Daemon News: I’ve been hacked! How OpenBSD saved our project

“I am one of the Unix SAs in the Information Technology
department at the City of Tucson municipal government in Tucson,
Arizona. Almost two years ago, our City Library approached us with
a resource utilization problem. They had a number of Wyse 60
terminals installed in the various library branches which were a
hold over from earlier days when these terminals were a primary
means of electronic access to library catalogs.”

“In recent years, PCs have largely replaced these terminals as a
means of accessing online library catalog information. The PCs are
also used for library patron web surfing. However, there are always
more patrons wishing to browse the Internet than there are PCs to
accommodate them. Consequently, the library department requested us
to provide a means for these patrons to use the Wyse terminals to
browse the Internet. Access to these terminals would be
unrestricted. Also we were informed, anyone already on the Internet
from any location would be provided access to our solution without
restriction via the library’s DEC Alpha server.”

Looking back on this today, it is clear this should have
sent up bright red flags all over the place – but like many busy
SAs might have done, we just lumped it in with our many other
ongoing projects.