Boss calls this sysadmin/network admin pilot fish into his office with bad news: A machine under someone's desk has been hacked.
"Now, this is a machine on the LAN, presumably behind our firewalls and security, so this is a matter of concern," says fish. "Complicating matters, the machine is a Windows host for multiple Linux virtual machines from a vendor who delivers updates as complete VM images, with the operating system and application software preinstalled.
"The target machine is hosting three VMs with different software versions from this vendor. It triggered network monitor alarms due to generating excessive network traffic.
"On examination, only one VM was compromised with denial-of-service malware, although all three VMs show signs of attack. But how did they crack a Linux VM?
"Turns out the consultant for this vendor's application used a somewhat weak password on that VM. Weak -- like, 'password.' It may be time for a change of consultants.
"But wait! There's more! How did the bad guys even get to this VM to attack it? It's on the corporate LAN, behind our firewalls and...
"Oh -- it's not. The institution has allocated external IP addresses routed directly to these VMs over the LAN. Directly routed from the Internet, over the LAN -- and with nary a firewall, hardware or software.
"Because Linux is secure, right?"
No need to breach your own security -- Sharky just wants your story via plain old email. So send me your true tale of IT life at firstname.lastname@example.org. You'll secure a stylish Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.
Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.