Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

ajt (2546)

ajt
  (email not shown publicly)
http://www.iredale.net/

UK based. Perl, XML/HTTP, SAP, Debian hacker.

  • CPAN: ATRICKETT [cpan.org]
  • PerlMonks: ajt [perlmonks.org]
  • Local LUG: AdamTrickett [lug.org.uk]
  • Debian Administration: ajt [debian-adm...ration.org]
  • LinkedIn: drajt [linkedin.com]

Journal of ajt (2546)

Wednesday September 13, 2006
12:32 PM

Open Source Need Not Apply

[ #30984 ]

At work we are migrating our division's IP range from one block to another this autumn. It's a mamoth task, as many devices have hardcoded IPs and will need to be updated manually on the device.

IT don't actually know about all the devices (mostly printers) that we have and need to get a list of every device using an IP address, and some idea of what it is.

Apparently the re-IP project has zero budget, so all our switches and routers come off-line, are manually re-configured one at a time, and then all the systems are brought up manually one at a time with new IP addresses. We don't have the luxury of running the old and new networks side-by-side.

IT want to spend £10k to buy some windows network tool that will find and identify all the devices on the network. I showed one of the chaps nmap, and it scanned a block of IPs in a few seconds for nothing, and came back with quite nice results. If they want to spend £10k, we could do with some new 1Gbit switches rather than some pieces of worthless Window$ software.

Officially we were told that "NO OPEN SOURCE SOFTWARE COULD BE USED". I said we'd better switch of SAP then, as it running on top of AIX and Linux and there is a sizeable amount of open source software in both of them. To which they replied that bought open-source software is okay, but free open-source isn't...

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I volunteer to accept your companies money.
    • Tell me about the absurdity of it...

      • Pay for your permenant staff to take formal training in Linux.
      • Pay for your permenant staff to be certified in Linux.
      • Pay your permenant staff to use and gain experience with Linux and other open source tools such as Perl.
      • Refuse to use open source tools and instead buy a closed source product you have no idea what it does...
      --
      -- "It's not magic, it's work..."
  • Tell them to pull their heads out of their backsides long enough to research Nmap. The media coverage [insecure.org] page has a wealth of information that may sway their decision. Nmap has been around for 9 years, has won several awards and is even used by the NSA.

    Heck, even Trinity used it in The Matrix Reloaded [imdb.com] so we know it's gonna be around for years and years to come. :)

    • Useful links.

      I think many Windows users fear open source. Their is some kind of warm and fuzzy feeling they get from handing over money and getting some precompiled binary that you just install. As long as they don't know it's an open source tool, I think they could be persuaded to pay a consultant to do the scan for them.

      For too long Microsoft has dulled the minds of Windows users and I think they find it hard to think for themselves anymore. A freind has experienced the same mentality at his work (a U

      --
      -- "It's not magic, it's work..."
      • Windows users just aren't used to open source.

        Some of it looks like that evil unix command line stuff, and really that's just like DOS and they moved past DOS years and years ago, so it must be primitive.

        Just make sure that you introduce them to Windows Open Source things that do look like what they are used to.

        Firefox and Thunderbird are a good start. They work just like they are used to and are easy to slip in next time they get browser hijacked or have a fit of rage over IE or Outlook (Express) crashing
        • You are quite correct. Windows users don't want free tools, they want expensive tools without paying for them. At work we are squeaky clean, but lots of home Windows users insist on closed-sourced commerical programs but prefer to steal them rather than pay for them. Offer them a freely avaialble alternative and they don't seem to be interested...

          Firefox is always a good starting point I find too, it may be free but it has tabs, blocks adverts and doesn't infect your computer with more spyware than you ca

          --
          -- "It's not magic, it's work..."
    • Heck, even Trinity used it in The Matrix Reloaded

      Theoretical musings from management:

      Oh noes! Nmap? I think I remember that from when I was watching that Matrix movie with my son. Didn't they use it to hack into a network and make something or other explode? Quite a lot of things exploded in that movie, so probably.

      What? You want this exploding hacking tool used inside our network? Of course not!

      • ...

        I think they have decied to buy some point-and-drool tool just because it produces a pretty diagram they can drive from Visio.

        --
        -- "It's not magic, it's work..."
  • Your IT department is still run by dumb bastards is it? Hehe, I still laugh at their assertion that we couldn't use NNTP for $project because it would need to have extra software installed on desktops (um, no, some version of Lookout they already had would handle it) and it was too difficult (ffs, if Tony could use it, anyone could!).

    Incidentally, I've now got rid of even those niggling little difficulties by having all my newsgroups go to my mailbox and I can reply by mail to the groups too. Tis but a

    • In this case I think it may have come down from clueles mangelment.

      It is fair to say that there is a certain unwillingness to change things but at the same time given the generally poor technilcal skill of most of the users, you can't blame IT from being conservative.

      On the up side I have managed to get more Linux boxes and open source solutions in place for other projects.

      --
      -- "It's not magic, it's work..."
      • Poor technical skills on the part of users are usually at least partly the fault of the IT department not providing adequate (or any) training - or in the case I'm thinking of, not considering that someone else (me) could have trained the users for them. They had to be trained to use the inferior web-based system we ended up using anyway.
        • You are quite correct the company and the IT department are responsible for the skills or lack thereof of the staff. Training is one thing that many companies talk about a lot but fail to deliver on. I must admit that I've actually recieved a decent amount of training since moving back into my current department.

          --
          -- "It's not magic, it's work..."
  • I like nmap for the amount of information it supplies, but when you don't care about all that it returns, and you can never remember what the switch is to turn off all the port scanning, it's just too slow.

    I have become a big fan of thcrut. If you just want to scan a large network quickly and find out what's alive out there, it's hard to beat.

    It scans a /19 netblock in about 10 seconds. Just thcrut discover 10.0.0.0/19 and away you go. The results aren't sorted, but hey, there's this glue language aroun

    • Thanks for the suggestion. THC-RUT doesn't appear to be in the official Debian repository, but I'll see if it builds easily enough from source over the weekend.

      --
      -- "It's not magic, it's work..."