All posts tagged sysadmin

How to become an Info Assurance Analyst

So, CNN/Money ran a story on the best 100 jobs in the United States, based on pay, projected job growth over the next 10 years, and quality of life ratings. And there was my job title, at #9. The field desperately needs more of us, so I’m happy to share with you how to become […]

Why every breach is different

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected. I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not […]

I fought the white screen, and I won!

WordPress occasionally suffers from the dreaded “white screen of death,” where you visit an admin page and, instead of being able to do what you want to do, you get a blank white screen. Meanwhile, the blog continues to function. If you have scheduled posts, they keep going. But with no admin access, the blog […]

The dwindling writing market

I get the occasional query from people who say I should promote my blog more, so that I can get an audience and write a book about this or that, and then I read stuff like this. Basically, writing is getting more and more commoditized, and writers are making less and less, not that they […]

Fixing the .NET Framework when it b0rks on you

The bane of my existence as a sysadmin was .NET. It would corrupt itself randomly, sometimes taking with it this awful CA product written in .NET that nobody else wanted anything to do with. In my day I’d reinstall service packs and the latest patches and one of the six things we tried would fix […]

A security professional fights back against tech support scammers

I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how […]

IT jobs shortage? Slide over to security

IT jobs are getting scarce again, and I believe it. I don’t have a cure but I have a suggestion: Specialize. Specifically, specialize in security. Why? Turnover. Turnover in my department is rampant, because other companies offer my coworkers more money, a promotion, or something tangible to come work for them. I asked our CISO […]

IT personnel and knowing things they aren’t supposed to know

On Slashdot, a newcomer to the IT field asked a really good question: What do you do to avoid seeing things you’re not supposed to see? Clearly, some people do it better than others, but it seems to me it’s a fact of life that eventually you will see things you’re not supposed to see. […]

How to stop the 30% of ex-employees who want to access company data

I read on Linkedin this week that up to one-third of former employees are still accessing company data–after their last day. I wish I could say I was surprised. But I remember on my last day at one former employer, I turned in my badge, mentioned that I still had some paperwork to fill out […]

What Linkedin is good for

Alistair Dabbs posted a nice, curmudgeony anti-social-media rant over at The Register. In part, he asked what Linkedin is good for, noting it’s never netted him a job or a useful contact. I found his piece entertaining, so I thought I’d talk about how I use Linkedin, besides dodging recruiters who blindly type “cissp security […]