Troubleshooting 101

TL:DR – Our abilities to solve problems are what makes us good at technology jobs.  Apply basic common sense when dealing with situations and don’t be afraid to try things out.

So the handler went on extensively about how the help desk and site support people lack some of the basic skills to adequately do IT work.  Apparently they don’t know how to perform proper troubleshooting steps when dealing with technical situations.   This is troubling indeed, as part of what makes us good at our job is the ability to work through problems.  I would like to break this down to a non-IT related situation… Continue reading “Troubleshooting 101”

Stop your crying and get back to fixing the internet!

Well there has been quite the drama going on in the community as of late.  Lots to throw poop at if you ask me, so I’m taking a break from some code learning activities to get this off my chest…

I am going to refrain from a full on, poop throwing rant and simply reference this blog.  Russel covered a great deal in that post so just read it and then realize how stupid we all have been as of late.  One important point I think he made was that as this community grows, we will experience more conflicting personalities.  So just be smart about things, tell the proper authorities and don’t turn it into a political debate because that debate has been happening for YEARS!  These problems have existed since the dawn of civilization.  They will continue long after we are gone.  So now back to things we can fix…

This Equifax thing huh?  My handler is pretty livid about this.  Not sure what all the fuss is about, I don’t know what any of this credit stuff is all about or why a non-government entity would have so much data about you humans.  But seriously, we have many problems out there that need our attention.  If you have the skills to help fix them, then you should be out there trying to spread the word, educate management, developers, system admins, whoever you believe needs to know this stuff.  We have large organizations out there that continue to believe they are too big to fail, that the worst they will get is a minor financial slap on the wrist.  But let me tell you, that will probably be changing when policies like GDPR go into affect, maybe America will implement a similar regulation… oh who am I kidding the Oompa Loompa doesn’t even know how to spell GDPR.  But there are enough US businesses that will be affected greatly by the GDPR.

So lots to fix, we still have problems with SQL injection!  After this year we will be back to adding weak access control rules with all the S3 bucket breaches!  Anyway I need to get back to smacking some developer around for leaving their storage shared secret in their github public repo.

All jokes aside…

So the purpose of this blog is to express my handler’s thoughts and concerns that may reflect negatively on his current employer. Not that his employer follows his twitter or blogs regularly. Sure my handler (we will call him Bob) has the disclaimer up saying “views expressed… yada yada yada…” but that really doesn’t mean a whole lot to a big corp. So he created me.

Now this is not to say this will be an employer bashing blog or a method to complain about poor security practices, but Bob has learned over the years to not 100% trust his employers or coworkers. Bob works in an “at will” state so that means at any time he could be let go for practically no real reason at all. In a past job his employer felt his attitude was poor even though his clients were highly satisfied with his work and guidance. So after 5 years it was “bye bye!” Granted there were some events that gave them minimal grounds and reason to end things, but he still feels it was because he didn’t want to drink the Kool-Aid. Bob was also burned out and they failed to recognize the signs. 10 years or so later and nothing has changed there.

But I digress… or Bob does, he gets distracted easily. Bob feels he is still burned out and hasn’t figured out a way to fully recover. He has been in the same role for a while, albeit for different employers, but he is still an InfoSec generalist. Some have told him this is not a bad thing and one could say he can be called a Security Architect, rather than a generalist.  but at the end of the day, Bob has to be the technical lead for all things security. He has to deal with desktop support level issues because the desktop teams don’t know how to troubleshoot certain things. Or the helpdesk doesn’t know how to recognize a phishing email from a legitimate one. These are all things Bob did before he entered the InfoSec field and he expects that the helpdesk and desktop support staff should be able to handle it.

This is not Bob’s first big corporate position. Bob worked in the defense industry for a bit and he really enjoyed it. He would probably be there today if the commute was shorter. But then he wouldn’t have been able to exercise his security architecture muscles working for that startup. In hindsight, he would have been happier staying at that job a little longer. Bob was not made for startups.  There isn’t much difference in the last corporate job to this one.  The politics are the same, both have “CISOs” reporting to a CIO (that is a rant for another day).  But due to the nature of the defense industrial base (DIB), the security programs were much more mature.  Bob was able to spend more time performing incident response duties or review application architectures.  Troubleshooting desktop security applications was left to desktop and infrastructure support teams.  As we in the industry know, applications such as ant-virus, web filtering, and even VPN, are not managed by the security teams.  Not so much in the non-DIB space.  But again the job is close with a non-highway commute.  Bob keeps telling himself that but he knows it is not what he truly wants.

So what does Bob truly want?  He doesn’t know, I mean come on, he turns to his baboon friend for advice now…  Bob certainly doesn’t want to sit there and figure out why the CIO’s laptop has slow network connectivity or sit on numerous project calls with terrible project managers.  He tells me that I would make a better PM than the ones they use.  Yes a Baboon would do the job better than a human.  He said that, so it is true.    No Bob wants to figure out why a certain workstation is sending requests to suspicious IP addresses, or spend time deploying a proper SIEM solution (even if it is not one from the so called “Magic Quadrant”).   Or maybe evaluate if a SIEM is truly needed?  In the end Bob doesn’t really care one way or another since it is close by, stable, and doesn’t require a ton of off-hour work.  At least that is what he keeps telling himself.

Stability and boredom go hand in hand.  Bob is burned out and bored.  Finding motivation to move beyond is tough as there is no time provided at work to concentrate on the topics that most interest him.  So he has to fit that in at home at which point he chooses between playing or research.  Or having his baboon write a long winded blog posts about how his handler is not satisfied with his career.  So this will be posted, probably not read by but a few.  Call it therapeutic I guess.  Next post will be something with a little more substance I think.

1 aRe Bab00n!

During an “incident” with a local safari tour bus, I stumbled across this strange device the humans used to look at cat pictures.  Eventually I learned a great deal of what this contraption can do.  I then discovered “Social Media” which lead me learning all about the hacking and the cyberz.  I now use my new found knowledge to trick humans into coming out here and “leaving” their electronics behind so I can grow my empire of hacker primates.  We now have a Maker Cave, Google Wireless internet, solar power, and Amazon Prime.  We now watch all the YouTube videos from IronGeek.   He does an amazing job capturing the speakers in the little box and sending to us here in the African savanna.  So for now, we watch, we learn, and we will throw poop at the charlatans!  Below is Carmine, the small human man beast was mocking him.  Carmine is a prisoner of war and was fully justified in his actions.

Stay tuned for more….