hi all (again) Simon's comments here on Becta's position re Open Source are spot on and i understand his position. Like many organisations the technical people understand the correct and appropriate use of Open Source, but have difficulty in explaining the benefits to senior management and others. as i said at the seminar on Tuesday, the main role Becta has with OSS is telling people that it exists and what it does. We cant promote a Linux distribution like Suse, (or as matter of fact a single excellent supplier like RM). We can however explain the pro's and cons of certain solutions (like our recent Thin Server review), of which the Open Source-based solutions faired very well. Oh by the way like lots of other ISPs (incl IFL) the NGfL servers use the following Solaris (almost OSS :-) Linux Apache (NES has been taken out completely) MySQL JServ (we also use commercial JRun) PHP (extensively) Perl/CGI (a lot) Sendmail, Postscript and Exim OpenLDAP (replace Netscape Dir Server) Cisco's TACACS server for authentification for routers and firewall (yep it's Open Source) MRTG (for traffic monitoring, although we also use Open View) regards Malcolm (Simon, i'm in the Didcot area next Wednesday, you can buy me a pint for the 'excellent') ------------------------------- Dr Malcolm Herbert Head of Technology R&D, Becta 02476 847126 Mob: 07801 612438 -------------------------------
-----Original Message----- From: Simon Rainey [mailto:srainey@rmplc.net] Sent: 27 July 2000 17:02 To: Frank Shute Cc: suse-linux-uk-schools@suse.com Subject: Re: [suse-linux-uk-schools] Re: Fw:
Frank,
Since you want to clear up speculation, perhaps you could explain why your company felt it was necessary to lean on Becta to stop them `promoting' the use of OSS in schools.
I can't comment on corporate policy and was not aware that anyone had influenced Becta against OSS.
Personally I think OSS is a good thing, as witnessed by the fact that practically all the software IFL uses is OSS. However for the average school, and primary schools in particular, I would question whether the skill set is available to install and manage a network based on Linux / OSS. Please don't take this the wrong way - there is a small and growing group of schools who are using Linux very successfully. However I can see that it might be irresponsible for an organisation such as Becta to endorse the use of OSS at this stage.
- All the core services run under Linux with the exception of RM EasyMail and virtual web servers where users wish to use FrontPage extensions, which for commercial reasons run under NT.
SMTP: Sendmail and Exim POP3: Qpopper ... < useful cracking info snipped >
Any half-decent hacker would have no problem whatsover in discovering what O/S and software is used on any given system. Giving out such information is not considered a significant risk.
- Owl is the only server on the IFL network that is open to telnet. It is required by a small number of developers who have a virtual web server on the machine and need more than FTP access. They are too mobile for us to restrict access using lists based on client IP address. Regular checks are made to ensure that owl has not been compromised and firewalls are in place to prevent it from being used to attack other hosts in the event that it is.
I guess you haven't heard of ssh. Now where's that clue-stick.....
The users in question do not wish to use SSH. We could insist on it, but there has to be a balance between security and useability. We are happy that the server is sufficiently secure. There is an obvious risk in sending plain text passwords across the Internet, but this applies just as much to FTP as to telnet.
On the security issue, we recently commissioned an extensive independent audit and were assessed to be "significantly more secure than the majority of ISPs".
Regards, Simon.
Simon Rainey E-mail: srainey@rmplc.net Principal Internet Consultant RM IFL Engineering Internet for Learning, Research Machines plc, New Mill House, 183 Milton Park, Abingdon, Oxfordshire, OX14 4SE, England.