If you forget to use sudo and spend some time editing a file with vim, not all is lost. You can actually escalate using sudo without leaving vim, and losing your changes.
:w !sudo tee %
Note : this only escalates for one write. You must run the command again if you want to save file after making more changes.
We are having a baby tomorrow. The c-scheduled for tomorrow morning. We have to be at the hospital at 5am.
Two kids under 2. Life is going to be crazy.
I stopped after work to fish a fully fresthwater retention pond for bass. A saltwater tarpon in a retention pond is something you see everyday.. Definitely not what I was expecting. I had to go in and get him out of the hydrilla. I took a video of the fight because I was 100% sure I was gonna lose him on 10lb test. What an epic battle!
Here is the video...
Some of ya'll need to hear this...
Welp, I made the jump into the IT security world. I am leaving Windows System Administration to join IT security full time. I wanted to make the announcement last week, but with the hurricane I figured I would wait.
When I started my career at GeekSquad for $10 an hour back in 2004 I would never imagine where I would be today. Fast forward 12 years and I am working an IT security job for a enterprise organization.
I have no degree and my path certainly wasn't easy. I started out at the bottom and worked my way up every chance I could get.
2004 - Geek Squad
2005-2006 - Enterprise Help Desk
2007 - 2008 - Desktop Support
2008-2010 - Network Technician (basically entry level system admin)
2010-2012 - System Admin
2012-2016 - Network Administrator II (basically high level System Admin)
2016 - Cyber Security Vulnerability Manager
I wanted to share my journey because if you have enough drive anything is possible. A degree is definitely not needed. I started out of high school when all my colleagues started by getting a 4 year degree. I am ahead of my everyone of my colleagues that I talk to that has a degree.
I am only 29 years old so my journey is far from over.
Ugh CEH is the worse option. I have it and that is scam certification IMO. It is like over $1000 to take a test that is multiple choice and extremely easy.
CISSP - Great, but you have to commit a good amount of time and brainpower to it. I have it and it was pain in the ass, but well worth it.
CISM - Weighed the same as CISSP by DoD DIrective 8570, but an easier test.
Security + - Used to be a basic watered down security cert like Scott said, but recently was made much tougher and is more well respected now
If I wanted the most value and was willing to do the work I would do CISSP.
If I wanted a good amount of value and wanted an easier test, I would do CISM
If I wanted to learn something and build a good base, I would do Security +
Luckily we didn't have any structural damage to the house during the Hurricane, but I did lose a good portion of my fence, some siding, and a very nice palm tree. We are lucky enough to be on the same power grid as an elementary school (we are directly behind the school) so we got power back very early on. However, we didn't get water until last night.
I am glad to be back at work as things return somewhat to normal.
@travisdh1 said in Split Hotel Room for MangoCon '16?:
Well, that idea appears to be a bust, the only rooms available are the ones with single beds.
@jaredbusch said in Bring order into IT environment in chaos:
@scottalanmiller said in Bring order into IT environment in chaos:
@pete-s said in Bring order into IT environment in chaos:
@eddiejennings said in Bring order into IT environment in chaos:
I've used DokuWiki in the past for documentation.
Yes, me too. But for this customer I will suggest they get something that is cloud based. And a little more specifically made for the purpose.
I can't find a good cloud based wiki. Either they suck or they are crazy expensive.
That has been my experience also
Confluence is quite good. Free for under 10 users, too.
@mr-jones said in Taking suggestions about x86 Access replacement:
Okay, let me preface this with "I'm not a database guy". Moving on.
We have two users who require 32bit Office suite to open a very old Access database. They are the only two in the entire organization who need 32 bit, and it's getting really old having to do everything for the OTHER database that EVERYONE uses (to include them) in both 64 and 32 so they can still use both.
My first and only idea so far is to swap them over to x64 Office suite, and then using VirtualBox or similar, make them a VM with x86 Office suite so they could run the old database.
This isn't a great solution, imo. These folks are not tech savvy and I feel like throwing a VM at them would make their heads explode.
I'm looking at Microsoft Access alternatives, but my priority would be to ensure the the database would function the same, and have the ability to be replicated or be imported from the old one with minimal issues. I don't know a lot about database stuff, and this just doesn't seem like a thing to me, or at least something where the solution would require me to rebuild everything from the ground up to match the old one, which at this point, I'm unable to do in any timely manner, but I'm open to suggestions and actively trying to learn about it.
Convert the access database to SQL and put it on Azure SQL on a tiny instance that's only spun up when uou need it
@dashrender said in Looking for Security camera options:
You know, not many on this forum have the luxury of working for enterprise customers, not even Scott. Most of our clients are going to those hobby businesses as we call them around here. So that is the context I generally live in. Since you're fortunate to be in that enterprise space, you generally come from that context, so I get it....
Saying I'm fortunate or it's a luxury would imply that it fell into my lap. I worked very hard to get where I'm at today.
Scott runs NTG and certainly makes bank working off SMB and has the ability to expand his income by adding clients and employees. When you're 1 man show there's not much room to grow.
That being said, one man IT guys make great security or enterprise IT people because they have an understanding of nearly everything it takes to run a network. We kept interviewing security employees with degrees and only security experience. They were not good. I recommended that we ask our recruiter to reach out to one man SMB guys. We found a very knowledgeable person that could be trained on how to do various security functions very easily.
@dashrender said in Looking for Security camera options:
@irj said in Looking for Security camera options:
@pete-s said in Looking for Security camera options:
I would guess though, that you could use a reverse proxy and still put most of these things directly online - especially if you put your own logon page in front of the proxy's redirect to the camera system.
Yes, the cameras or NVR would be accessible through the reverse proxy only.
When you authenticate with SAML, the users are authenticated against a third party "login" service (called Identity Provider). So you are basically outsourcing 2FA and the login process to someone who has the resources to secure it. It's how enterprises do it.
Kind of...
Any resource as important as camera system would certainly not be exposed directly. There is no reason for it. You're never gonna say "Customer please login and check the camera system." So why publicly expose at all.
Require VPN and make it internal only resource.
You're right about using SAML for authentication and using groups to maintain.
wow - I don't know what customers you're talking about - but the two I had that have cameras absolutely demanded an app on their phone to watch their cameras from anywhere.
Where they enterprises or hobby businesses?
@Pete-S stated specifically enterprises and that is what I am answering. Nobody in an enterprise needs to check a camera while out to dinner. In real businesses CEOs don't have access to cameras nor do they care.
@Dashrender you've misinterpreted nearly every reply on this thread and frankly everyone else is not understanding your replies like your sarcasm.
@pete-s said in Looking for Security camera options:
I would guess though, that you could use a reverse proxy and still put most of these things directly online - especially if you put your own logon page in front of the proxy's redirect to the camera system.
Yes, the cameras or NVR would be accessible through the reverse proxy only.
When you authenticate with SAML, the users are authenticated against a third party "login" service (called Identity Provider). So you are basically outsourcing 2FA and the login process to someone who has the resources to secure it. It's how enterprises do it.
Kind of...
Any resource as important as camera system would certainly not be exposed directly. There is no reason for it. You're never gonna say "Customer please login and check the camera system." So why publicly expose at all.
Require VPN and make it internal only resource.
You're right about using SAML for authentication and using groups to maintain.
VLANs, firewall, and internal access only through VPN/bastion.
It's not difficult, it's not expensive when you consider the amount of value you get in many aspects of IT infrastructure(not just cameras).
Come on guys, these are basic concepts.
@marcinozga said in Chia Mining and HD Shortages:
@dashrender said in Chia Mining and HD Shortages:
@marcinozga said in Chia Mining and HD Shortages:
@dashrender said in Chia Mining and HD Shortages:
@marcinozga said in Chia Mining and HD Shortages:
@irj said in Chia Mining and HD Shortages:
- One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.
Consumer or enterprise drive? It could simply be bad unit. Although I do hope mining wears the drives that fast. Hardware manufacturer should put a clause in warranty, that mining voids it. What happened with GPU market is just insane, ordinary people get screwed over. Crypto needs heavy regulation or just outright ban.
man, someone doesn't like Crypto.
And what's to like? Mining wastes crazy amounts of energy for some useless calculations. In the end you have what exactly? Some string of characters. But cyber junkies need their fix too I guess.
We'll definitely have to disagree here. Am I happy about the shear amount of power being used to mine BTC? no, I'm not... but currency that's not controlled by the rich and powerful or the government, one that can't be devalued just by them turning the printing presses on? HELL YEAH I'm all for that.
Currency that can be devalued with a few tweets is better?
I love that there are idiots that listen to tweets whether it's buy or sell. When everyones buying I'm selling and vice versa. If you would have bought yesterday you'd be up big time today.
@marcinozga said in Chia Mining and HD Shortages:
@dashrender said in Chia Mining and HD Shortages:
@marcinozga said in Chia Mining and HD Shortages:
@irj said in Chia Mining and HD Shortages:
- One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.
Consumer or enterprise drive? It could simply be bad unit. Although I do hope mining wears the drives that fast. Hardware manufacturer should put a clause in warranty, that mining voids it. What happened with GPU market is just insane, ordinary people get screwed over. Crypto needs heavy regulation or just outright ban.
man, someone doesn't like Crypto.
And what's to like? Mining wastes crazy amounts of energy for some useless calculations. In the end you have what exactly? Some string of characters. But cyber junkies need their fix too I guess.
That blanket statement you made could be said about computers/servers in general. They are not meaningless calculations if they have a purpose. Are you going to go around and decide which data is a waste of energy and what isn't?
Are Hobby business or home labs a waste of energy, now too? Is your business data a waste of energy?
@stuartjordan said in Chia Mining and HD Shortages:
There are many people now farming plots to create Chia coins, mostly buying enterprise ssd's for temporary storage then buying over 10tb spinning disks to transfer to. I think we are going to end up going down the route with what happend when people started GPU mining. I can see drives becoming very expensive. Thoughts?
I think this will be short lived. I know a couple people that bought a ton of drives do chia mining.
The thing is the pool isn't open yet till end of month. All these people think the $1-2k they put into drive will make them a $1k-2k return each month. However in my opinion there are multiple issues here.
Once the mining pool opens, the price will drop like a brick. 90% decrease in value of coin will happen very quickly
One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.
Basically chia mining isn't sustainable IMO and the coin isn't established like ETH so this won't be like GPU shortages at all. It will be very short lived.
