D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Linux - and security

 

On 05/11/12 23:10, Julian Hall wrote:
> Just as an aside, I am hoping in February to start on an MSc in
> Computer Forensics.. hopefully if I'm successful I will be able to
> give input to the subject not limited to my personal knowledge and
> prior employment :)
>
> Julian
>

Best of luck, that should be a really fascinating course. Please don't
feel that you should (or anyone else, for that matter) not contribute
purely because you don't feel that you're not 'qualified' yet - your
personal knowledge and prior employment are just as valid a source of
information as any other experience the rest of us may have! Indeed,
it's the best source we each rely on. There are an awful lot of highly
qualified and decorated 'experts' out there who couldn't find their ass
with both hands and a flashlight (my military friend is an endless fount
of awesome slang).

Some of the most incisive and game-changing insights ever to drop in my
lap before have historically been from decidedly non-expert people who
have come into a situation with no pre-conceptions and their fresh
viewpoint immediately lit on exactly the issue I'd just skipped straight
over. I once spent several hours exhaustively analysing nmap and tcpdump
outputs because I was convinced I had - via a nagios alert - an
unauthorised IP accessing home network resources. Eventually my
(technically illiterate) friend volunteered that he'd left his linux PC
at home on whilst coming to visit for the weekend because he had a very
slow bittorrent transfer finishing, and might that be something to do
with it? I remembered at that point I'd hacked him up a cronjob to
re-establish an openvpn connection to me every 3 hours in case it
dropped, and because his landlord had just changed ISPs, the incoming IP
wasn't one I recognised. Of course, by this point, I'd wasted most of a
Friday evening's drinking time, trashed half of my network setup and
pulled out most of my hair. Oops...*

This is purely a matter of curiosity, nothing else: Julian, your mails
tend to arrive out-of-sync with everyone else’s. Do you have your
machine set to a non-GMT timezone, or perhaps you are reading offline in
batch mode and then relaying through your own mailserver or something?
Just interested, nothing more.

Cheers


*I suspect I come across as very full of myself sometimes - trust me, I
have made a *lot* of mistakes, and done my best to learn from them. If
anyone is interested in more anecdotes from my personal Files of Fail, I
have, umm, probably an unlimited supply for you to laugh at. Most stupid
thing I have ever done? Well, when I was probably old enough to know
better, I failed to distinguish between a crashed debug session I had
backgrounded with 'bg' (i.e., job 1) with init (process 1). When I ran
"jobs" and saw zombied process 1, I 'fixed' it with "sudo kill -9 1"...
Obviously I nuked init instead of my job #1 and took down the entire
box. Which was a 32 socket Oracle DB server handling patient records for
Kings College Hospital in London, during business hours. The SPs (IBM
talk: service processors) freaked out and dropped the fibre channels to
the SAN, corrupting multiple target LUNs and requiring a 48 hour rebuild
and restore from tape backup, which we had to get from Iron Mountain on
courier delivery at god only knows what cost. The entire IT department
pulled all nighters for the weekend to fix that 'little' mistake (think:
horrific transaction backlogs for things like clinic planning). I still
occasionally send mental thanks to my old boss from that gig for not
actually just literally killing me on the spot. I gave her a bottle of
Ardbeg and was demoted to 1st line (windows) phone support for 6 weeks
to atone for that sin and I have NEVER issued "kill -9" without thinking
at least 3 times first ever since :)

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq