server that was managed by me (hence it was not very expensive).
Hardware failures though, tend to present themselves in many different ways -- but the precursor is usually where multiple applications that used to work, start to itermittently crash with SIGSERV or SIGABRT, or SEGFAULT.
The ISPs communiques seemed to point to a hardware failure which they claim was caused by malicious intrusions. Having said that, the ISP is Amen and they had industrial action over the summer (I couldn't get any help for 2 months) due to their takeover by Claranet and sacking of lots of people. Could it have been a disgruntled ex... With the ability of hindsight, I would not use Amen again. The trouble is that I needed a cheap server so that my 6th formers could learn the trade. They (me mostly) run a company to host and sell web sites to local schools, charities and companies. It was meant to earn credit for various bits of coursework but grew bigger than I really could cope with a full teaching load. It is also too big and time consuming for me to move elsewhere. This latest incident has meant lots of candle burning for me which I could do without as January exam season approaches. :(
-- Thomas Adam
___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
-- Sizofik a Ninila' Siyakhona? ポール
--- Paul Taylor
On Friday 09 December 2005 22:34, Thomas Adam wrote:
Do you mean this from the point of the computer being compromised maliciously, or via your own tinkering? If the former, then never. If that latter, then only once.
A bit of both perhaps. My ISP told me that some critical system files had been damaged by hackers which caused the system to segfault on normal mode.
I still fail to see how they could have arrived at that conclusion logically, seeing as they would need to examine a lot more factors than just a cursive-by-proxy diagnosis. No, I am still very much of the opinion that crackers haven't done much, but that the computer _possibly_ has some form of inherent hardware failure. Tracking that down is often time-consuming, and benefits from experience, and general observations over a period of time, depending on the hardware that's assumed to have failed.
I could log on in recovery moe and get my data files. I'm not sure however
if the hacking was caused by my liberal application of open source files on
the server without detailed security oversight.
The dichotomy you have, Paul, is that _suggestion_ of crackers invading your machine has been brought to the forefront, when, on the other hand, it could just simply be hardware failure. If you really do suspect that your machine has been compromised, then your safest bet is to backup ALL of your pertinent data, and reinstall. But consider for the moment, the effects this will have. Even if you are successful in doing just that, what's to say that reinstalling the machine's OS is going to fix whatever exploit was present to have caused it in the first place? I've alluded already for the need of a firewall -- is there such a setup in place, for the routed traffic to pass through one? If not, that's the first thing you should do -- and I can assist with that where necessary (essentially -- using IPTables). Backing up the data from a supposed infected machine may well mean (depending on what was exploited) that you also backup infected files. This is unlikely, but it could happen. There are a few general things you need to consider though. I'll go through some of them for you. Assume for the moment, that this machine hadn't been cracked, and was just being reinstalled for some reason. The data you would backup (to preserve persistency) would most likely be: /etc/ /home/ /usr/local/ You move all of that to another partition, or CD, or what have you. Then you reinstall, and you move all of that data back. Aside from having to play about with making sure the UID/GID mappings from the old /etc/{shadow,passwd} files matched the permissions for the files already created (the process of this is another email topic in its own right, and serves only as a theoretical concept in this context) -- it's also possible that you've moved an existing (and infected) account with you. So in situations like this, I would go as far as to employ a rigourous approach of: 1. For all Sixth-form students, allow login. 2. For anyone else, set their shell to 'rbash', or some such
One of the challenges I often set people, is to _fix_ their Linux box without reinstalling. It's a really good learning-curve, and through doing it, it's surprising at just how much one can learn. Of course, I realise that it isn't always that straight forward -- especially where the machine in question is in a critical environent.
I have done that on my home machine but was a bit nervy with a remote server. I also naively thought that paying someone to look after my server meant they would do just that. Their argument is that it was a root server that was managed by me (hence it was not very expensive).
Hardware failures though, tend to present themselves in many different ways -- but the precursor is usually where multiple applications that used to work, start to itermittently crash with SIGSERV or SIGABRT, or SEGFAULT.
The ISPs communiques seemed to point to a hardware failure which they claim
was caused by malicious intrusions. Having said that, the ISP is Amen and they had industrial action over the summer (I couldn't get any help for 2 months) due to their takeover by Claranet and sacking of lots of people. Could it have been a disgruntled ex... With the ability of hindsight, I would not use Amen again. The trouble is that I needed a cheap server so that my 6th formers could learn the trade.
They (me mostly) run a company to host and sell web sites to local schools,
charities and companies. It was meant to earn credit for various bits of coursework but grew bigger than I really could cope with a full teaching load. It is also too big and time consuming for me to move elsewhere. This latest incident has meant lots of candle burning for me which I could do without as January exam season approaches. :(
-- Thomas Adam
___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
-- Sizofik a Ninila' Siyakhona? ãã¼ã«
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
"The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net "<shrug> We'll just save up your sins, Thomas, and punish you for all of them at once when you get better. The experience will probably kill you. :)" -- Benjamin A. Okopnik (Linux Gazette Technical Editor) ___________________________________________________________ Yahoo! Exclusive Xmas Game, help Santa with his celebrity party - http://santas-christmas-party.yahoo.net/
Oops. I pressed the wrong button, and sent a partially-completed email.
Here's the full version.
--- Paul Taylor
On Friday 09 December 2005 22:34, Thomas Adam wrote:
Do you mean this from the point of the computer being compromised maliciously, or via your own tinkering? If the former, then never. If that latter, then only once.
A bit of both perhaps. My ISP told me that some critical system files had been damaged by hackers which caused the system to segfault on normal mode.
I still fail to see how they could have arrived at that conclusion logically, seeing as they would need to examine a lot more factors than just a cursive-by-proxy diagnosis. No, I am still very much of the opinion that crackers haven't done much, but that the computer _possibly_ has some form of inherent hardware failure. Tracking that down is often time-consuming, and benefits from experience, and general observations over a period of time, depending on the hardware that's assumed to have failed.
I could log on in recovery moe and get my data files. I'm not sure however
if the hacking was caused by my liberal application of open source files on
the server without detailed security oversight.
The dichotomy you have, Paul, is that _suggestion_ of crackers invading your machine has been brought to the forefront, when, on the other hand, it could just simply be hardware failure. If you really do suspect that your machine has been compromised, then your safest bet is to backup ALL of your pertinent data, and reinstall. But consider for the moment, the effects this will have. Even if you are successful in doing just that, what's to say that reinstalling the machine's OS is going to fix whatever exploit was present to have caused it in the first place? I've alluded already for the need of a firewall -- is there such a setup in place, for the routed traffic to pass through one? If not, that's the first thing you should do -- and I can assist with that where necessary (essentially -- using IPTables). Backing up the data from a supposed infected machine may well mean (depending on what was exploited) that you also backup infected files. This is unlikely, but it could happen. There are a few general things you need to consider though. I'll go through some of them for you. Assume for the moment, that this machine hadn't been cracked, and was just being reinstalled for some reason. The data you would backup (to preserve persistency) would most likely be: /etc/ /home/ /usr/local/ You move all of that to another partition, or CD, or what have you. Then you reinstall, and you move all of that data back. Aside from having to play about with making sure the UID/GID mappings from the old /etc/{shadow,passwd} files matched the permissions for the files already created (the process of this is another email topic in its own right, and serves only as a theoretical concept in this context) -- it's also possible that you've moved an existing (and infected) account with you. So in situations like this, I would go as far as to employ a rigourous approach of: 1. For all Sixth-form students, allow login. 2. For anyone else, set their shell to 'rbash', or some such. Locking down "/tmp" has been something that people have been doing since the year dot, and you'll see numerous references to setting "noexec" on the /tmp partition (if you have split it out to be a partition -- always a good idea, IMO), or creating a loopback file to act as a partition so that you can still mount it with noexec. But the problem with 'noexec' is that it is only effective as a 50% measure. The idea behind the 'noexec' mount option is to disallow users to run binary applications. The reason why this is most often applied to /tmp is that it's the one place (usually) that is world read, write, and executable. So I could place a program such as "wipeall" in /tmp. If you hadn't set 'noexec', I could run it: /tmp/wipeall ... if you had, and I then try to: /tmp/wipeall ... it would fail. But to get around that, is trivial. Assume it were a shell script: /bin/sh /tmp/wipeall would work, since the calling program is coming from /bin/sh -- which just exec()s /tmp/wipeall.
One of the challenges I often set people, is to _fix_ their Linux box without reinstalling. It's a really good learning-curve, and through doing it, it's surprising at just how much one can learn. Of course, I realise that it isn't always that straight forward -- especially where the machine in question is in a critical environent.
I have done that on my home machine but was a bit nervy with a remote server. I also naively thought that paying someone to look after my server meant they would do just that. Their argument is that it was a root server that was managed by me (hence it was not very expensive).
That sounds like a quick money-spinner, and a very good getout clause.
The ISPs communiques seemed to point to a hardware failure which they claim
was caused by malicious intrusions. Having said that, the ISP is Amen and they had industrial action over the summer (I couldn't get any help for 2 months) due to their takeover by Claranet and sacking of lots of people. Could it have been a disgruntled ex... With the ability of hindsight, I would not use Amen again. The trouble is that I needed a cheap server so that my 6th formers could learn the trade.
See above. I still disagree with their logic.
This latest incident has meant lots of candle burning for me which I could do without as January exam season approaches. :(
:/ It's annoying, for sure. I didn't realise you were taking exams in January. :) -- Thomas Adam ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
On Saturday 10 December 2005 14:32, Thomas Adam wrote:
Oops. I pressed the wrong button, and sent a partially-completed email. Here's the full version.
Alles ist frei
I still fail to see how they could have arrived at that conclusion logically, seeing as they would need to examine a lot more factors than just a cursive-by-proxy diagnosis. No, I am still very much of the opinion that crackers haven't done much, but that the computer _possibly_ has some form of inherent hardware failure.
I am of the same mind.
Tracking that down is often time-consuming, and benefits from experience, and general observations over a period of time, depending on the hardware that's assumed to have failed.
Hence I shied away from that this time.
The dichotomy you have, Paul, is that _suggestion_ of crackers invading your machine has been brought to the forefront, when, on the other hand, it could just simply be hardware failure. If you really do suspect that your machine has been compromised, then your safest bet is to backup ALL of your pertinent data, and reinstall.
Done, see above.
But consider for the moment, the effects this will have. Even if you are successful in doing just that, what's to say that reinstalling the machine's OS is going to fix whatever exploit was present to have caused it in the first place? I've alluded already for the need of a firewall -- is there such a setup in place, for the routed traffic to pass through one? If not, that's the first thing you should do -- and I can assist with that where necessary (essentially -- using IPTables).
I thought there was but now I suspect there wasn't. At least not a compete one. Oversight on my part.
Backing up the data from a supposed infected machine may well mean (depending on what was exploited) that you also backup infected files. This is unlikely, but it could happen. There are a few general things you need to consider though. I'll go through some of them for you.
I haven't done much on the machine for a while so I used an older, pre-exploit (??) version.
Assume for the moment, that this machine hadn't been cracked, and was just being reinstalled for some reason. The data you would backup (to preserve persistency) would most likely be:
/etc/ /home/ /usr/local/
You move all of that to another partition, or CD, or what have you. Then you reinstall, and you move all of that data back. Aside from having to play about with making sure the UID/GID mappings from the old /etc/{shadow,passwd} files matched the permissions for the files already created (the process of this is another email topic in its own right, and serves only as a theoretical concept in this context) -- it's also possible that you've moved an existing (and infected) account with you.
So in situations like this, I would go as far as to employ a rigourous approach of:
1. For all Sixth-form students, allow login. 2. For anyone else, set their shell to 'rbash', or some such.
Locking down "/tmp" has been something that people have been doing since the year dot, and you'll see numerous references to setting "noexec" on the /tmp partition (if you have split it out to be a partition -- always a good idea, IMO), or creating a loopback file to act as a partition so that you can still mount it with noexec.
But the problem with 'noexec' is that it is only effective as a 50% measure. The idea behind the 'noexec' mount option is to disallow users to run binary applications. The reason why this is most often applied to /tmp is that it's the one place (usually) that is world read, write, and executable. So I could place a program such as "wipeall" in /tmp. If you hadn't set 'noexec', I could run it:
/tmp/wipeall
... if you had, and I then try to:
/tmp/wipeall
... it would fail. But to get around that, is trivial. Assume it were a shell script:
/bin/sh /tmp/wipeall
would work, since the calling program is coming from /bin/sh -- which just exec()s /tmp/wipeall.
All sound advice I will have a go at.
That sounds like a quick money-spinner, and a very good getout clause.
Perhaps. Again, time is not on my side.
See above. I still disagree with their logic.
As do I.
:/ It's annoying, for sure. I didn't realise you were taking exams in
January. :)
Not me directly, but as bad as. I have 30 6th formers taking exams and in this age of league tables and value added, if they do poorly, I get the wagging finger of doubt. Who's be a teacher...technician...
-- Thomas Adam
___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
-- Sizofik a Ninila' Siyakhona? ポール
--- Paul Taylor
Not me directly, but as bad as. I have 30 6th formers taking exams and in this age of league tables and value added, if they do poorly, I get the wagging finger of doubt.
This really does piss me off. Leagues tables mean absolutely nothing in terms of good teaching quality. There was an interview with the headmaster of the primary school that came bottom of the recently-published league tables, on BBC Radio4. He was rather annoyed that his school has been "named and shamed" like this. So what if he came bottom? That bears nothing on the teaching ability of the staff. There's plenty of other factors that are considered, such as the funding of the school. Heck, it was a tiny primary school... What I like even more is that prior to OFSTED looking around the school, all the teachers are running around like headless chickens, desperately trying to pull the wool over the inspectors' eyes. It's pathetic. OFSTED should just turn up, and look around on a typical day... then see what happens. Of course, I realise that that is only one facet to the overall metric that OFSTED use in determining where on the league table to put the school, but even so, the league table does absolutely nothing in helping anyone determine what the school's ability to _teach_ is like. -- Thomas Adam ___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
--- Thomas Adam
What I like even more is that prior to OFSTED looking around the school, all the teachers are running around like headless chickens, desperately trying to pull the wool over the inspectors' eyes. It's pathetic. OFSTED should just turn up, and look around on a typical day... then see what happens.
I'm not defending the system at all, but this is "pretty much" the new OfSTED framework. We had 48hrs notice. There's only so much a school can sort in 48 hours, so... -- Matt ___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
This really does piss me off. Leagues tables mean absolutely nothing in terms of good teaching quality. There was an interview with the headmaster of the primary school that came bottom of the recently-published league tables, on BBC Radio4. He was rather annoyed that his school has been "named and shamed" like this.
I heard that one too. Equally interesting that the head of the top primary said it was nonsense on stilts as well.
So what if he came bottom? That bears nothing on the teaching ability of the staff. There's plenty of other factors that are considered, such as the funding of the school. Heck, it was a tiny primary school...
It is easy to blame the victim though. Many schools come low down on the tables because of low "value added". According to the faceless bureaucrats, a child's score on various tests determines their place in life. It also determines how many GCSEs they get or how high their levels are. If students do not get these results, then the school has not added value so is no good. I agree with you that it stinks. However, it conveniently masks the wider social issues that underpin poor performance from students like where they live and what their parent's do for a living etc. That is costly, blaming and shaming and working teachers like dogs to meet semi-meaningless targets is far cheaper and easier to manage. The only target I have ever set myself in teaching is how many young people I turn into decent adults. I see that as the only meaningful "target". I don't see it on any tables though.
What I like even more is that prior to OFSTED looking around the school, all the teachers are running around like headless chickens, desperately trying to pull the wool over the inspectors' eyes. It's pathetic. OFSTED should just turn up, and look around on a typical day... then see what happens.
Yes, smoke and mirrors is very much the name of the game. In most schools I have worked in the senior management either bully staff to do work for students or physically do it themselves. I have been to far too many inset days where the focus is the magic "C/D borderline". If you could potentially achieve a grade C if staff dictate a lot to you by forcing you to stay in after school, you're worthy. If you will never get a C, and therefore never affect the league tables, then you can *&%$ off. I think it is sickening. many senior staff I have worked with do not give a damn about how hard little X worked to get their G or E.
Of course, I realise that that is only one facet to the overall metric that OFSTED use in determining where on the league table to put the school, but even so, the league table does absolutely nothing in helping anyone determine what the school's ability to _teach_ is like.
As I said above, the league tables I believe are more based on how much higher your students achieve in various metrics than the number crunchers have predicted. The only real value of league tables is as a guide for middle class parents to decide where to buy their new or second home.
-- Thomas Adam
___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
-- Sizofik a Ninila' Siyakhona? ポール
This really does piss me off. Leagues tables mean absolutely nothing in terms of good teaching quality. There was an interview with the headmaster of the primary school that came bottom of the recently-published league tables, on BBC Radio4. He was rather annoyed that his school has been "named and shamed" like this.
So what if he came bottom? That bears nothing on the teaching ability of the staff. There's plenty of other factors that are considered, such as the funding of the school. Heck, it was a tiny primary school... ***The trick to use with OFSTED is that used by my sister who owns/runs a couple of infant schools/after school care units. Know the OFSTED rules so well that you can pull the inspectors to pieces if they so much as open
I heard that one too. Equally interesting that the head of the top primary said it was nonsense on stilts as well. ***Indeed, We tend to come top in the county and we're dropping the tests. As a private school the reason for taking part is to give a bench-mark against other schools, however jaundice the scheme is, it's all that many parents can use as a barometer. We complain every year in the papers how unfair it is, despite topping out. their mouths - she's even had one sacked! ;-) But then she runs her schools to a much higher standard than OFSTED demand. One is private the other was purpose built for a local council, so she sees both sides although neither are in 'deprived' areas. It is easy to blame the victim though. Many schools come low down on the tables because of low "value added". According to the faceless bureaucrats, a child's score on various tests determines their place in life.It also determines how many GCSEs they get or how high their levels are. ***Yes, it's about time that we started taking the long view in education and prepare people for jobs other than lawyers, chemists, pop-stars and footballers - oh, but that's okay, we can import all the menial workers we need and keep our own kids on social benefit until they die. Problem is that these people who are in an underclass at school become part of the criminal/fraudulent underclass that we spend the rest of our lives paying for and trying to "deal" with. When we should have "dealt" with them years before and helped them to be self-confident, socially aware individuals, with an understanding of their own strengths. If students do not get these results, then the school has not added value so is no good. I agree with you that it stinks. However, it conveniently masks the wider social issues that underpin poor performance from students like where they live and what their parent's do for a living etc. That is costly, blaming and shaming and working teachers like dogs to meet semi-meaningless targets is far cheaper and easier to manage. The only target I have ever set myself in teaching is how many young people I turn into decent adults. I see that as the only meaningful "target". I don't see it on any tables though.
What I like even more is that prior to OFSTED looking around the school, all the teachers are running around like headless chickens, desperately trying to pull the wool over the inspectors' eyes. It's pathetic. OFSTED should just turn up, and look around on a typical day... then see what happens. ***I also have to agree with Adam, there should not be any warning given of inspections since this skews even further in favour of the better off schools who can react to the tip-off, allowing what amounts to social destruction to continue unabated.
Of course, I realise that that is only one facet to the overall metric
Yes, smoke and mirrors is very much the name of the game. In most schools I have worked in the senior management either bully staff to do work for students or physically do it themselves. *** :-) Didn't one of Charlie's boy's have problems because of this - allegedly! I have been to far too many inset days where the focus is the magic "C/D borderline". If you could potentially achieve a grade C if staff dictate a lot to you by forcing you to stay in after school, you're worthy. If you will never get a C, and therefore never affect the league tables, then you can *&%$ off. I think it is sickening. many senior staff I have worked with do not give a damn about how hard little X worked to get their G or E. ***All we are doing is depriving children of their childhood with this obsession for tables. When my son's prep school tried to brow-beat my wife and I into coaching boy for his stats (he was already in the top stream), I told the school that although I didn't agree with homework at his age, we will support them fully in their efforts to educate boy, but I would not be party to pressurising him for the glory of the staff or the school. Even after his sats, they weren't happy with his high score that he obtained off his own back. I remember his teacher telling me that boy was 1 mark short off the next band in his English and she was going to appeal! (not to me!) We all know that when you turn the heat off in the hot-house environment, the blue-greens and the slimes slide back to their natural levels! Let's not burst their bubbles or burn them out before they begin to understand what potential they truly have. This mania is endemic. It always amuses me how the grades are given in reports. (I wrote our reporting system so I see a lot of reports) Wow, boy is truly remarkable, he was only average in political geography for this terms report, for everything else he was way above average - cool! Good boy! But then in the same breath they tell me he likes to chat in class! So is he not being stretched (even in the express maths set) or are the teachers flattering themselves? maybe we need to have insets on statistics and logic? Oh yes, and chalk throwing techniques, I think my boy would chat less if he had to keep a weather eye out for low flying gypsum ;-) Sorry, didn't someone have a puter to rebuild? ;-) that
OFSTED use in determining where on the league table to put the school, but even so, the league table does absolutely nothing in helping anyone determine what the school's ability to _teach_ is like.
As I said above, the league tables I believe are more based on how much higher your students achieve in various metrics than the number crunchers have predicted. The only real value of league tables is as a guide for middle class parents to decide where to buy their new or second home.
-- Thomas Adam
participants (6)
-
Adrian Wells
-
linuxgirlie
-
Matt Johnson
-
Paul Graydon
-
Paul Taylor
-
Thomas Adam