[dijit]

Maybe I'm blind to something because I've been in server administration for 15years; but my -really old- IRC network requires about 3 hours of maintenance a year; I have 10 machines and they're constantly being "attacked" (as per logs) but the only time I've ever been compromised was when I was trying to overcomplicate things with fancy tools to make administration easier

[re-thc]

That's like saying it's outrageous that a consultant charges $xxxxx for a 5minute fix. You've said it - you've got 15years of experience in server administration. That's what people are paying for.

Having said that I never said it was "hard" - just something needs to be done. I responded to a comment that took it for granted that you'd automatically be safe on the Internet.

[dijit]

Yeah, but most adminsys people are autodidacts; thus there was a time when they did not have 15 years experience and were running systems on the internet.

I'm not saying there can't be a problem, but it's so easy and the alternatives (cloud+terraform+ansible+packer et al.) are so complicated in comparison that it beggars belief that people are choosing an "easy" path here.