Linux has better, like as M$ AD, solutions for management of thery more servers/workstations:

It's Puppet (for more another UNIX systems, not only Linux), Object Languge, it's better idea like as AD!,

And it's RedHat RHN/Sattelite/Spacewalk solutions, it's provide software corporate repos services, it's better corporate Windoze WSUS server, becouse windoze make apply only M$ updates, not has automatization for management 3rd party software

And it's Novell ZenWorks, its provide complex management, like as Puppet and RHN, also, it's provide management for windows hosts (may be, better like as AD)

Please don't read MS "get the facts", it's don't facts, it's fa<censored , MS management mean all World is clinic idiots, and, pay to us it's very fail solutions since 20 years :(

We use puppet for management nearly ~4.5 k UNIX servers (FreeBSD and Linux), and, have 8(!) system administrators to provide 7/24 service for our customers!

Microsoft, Go Home!

A little bit of research suggests that the original article is garbage.
Try searching "The facts: IT virus contained and controlled"
Ne sure to read the result "The facts: IT virus contained and controlled

If they use Windows, they have to pay a tax to microsoft for ever.

It was silly to put Windows based computers at the consoles anyway. In fact, it is silly to put windows-based computers anywhere that is mission-critical..

@Dan said: "If they can't secure a Windows box, then there's not a snowballs chance in hell that they can secure a Linux box."

Do you even know what you are saying? Or are you simply trying to look smart pretending to know Linux security?

I will correct your statement: "If they can't secure a Windoze box, then there's A snowballs chance in hell that they can secure a Linux box." Because they don't need to do anything, Linux IS SECURED OUT-OF-THE-BOX - FAR SECURED THAN YOUR MICROSOFT WINDOZE.

Integral Energy is an electricy retailer in the states of New South Wales and Queensland. I don't think that a virus in their computer system would have brought down the Australian power supply system or grid. Integral is just one of many retailers in these two states, and these two states do not make up the whole of Australia.

Also re-inspection of Demilitarized Zone if any is recommended.
It was the more protected internal network that got compromised here.
not the exposed DMZ.
It seems.

Intrusion Detection System like Snort monitoring unusual network activity as per rules.
And Linux Scripts running in background for Switch Port blocking on detection of such an event can help avoid isolate nodes causing trouble automatically.

Occassionally, causing false alarms etc maybe rarely.

Really secured.

Some of us use "virii" just because it is random and funny... and yes, I know that "viruses" is the true plural. Also, "meh" is not (currently) a word... neither is "netiquitte," technically! But they are fun!

http://tinyurl.com/yanrjez

Wow, that is truly amazing dude. Well done!

RT
www.complete-privacy.net.tc

virus, -i m

you have an extra "i" even, knob

Sometime the a decision of consoles is not made by engineers but by the SCADA software vendor. My sympathies.

Has anyone else noticed that it just so happens that every time a new windows version is around the corner, the virus rates and security hole rates for the outgoing version get a sudden spike? Gee.. how convenient Microsoft.

using windows for anything other than solitaire isn't very smart.

Using windows for anything other than solitaire isn't very smart.

the grid is run by wankers. I feel so safe now.

the correct term is viruses,

virii is only used by knobs to try to convince other people they know what they are talking about.

It seems that Cornflicker and such are a popular reason for switchign to Linux.

A lifetime Windows user and I had enough 2 years ago with the kids and the whole virus/malware/installupdatecleanout process and instead of buying a new computer with the new Vista, I installed Linux as a dualboot on an old laptop and neer looked back.

2yrs later and all our computers run Mandriva Linux/KDE4.3 and we run XP virtually on one where we play Chessmaster and use a work issued program once a month.

Its the same as using any other OS except I now get a new version every 6 months and I give new life to some old hardware (using a lighter desktop).

The thing that pushed me over wasnt the free part (although taht is sweet), or even the old hardware bit... it was the virus thing.

2 years of piece of mind.
Priceless.

If they weren't capable of fixing an issue on their machines that has been preventable since Feburary, they're not going to be capable of setting up a Linux box at all.

One has to ask what sort of dimwitted technicians have to resort to replacing their systems post-infection instead of just using the easily available prevention.

It would be like them using those linux boxes to intentionally bring down the power grid and then blaming it on Linux. The only failure here is human.

Why were they using Windows for operator control stations? If they're like the aluminum plant I used to work in, because their other apps are Windows-based. Time reporting, problem log, stealth porn viewer, email, sports score ticker, etc. etc.

I think it says something, doesn’t it, that the number of different pieces of malware for Windows outnumbers the legitimate apps by 100:1 or more.

Windows apologist much?

I don't think it matters what systems they are running or which has more or less of whatever, if they are too lazy to proactively maintain their system then this outcome is inevitable.

I would like to know if this Logica outsourcing thing is true, someone deserves a good ball slapping.

So, based on your own link, Linux DOESN'T have an answer for group policies when it relies on a Windows Active directory server to institute group policy.

Is Logica still their outsourced IT provider?

There is group policies in Linux
http://www.centrify.com/directcontrol/grouppolicy.asp
And there are a lot of easy ways to manage updates centrally on Linux.
By default, Linux is much more secured.
You don't need FF or AV on each station.
There is no real viruses for Linux, only couple of lab viruses and to get infected you should be programmer :)
And other fact is that Linux sysadmins have much higher "IQ" then MS MCSE, MCSA etc. Actually, from my over decade IT experience, one Linux sysadmin capable maintain at least x3 machines/servers than MS admins.
This is one of the reasons they generally paid more.

If they can't secure a Windows box, then there's not a snowballs chance in hell that they can secure a Linux box.

Internal firewalls?

Subnetting?

Virtual LANS?

Non-local admin access?

Disabling services?

Group policies locking down the workstation?

Nope, I'm sure these guys have an "image" they load on every server of a base XP SP3 with Spider Solitare still installed.

If they can't get that mastered, I can't wait to see how they plan on keeping 1000+ Linux boxes up to date without bringing a thumb drive to each workstation to load the updated configuration files. Linux has no answer for Group Policies.

(And don't give me the I'm anti-linux BS. I run Linux on every box in my house. I do not own a Windows license to speak of. I do, however, support it in my job.)

Well they could get rid of the infection with any other unpopular system still not targeted by hackers, like that one from Apple which is nothing more than a heavily bloated FreeBSD which turned out to be not free at all.

However, I suppose it would fiercely suck up so much electricity from this very grid that they would rather deal with a virus which is only a temporary problem.

Security by obscurity is MS FUD.
There are much more sensitive information and money on Linux servers of Wall Street then in millions of Windows PC's. In general there are much more value for hacker in few Linux servers then in all useless Windows porn collectors :)
Other example is Mac. Market share grown, number of viruses close to 0.
The fact is that it is much easier to hack Windows to get access to Linux servers.
Bank accounts is good example.

Security by obscurity isn't the means to end all security problems.

Obviously the security infrastructure has failed at this company. Time to pull their regulatory licenses. Shut them down, their running is a bigger threat than them not running. It is far better to rely on something not being there, than it is to rely on something built like a straw house.

Pay attention, the servers were running solaris, but infected Windoze machine were replaced by Linux boxes.

So it was really Solaris trusted to run the critical systems, not linux, and therefore Solaris which really saved the system from a major failure.