Mythic Monday – The Linnet and the Bat
Aesop’s fable 75, sometimes called The Linnet and the Bat discusses a situation where a bat and a caged linnet* are discussing why the linnet sings at night instead of during the day. The linnet’s explanation is that he was singing during the day and that’s how he was caught and caged in the first place, so now he only sings at night. The bat observes that it’s a mite late for caution, since the linnet is already captured.
The point of the fable is supposed to stress the uselessness of regret. However, it applies equally well to system and network hardening. Many businesses will look into remediation after they have been attacked, when it is far easier to do the hardening work ahead of time. Sure, no one wants to spend money they don’t need to, but as with most things in life, it is far cheaper to invest in prevention than correction.
When you build a server, it takes but a few extra initial hours to apply hardening templates and an hour-or-so a month to keep it updated with patches. However, if an attacker gets in, the server will likely have to be completely rebuilt, losing time in addition to the business loss from the outage. Additionally, it is quite likely that the attacker would have gotten into other systems on the network, so the time spent correcting the problem is multiplied by the number of systems on the network.
Really, it’s better not to get caged in the first place.
* There is a great deal of linguistic controversial about the nature of the bird in this story. The problem is that the word bôtalis, which has been translated as “linnet”, “goldfinch”, “canary”, appears only in this one fable. That none of this matters to the point of the story only serves to illustrate the fact that Classicists have nothing better to do with their lives than debate over ornithological divisions, instead of spending their time on more practical endeavors… such as researching obscure myths and linking them to I.T. security.