Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 04, 2016, 08:35:28 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: A Gift for the Hackers - Documentary  (Read 6992 times)

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #25 on: January 10, 2013, 05:26:28 PM »
Man, you guys sure know a lot about this stuff.  Now I feel inadequate  :(.


Don't be. Nobody is an 'expert' on system security these days unless it's their full-time job. There's just too much going on and far too much to know to do it part-time any more. I'm sure I'd be much happier, and sleep better most nights, if I didn't know what relatively little I do know about this topic.

+1 - I too occasionally yearn for blissful ignorance. ;)
;D I was just having this philosophical discussion with my friends this weekend.  Up until recently, I was always opposed to "ignorance is bliss".  But with the rampant paranoia around these parts currently, I'm starting to change my tune.  Plus, I find it to be paralyzing on some level, and that is so not me.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,294
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #26 on: January 10, 2013, 06:04:50 PM »
But with the rampant paranoia around these parts currently, I'm starting to change my tune.  Plus, I find it to be paralyzing on some level, and that is so not me.

I hear ya man, I really do. ;)  But the only secret to security I ever came up with was to pay very close attention to what you don't know. Check for all the stuff you can thing of, and watch for things that might have been missed while you're doing it. So far its worked well for me.

barney

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,282
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #27 on: January 10, 2013, 08:41:54 PM »
... pay very close attention to what you don't know.

Hm-m-m ... if I don't know it, how do I know to pay attention to it  :-\ :P?

(And that is a real question.)

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,294
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #28 on: January 10, 2013, 09:27:09 PM »
... pay very close attention to what you don't know.

Hm-m-m ... if I don't know it, how do I know to pay attention to it  :-\ :P?

(And that is a real question.)

Simple really ... Everyone's skill set gets fragment over time as new technologies and platforms come out. Yet there is never enough time to fully research everything. So one tends to fall back on the basics, and what is known well to try and logic out the missing bits. When situations like this arise, and things "just fall into place", there is a tendency to just pat ones self on the back and move on. Don't. Because there is a good chance that you might not actually be as lucky as you think.

Just because something works doesn't mean it's right, it just means it's close. Take the time to pick at the missing bits that you don't know intimately. Because some people understand why DNS and SNTP a crucial to the heath of an active directory domain...and some folks are constantly wondering how MS had the gall to sell the unstable buggy contraption. I run into this (misconfigured domains issue) in the field constantly. And each time it reminds me to pay attention to what I don't know ... Because the last guy didn't ... And that is why his client is (pissed and) now mine.

I guess in a fashion it is just a kinder gentiler way of saying don't get cocky. But it also give one something to do to prevent it.

barney

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,282
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #29 on: January 10, 2013, 11:01:39 PM »
it reminds me to pay attention to what I don't know

I'm not discounting what you said - in fact I agree with it, and when I was corporate, conformed to it as best I could  :-\.

But there's still a problem here  :o:  how do you pay attention to what you don't know if you don't know you don't know it  :huh:?

A former boss was prone to the chastisement, "If you didn't know how to do it, why didn't you ask?"  Well, the folk who received that unanswerable question were folk who thought they did know how to do whatever it was.  They just didn't know how to do it her way.

But they didn't ask a question because they didn't know they didn't know her way of doing it.

Your system probably works in a very specific situation, obviously has for you, but as a general premise, it's not very successful  :(.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,294
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #30 on: January 11, 2013, 06:56:53 AM »
it reminds me to pay attention to what I don't know

But there's still a problem here  :o:  how do you pay attention to what you don't know if you don't know you don't know it  :huh:?

It's been said that to know ones self is the highest form of aggression...and therein the answer lies. We all know things, and sometimes we only know parts of things. But while we can easily cling to the (rocks) parts of the things we know ... We also can and should pay very close to the other parts where we know we're guessing. It also doesn't hurt when doing something one is familiar with to explore a tad further to make sure nothing new has popped up since the last time it was done. i.e. Configuring the native backup software in Server 2012 is done identically to Server 2008 ... Except for one tiny little detail which bit me in the ass just last week. Fortunately I was anticipating surprises, so I now won't have to deal with finding out 6 months later (when shit hits the fan) that the backups will only fire 1 out of 5 times. e.g. While it's a new version of the same thing, I'm only guessing that nothing changed and my previous level of familiarity in still intact (it wasn't).


A former boss was prone to the chastisement, "If you didn't know how to do it, why didn't you ask?"  Well, the folk who received that unanswerable question were folk who thought they did know how to do whatever it was.  They just didn't know how to do it her way.

But they didn't ask a question because they didn't know they didn't know her way of doing it.

That's a people issue, not a technology issue. People in high places that insist that things are done their way ...(instead of to industry standards)... are frequently wrong. I don't tolerate draconian micromanagement, and have walked away from a job more than once because of it. Now granted the term issues with authority does apply (to me). But in the interest of fair play I will let a new boss have their way within reason in the interest of "getting-the-rythm" of a new position as some things can actually be perfectly safe/fine as personal preference...other things cannot.

Conversely I encourage the people that work under me to pick appart my instructions, and point out (discretely...) if they think I am "wrong", or perhaps missing something that could be critical. Because sometimes - forest for the trees - I miss shit too.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #31 on: January 11, 2013, 08:38:45 AM »
Your system probably works in a very specific situation, obviously has for you, but as a general premise, it's not very successful

I have to disagree. At least within the context of systems administration and support. One of the requisite skills of being "successful" (or just keeping your job) is developing the ability to remain effective even when you don't really know what you're doing. And although that statement may sound paradoxical, anybody involved in networked systems will immediately grok the essential truth beneath the gallows humor.

As Stoic discussed above, the way to get there is to hit the basics really hard - and understand them to the point of where it borders on intuition. After that, it's mostly a matter of filling in the details. And 95% of systems work lies in the details.

Really good systems admins and engineers are often characterized as being "weird" or "spooky" when they're fixing something. I know I go into this strange and silent "space" when I'm doing what I get paid for. Sometimes I'll fix or do something and somebody asks me about it afterwards. That's when I have to think and slow my brain down to "explain" how I figured it out. And for the record, I'm not always completely sure how I figured out half the things I do while I'm doing it. It's sort of a Zen-Sherlock Holmes moment. I just know. Or at least strongly suspect. And there's no guesswork involved when that happens. Like Washburn Hoban said in the movie Serenity: I am a leaf on the wind, Watch how I soar! And I'm far from being alone in operating like that.

If anything, the only niggle for me is identifying the specific detail that's causing the issue. Because I already know what the actual problem is. So at this point it's just finding the correct resource or specific setting that's needed to fix or do something. (And that part of the solution can take some time to locate depending on what you're working with.) This is where knowing the basics cold (ex: from the symptoms, I know it's an AD "name resolution" problem) and remembering details (ex: hmm...last time I saw that it was caused by a DNS resolution error because some idiot messed with the DNS forwarding settings...now where the heck was the panel where you can change that...) comes into play.

And here's the key point: it should work in a similar manner on any other network. The details and terminology may be different - but the underlying basics and likely resolutions will remain the same. As long as you really understand what DNS is, and how it works, you can extrapolate.

And if, in the process, you discover something completely foreign or new to you, then it's once again time to ferret something out and get up to speed on yet another detail. But that usually gets easier with time since most "new" things you'll encounter will build on what you already know. That's because, in the systems world, the inertia generated by the trillions of dollars already locked up in existing infrastructure effectively blocks most radical departures from the way things are currently done. Major changes, even if they're necessary and for the better (IPv6 anybody?  >:D) will take years before they finally see major deployment.

So there's almost always adequate time to get up to speed on major shifts in the technical landscape. Even for somebody as Luddite as me when it comes to Windows 8. (I may bitch. But I will master it regardless of how I currently feel about it.)

So Stoic Joker's approach is not a specific or single instance sort of thing. It's pretty much the day to day reality - and way it works - for most of us in the network and systems field.
 ;D 8)
« Last Edit: January 11, 2013, 11:29:43 AM by 40hz »

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #32 on: January 11, 2013, 08:52:29 AM »
That's a people issue, not a technology issue.

+1.  ;D :Thmbsup:

There's a saying in the tech world that goes: In the end it always comes down to a "people problem." And anytime you find something that isn't, you'd better look again.


superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,070
  • Is your software in my list?
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #33 on: January 11, 2013, 08:52:50 AM »
^^that...was awesome.
I'd make an Archer joke, but it would be inappropriate, as most of their jokes are.  :Thmbsup:

SeraphimLabs

  • Participant
  • Joined in 2012
  • *
  • Posts: 497
  • Be Ready
    • View Profile
    • SeraphimLabs
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #34 on: January 11, 2013, 04:00:49 PM »
Bah, DNS and active directory. That took hours to figure out the first time, now I know exactly what to check and can have it corrected in 2 minutes- the time it takes to enter the change and replicate it to the slaves.

But when it comes to network security, it is probably better to be on the paranoid side of things than not be concerned enough and have a severe breach.

Like I was just explaining to a budding engineer the other day though. It is far better to learn the basic processes and not the specific implementations. Because those implementations can and will change over time, but the process itself will last longer and can be used to solve for the implementation. By knowing what has to happen in a given machine for it to do its job, I can approach any machine performing that function manual or not and very quickly figure out where garbage in garbage out has gone wrong.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: A Gift for the Hackers - Documentary
« Reply #35 on: January 11, 2013, 04:23:34 PM »
Bah, DNS and active directory. That took hours to figure out the first time, now I know exactly what to check and can have it corrected in 2 minutes- the time it takes to enter the change and replicate it to the slaves.

Awesome! Next time something comes up with AD that even has Microsoft's priority support team stumped for a bit I'll call you in. :P

(P.S.  I used AD/DNS resolution purely for illustrative purposes. I didn't feel like getting into writing up a real AD quagmire as an example. ;))