All posts tagged sysadmin

A security professional fights back against tech support scammers

I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how […]

IT jobs shortage? Slide over to security

IT jobs are getting scarce again, and I believe it. I don’t have a cure but I have a suggestion: Specialize. Specifically, specialize in security. Why? Turnover. Turnover in my department is rampant, because other companies offer my coworkers more money, a promotion, or something tangible to come work for them. I asked our CISO […]

IT personnel and knowing things they aren’t supposed to know

On Slashdot, a newcomer to the IT field asked a really good question: What do you do to avoid seeing things you’re not supposed to see? Clearly, some people do it better than others, but it seems to me it’s a fact of life that eventually you will see things you’re not supposed to see. […]

How to stop the 30% of ex-employees who want to access company data

I read on Linkedin this week that up to one-third of former employees are still accessing company data–after their last day. I wish I could say I was surprised. But I remember on my last day at one former employer, I turned in my badge, mentioned that I still had some paperwork to fill out […]

What Linkedin is good for

Alistair Dabbs posted a nice, curmudgeony anti-social-media rant over at The Register. In part, he asked what Linkedin is good for, noting it’s never netted him a job or a useful contact. I found his piece entertaining, so I thought I’d talk about how I use Linkedin, besides dodging recruiters who blindly type “cissp security […]

Takeaways from Patrick Gray’s AusCERT coverage

I’ve been listening to Patrick Gray’s coverage of the AusCERT security conference, and I walked away with two major takeaways, one for security professionals and one for everyone. Everyone first: Use SSL (https) everywhere you possibly can. Generate superfluous https traffic if you can. Network professionals: Block as much UDP at the firewall as you […]

Don’t forget the .NET Framework when troubleshooting

I’ve been troubleshooting a program that’s written in a combination of Java and .NET (yes, now I’ve seen everything), and the program misbehaved. It misbehaved a lot, and the vendor was confused too. About four hours in, one of us had the idea to uninstall the .NET Framework 4.0 and install the newest .NET Framework […]

More details on the Target hack come to light

Yesterday I read, via Ars Technica, that the malware resided on cash registers (which I’d heard elsewhere before), and that the first step to getting there was via a compromised web server. And that led to a question in the comments, that sounds like it came from an IT professional: don’t they have their network […]

How to get started in regulatory compliance

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective. I think most any CISSP will answer that question similarly, so I’ll take a stab at it.

DoSing your cubicle neighbor

My baby at work is a centralized logging tool. That means my system has to touch every other system in this large company’s large network, which is kind of cool. Not many projects deal with that many different things, and I’m seeing some things I haven’t seen since college–and never expected to see in the […]