[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 05/11/12 23:10, Julian Hall wrote: > Just as an aside, I am hoping in February to start on an MSc in > Computer Forensics.. hopefully if I'm successful I will be able to > give input to the subject not limited to my personal knowledge and > prior employment :) > > Julian > Best of luck, that should be a really fascinating course. Please don't feel that you should (or anyone else, for that matter) not contribute purely because you don't feel that you're not 'qualified' yet - your personal knowledge and prior employment are just as valid a source of information as any other experience the rest of us may have! Indeed, it's the best source we each rely on. There are an awful lot of highly qualified and decorated 'experts' out there who couldn't find their ass with both hands and a flashlight (my military friend is an endless fount of awesome slang). Some of the most incisive and game-changing insights ever to drop in my lap before have historically been from decidedly non-expert people who have come into a situation with no pre-conceptions and their fresh viewpoint immediately lit on exactly the issue I'd just skipped straight over. I once spent several hours exhaustively analysing nmap and tcpdump outputs because I was convinced I had - via a nagios alert - an unauthorised IP accessing home network resources. Eventually my (technically illiterate) friend volunteered that he'd left his linux PC at home on whilst coming to visit for the weekend because he had a very slow bittorrent transfer finishing, and might that be something to do with it? I remembered at that point I'd hacked him up a cronjob to re-establish an openvpn connection to me every 3 hours in case it dropped, and because his landlord had just changed ISPs, the incoming IP wasn't one I recognised. Of course, by this point, I'd wasted most of a Friday evening's drinking time, trashed half of my network setup and pulled out most of my hair. Oops...* This is purely a matter of curiosity, nothing else: Julian, your mails tend to arrive out-of-sync with everyone else’s. Do you have your machine set to a non-GMT timezone, or perhaps you are reading offline in batch mode and then relaying through your own mailserver or something? Just interested, nothing more. Cheers *I suspect I come across as very full of myself sometimes - trust me, I have made a *lot* of mistakes, and done my best to learn from them. If anyone is interested in more anecdotes from my personal Files of Fail, I have, umm, probably an unlimited supply for you to laugh at. Most stupid thing I have ever done? Well, when I was probably old enough to know better, I failed to distinguish between a crashed debug session I had backgrounded with 'bg' (i.e., job 1) with init (process 1). When I ran "jobs" and saw zombied process 1, I 'fixed' it with "sudo kill -9 1"... Obviously I nuked init instead of my job #1 and took down the entire box. Which was a 32 socket Oracle DB server handling patient records for Kings College Hospital in London, during business hours. The SPs (IBM talk: service processors) freaked out and dropped the fibre channels to the SAN, corrupting multiple target LUNs and requiring a 48 hour rebuild and restore from tape backup, which we had to get from Iron Mountain on courier delivery at god only knows what cost. The entire IT department pulled all nighters for the weekend to fix that 'little' mistake (think: horrific transaction backlogs for things like clinic planning). I still occasionally send mental thanks to my old boss from that gig for not actually just literally killing me on the spot. I gave her a bottle of Ardbeg and was demoted to 1st line (windows) phone support for 6 weeks to atone for that sin and I have NEVER issued "kill -9" without thinking at least 3 times first ever since :) -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq