Fun fact: The outdated software runs on outdated hardware, too.

  • themoonisacheese@sh.itjust.works
    link
    fedilink
    arrow-up
    44
    ·
    3 months ago

    In January 2021, Microsoft pushed a kb that would make your server reboot constantly if it was running server 2012 and was either a domain controller or a hyperV host.

    Guess how many domain controllers went down that day.

    • BestBouclettes@jlai.lu
      link
      fedilink
      arrow-up
      14
      ·
      3 months ago

      Yeah but domain controller so hard to migrate and so sensitive! Better let them rot on old unsupported software versions!

      • umbrella@lemmy.ml
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        2 months ago

        i mean yeah but bean counters up top want me solving the current emergency (caused by similar forms of neglect from years ago)

        ill get to it when it breaks i guess

        • slazer2au@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          So fight bean counting with bean counting

          Best formula is average employee pay × number of employees × time to fix = money lost.

          The trick is to find a solution that is lower than money lost.

          Say 20 employees at €35/h for 4 hours. €2800 is how much the company lost in wages.

          You will find bean counters are more acceptable to a €5000 server over 5 years if it prevents €2800 of lost wages per patch Wednesday.

  • Pencilnoob@lemmy.world
    link
    fedilink
    English
    arrow-up
    35
    ·
    3 months ago

    Trigger me timbers

    What has two thumbs and just spent all week hectoring the boss to upgrade from Server 2008 to 2022 so docker and ssh would finally work?

    👍🏻👍🏻

    Well girls, we’re living in the future now! Five new 2022 servers, all turned into dumb ssh+docker nodes in my job cluster!

    Wipes brow with a trembling hand

    Grumble grumble… they wouldn’t let me upgrade to Linux just yet though… But the plan is coming together… evil laugh

      • SirDerpy@lemmy.world
        link
        fedilink
        arrow-up
        21
        ·
        3 months ago

        There’s two ways to perform every task. There’s the way we say and maintain the illusion of doing. And, there’s the practical way we actually get the work done. If we don’t maintain the illusion then they’ll cut budget. If they cut our budget we can’t even afford the practical way, let alone what they think we’re doing.

        Your success in this position will be determined by how quickly you learn both processes and how well you choose which is appropriate for the situation.

      • Pencilnoob@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        edit-2
        3 months ago

        TBF all the jobs are a decade old and written by our researchers in dotnet framework as Winforms apps I hacked up to be console apps so it’s gotta be windows. I’m converting them one by one to dotnet core and moving them to my Linux containers but it’s a slow process and I’ve got a v1 release to prepare for next month.

        Everyone is just stoked that no longer do a half dozen researchers have to twice a day log in to their pet server, open their Winforms app, run it, and copy paste the results to a shared drive. Now my docker harness does it all on a scheduled task triggered automatically from rundeck server I manage. WE’RE LIVING IN THE FUTURE BABY

        • biscuitswalrus@aussie.zone
          link
          fedilink
          arrow-up
          2
          ·
          3 months ago

          I’m sure it’s not that simple but .Net is and has been on Linux https://learn.microsoft.com/en-us/dotnet/core/install/linux

          Docker images I have run dotnet in a container but the docker server host is Ubuntu. Though I really should flatten it and run it on proxmox.

          However, it’s not like that would save real dollars on licensing we have Windows servers still for AD et. al. and therefore have to license all CPU cores in a hypervisor cluster so having fewer windows servers is irrelevant in our environment with regards to license costs.

          • Pencilnoob@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 months ago

            Oh yeah, all my code is dotnet core running on Ubuntu servers in docker.

            Just all this legacy code is written in dotnet framework which doesn’t run on Linux, and requires some moderate effort to switch (relies on libraries that are framework, and those also rely on framework libraries, etc)

            It’s completely possible, but for now, I’ve got these 2022 servers running “good enough” to go to production, and I’ll convert them as soon as the first issue arises.

    • Optional@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      I feel ya man. I spent a year arguing for the existence of a pilot environment.

      Because when you test in production, it’s bad, mmmkay.

  • durfenstein@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    3 months ago

    Me: “Hey whats that feature we need to implement into our software?” Boss: “Ntlm passthrough” Me: “… Hey boss about 90% of the stuff i find online is about how ntlm is insecure and should be shut off wherever you see it?” Boss: “Yeah… But everyone still uses it everywhere. Just implement it and dont think about it.”

  • SirDerpy@lemmy.world
    link
    fedilink
    arrow-up
    15
    ·
    edit-2
    3 months ago

    I’m an IT sub roundabout working for the US government. We’ve a multi-site contract and arrive at the one we’d been vaguely warned about: Some contractors got fired mid-job in the 90s and left some trash.

    The hallway we needed to go down was filled with all sorts of shit, waist deep, for about twenty feet. My co-worker and I put on some gloves and started making a path. We found just a little had fallen on a path made by those that came before us.

    About halfway through the hallway trash I see a small, solid green light reflecting off the floor. After a little digging we find a beige metal half tower complete with Pentium and Win 3.1 stickers, laying on it’s side but upside down, power and network ran into what looked like a hole in the wall made with multiple blows from a hammer. It wasn’t in the documentation that we could see.

    In the confusion of a vendor fuckup someone decided taking a undocumented hammer to the rules best served society. Everyone who saw it afterwards decided to keep their mouth shut. We favored past wisdom and present uptime. We buried the twenty five year old rig again, hiding it from view while ensuring good air flow.

  • Eideen@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    3 months ago

    (Running machines with windows 2000.) You guys are running windows server 2008?!

  • slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    3 months ago

    Can confirm.

    We have several Server 2008 still running.
    On the bright side not my problem to fix.

    Just don’t as me about that switch that is 2 generations old or the AP that has +1000 days uptime.

  • Optional@lemmy.world
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    3 months ago

    I’ve said it before and I’ll say it again - Cybersecurity as an enormous global industry owes it’s existence to Microsoft. Period.

    If Microsoft suddenly disappeared, cybersecurity would be more like Accounting - basic systems, managed in-house.

    • RubberDuck@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      3 months ago

      Horse manure! It owes it to managers that want to invest in new toys and stuff and don’t want to hear/invest/spend on keeping stuff operational.

      This is why a lot of companies end up leasing notebooks and stuff, cause then IT does not have to explain why it is time to replace hardware… lease is up is something they understand. If you buy (which is cheaper) you end up fucking yourself cause by the time it needs to be replaced some penny pincher higher up will say… nah this is still good for a few more years. And before you know it you are stuck with outdated crap that costs more and more time and effort to keep operational.

      Same with infra… and why IT pushes for cloud first. It’s working so it’s fine. No matter the switches are EOL and the server hardware is EOL and so is the OS without ESU… we need to invest in this new piece of stuff… no money for the rest… just keep it running.

      • Optional@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        3 months ago

        But to that point - they inevitably spend millions on Microsoft either through windows laptops or office bundling because they buy the spew that “Microsoft will support it” and “If we get breached because of a problem with Microsoft they’ll cover us” or some similar crap.

        No, and no. By the way, IT managers.

        Building it is not always the right answer, and yes a Linux workstation for sales is gonna get people upset still, but. This moron treadmill of chasing Microsoft through whatever their latest absurdities are is heinously expensive and pathetic. Are you an IT company or not? Well?

    • ByteOnBikes@slrpnk.net
      link
      fedilink
      arrow-up
      2
      ·
      3 months ago

      I was going to make a Linux joke being why my company’s security has been stable… Until the XZ Utils exploit.

      • Optional@lemmy.world
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        3 months ago

        Yes, cybersecurity wouldn’t disappear, it just wouldn’t be the humongous, roiling, clusterf**k it usually is.

        Name a high-profile breach on a *nix system not due to configuration (user) error. I’d add “or a hardware/firmware hack” but you get the idea.

      • cron@feddit.orgOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        3 months ago

        Just this months patch tuesday notes:

        Today is Microsoft’s August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day.

        Sure, security vulnerabilities exist in the linux world, but luckily not that many.

        • ben_dover@lemmy.ml
          link
          fedilink
          arrow-up
          5
          ·
          edit-2
          3 months ago

          yes and no. if you look at the number of reported CVEs, debian takes the crown of all operating systems. still feeling more secure on linux than any closed source system

      • themoonisacheese@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        And server 2012 has the windows 8 Fullscreen start menu (and classic shell is compatible, if you can’t install SP2). In recent years I hear they’re separating from year/Pc version parity? Thankfully I now work in Linux admin, so that’s not longer my concern.

  • Evotech@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    3 months ago

    Guys who just got put in charge of managing our end of life process

    <---- this guy

    Servers are about to die

  • Zoboomafoo@slrpnk.net
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    3 months ago

    My system at work was built in the late 1960s, but it’s not Microsoft software, so it’s all good

  • Trainguyrom@reddthat.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    One of my friends recently commented on how its funny that they have Server 2008 experience. They’re 21 years old and just graduated college last fall, meaning that was a server they encountered in the Year of our Lord, 2024

  • AThing4String@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    ·
    3 months ago

    Holy shit I’m involved in a similar situation - except we really, REALLY want it gone - it’s just a game of “if you give a mouse a cookie” trying to upgrade all the similarly fragile downstream stuff so we don’t blow up the entire operation when we switch.