In a company i used to work for we had a large bank of test machines and each batch was allocated to various teams depending on requirements.
Every now and again no one knew what a particular bank of machines did due to re-orgs and team shuffles so we simply hit the power button and shut them down until someone came crying. If they came crying within a month or two they kept the machines if not they were re-allocated. Once a year after we had re-allocated a bank of machines someone came looking for them. Its always interesting to see someone's reaction when you give them the dates they were re-allocated and its over 6 months Mind you the above approach may get you killed if its a mission critical system ------------------------------------------------------------------------------------------------------------- There are software packages specifically designed for auditing networks and the above scenario .I cant recommend one as i work for a company that writes auditing software and am bias. Vincent Lape wrote: > Robin, > > @ my last company we were required to physically inventory every > machine & process runnong every 6 months. In our datacnter (about 800 > physical servers) it took us a week. Granted this may not be ideal in > all cases however our environment dealt with financial data and we > didnt want to be the next T J Maxx :) > > The issue we found was exactly as you had stated. typically the dev > tam called someone in the middle of the night to put up a machine for > whatever reason. Of course this request was generally followed by a > call from an executive telling you to just get it done. months later > when the dev team was done with it they would tend to put mission > critical processes on "test machines" > > anyhow the point is we should be diligent in auditing the > infrastructure on a regular basis and providing a valid business cause > as to why any particular machine is on the network. > > > On Mar 30, 2009, at 10:14 AM, Robin Wood wrote: > > >> 2009/3/30 Dan McGinn-Combs <[email protected]>: >> >>> In my limited experience, people, sysadmins and developer alike, >>> remember virtual machines. Especially when they require someone to >>> turn them on or eat developer workstation resources. >>> Dan >>> >> I wasn't thinking virtual I was thinking real ones where one gets put >> under a desk or in a spare bit of rack and then forgotten about. Being >> a server it would never be shutdown or rebooted so would just run and >> run. >> >> Robin >> >> >>> -----Original Message----- >>> From: Robin Wood <[email protected]> >>> Sent: Monday, March 30, 2009 5:19 AM >>> To: PaulDotCom Mailing List <[email protected]> >>> Subject: [Pauldotcom] orphaned machines >>> >>> Hi >>> In one of the last couple of episodes Larry mentioned machines which >>> were orphaned when people left a company, my immediate thought was >>> along a different track to what was discussed so I thought I'd >>> mention >>> it. >>> >>> What about temporary machines which are setup by sys-admins for >>> specific jobs or departments when the sys-admin leaves. Maybe a >>> developer needed a server with a specific version of mysql on it to >>> test a bug, the machine gets put on the network as a temporary thing >>> but then the sys-admin who does it leaves and the developer finishes >>> his testing and forgets about it. I can think of quite a few >>> scenarios >>> where pet projects or temporary machines are forgotten about or lost >>> when someone leaves. >>> >>> I supposed one solution to this is to make sure that every machine >>> that gets added to a network is logged but in reality I think people >>> are likely to be lazy and for short term installations bypass the >>> paperwork. An alternative is to scan the network regularly and pick >>> up >>> any machines which are new or not in an approved list and have them >>> checked out. The problem with this is that once the machine is >>> vouched >>> for once it becomes a recognised part of the network so wouldn't be >>> picked up as an anomaly. >>> >>> So, that was my thought when orphaned machines were mentioned. >>> >>> Robin >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >>> _______________________________________________ >>> Pauldotcom mailing list\ >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >>> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
