If you forget to use sudo and spend some time editing a file with vim, not all is lost. You can actually escalate using sudo without leaving vim, and losing your changes.
:w !sudo tee %
Note : this only escalates for one write. You must run the command again if you want to save file after making more changes.
We are having a baby tomorrow. The c-scheduled for tomorrow morning. We have to be at the hospital at 5am.
Two kids under 2. Life is going to be crazy.
I stopped after work to fish a fully fresthwater retention pond for bass. A saltwater tarpon in a retention pond is something you see everyday.. Definitely not what I was expecting. I had to go in and get him out of the hydrilla. I took a video of the fight because I was 100% sure I was gonna lose him on 10lb test. What an epic battle!
Here is the video...
Some of ya'll need to hear this...
Welp, I made the jump into the IT security world. I am leaving Windows System Administration to join IT security full time. I wanted to make the announcement last week, but with the hurricane I figured I would wait.
When I started my career at GeekSquad for $10 an hour back in 2004 I would never imagine where I would be today. Fast forward 12 years and I am working an IT security job for a enterprise organization.
I have no degree and my path certainly wasn't easy. I started out at the bottom and worked my way up every chance I could get.
2004 - Geek Squad
2005-2006 - Enterprise Help Desk
2007 - 2008 - Desktop Support
2008-2010 - Network Technician (basically entry level system admin)
2010-2012 - System Admin
2012-2016 - Network Administrator II (basically high level System Admin)
2016 - Cyber Security Vulnerability Manager
I wanted to share my journey because if you have enough drive anything is possible. A degree is definitely not needed. I started out of high school when all my colleagues started by getting a 4 year degree. I am ahead of my everyone of my colleagues that I talk to that has a degree.
I am only 29 years old so my journey is far from over.
Ugh CEH is the worse option. I have it and that is scam certification IMO. It is like over $1000 to take a test that is multiple choice and extremely easy.
CISSP - Great, but you have to commit a good amount of time and brainpower to it. I have it and it was pain in the ass, but well worth it.
CISM - Weighed the same as CISSP by DoD DIrective 8570, but an easier test.
Security + - Used to be a basic watered down security cert like Scott said, but recently was made much tougher and is more well respected now
If I wanted the most value and was willing to do the work I would do CISSP.
If I wanted a good amount of value and wanted an easier test, I would do CISM
If I wanted to learn something and build a good base, I would do Security +
Luckily we didn't have any structural damage to the house during the Hurricane, but I did lose a good portion of my fence, some siding, and a very nice palm tree. We are lucky enough to be on the same power grid as an elementary school (we are directly behind the school) so we got power back very early on. However, we didn't get water until last night.
I am glad to be back at work as things return somewhat to normal.
@travisdh1 said in Split Hotel Room for MangoCon '16?:
Well, that idea appears to be a bust, the only rooms available are the ones with single beds.
@BraswellJay we don't allow public Docker images to be loaded on our network. What we do is download any images that are needed and upload them to our own Docker registry. We use GCR on Google cloud, but you could use AWS or Azure as well. Each of those providers have vulnerability scanners built-in so anytime you upload an image, it is scanned automatically.
@gjacobse said in Does this speak to you?:
In Dec I was informed I was going Month to Month at the end of the six months..
I think that's you're answer. They feel like they need to revaluate month to month. I would have argued for at least 3-6 month contracts or been looking to leave within a month or two max
@gjacobse said in Does this speak to you?:
Keep in mind - I'm a contractor - brought on with the idea of six months to hire.... Six months was the end of December.
Do you want FTE? Did you talk to them in December about it?
Do you make considerably more than you would as a FTE?
If the answers to 1=yes and 2=no then it's clear they do not want to bring you on full time. After being there for a year, it's time to move on. If the answers to 1=no and 2=yes then there is no issue. Some contractors don't want FTE because they can make considerably more as a contractor.
@scottalanmiller said in Restrict access to parent folder but allow child folder access:
At some point permissions and folders are just difficult and there's no way around it. What we do is we don't use mapped drives / SMB shares but instead use a modern cloud based solution (Zoho WorkDrive in our case, but they are mostly the same) and there aren't child folders only top level folders (that have perms.) It forces you to keep all perms at the top folder level (like at the share level.) Far less granular, but it is a lot cleaner. I feel we are far less likely to overlook something or give permission that we don't know about. Since only folders that someone has access to become visible, it actually works decently well.
That and we avoid "Files" as a mechanism in the company. Essentially everything is access to an application with a database behind it. Files are a "mistake" in IT terms, a fallback for a gap in application design, so the general but rarely spoken theory of good IT is to minimize files as a thing people would want. We do this very, very strictly and have only a handful of files left in the company... mostly media files or PDF archives, so this minimizes the problem making it far more manageable.
This is called object storage. There are alot of advantages to object storage vs file storage on both user and administrative level. It's so much easier to use a
, and encourage stricter permissions since sharing is done per object. You can still share folders (a collection of objects).
https://www.ibm.com/cloud/learn/object-storage
Here's a good comparison.
https://www.ibm.com/cloud/blog/object-vs-file-vs-block-storage
@pete-s said in Wsus for remote vpn and on-premise users:
If you are considering having clients download updates from Microsoft directly then that means that you are going to apply all updates, doesn't it?
If that is the case, what functionality does WSUS bring to the table?
95% of WSUS administration is blindly approving updates anyway. Just let them auto update and be done.
@gjacobse said in Chrome: unable to play YT Video; weirdness:
Well now that we have porn and the 'porn mode' out of the way...
Are there any thoughts on what could be causing this, how to prevent it, and on (a reminder) of how to rectify the issue? Preferably I would like to not lose saved passwords and such, or book marks. but I know where bookmarks are so that is easy enough.
I'd reinstall the browser. It's easy to backup all that stuff to your Google account or do it manually.
Also I'd recommend not saving passwords in Chrome.
@scottalanmiller said in Job offer:
Has anything changed to make you feel it is worth accepting now when it wasn't a few days ago?
I feel like shitty employer isn't a reason to do anything out of fear or just to get out. For me accepting a new role is always a well calculated decision. Sure, he should make the decision that he's gonna leave his current employer. That's an easy one to make.
However, the decision of choosing the new role needs to be well thought out and calculated as a career move. Not a knee jerk reaction.
If someone truly devoted themselves to finding a job in 6 weeks, you can do it if you have the actual skill set required for your new role. In 6 weeks time you should have received several offers.
@pete-s said in ZeroTier & Security:
If you assume that being connected to an ZeroTier network is the same as having the host sitting directly on the internet, you'll be fine.
That is the basic premise of the zero trust security model - assuming that the network is hostile.
Yes this ^
@stacksofplates said in VDI Options - Modernization:
@jimmy9008 said in VDI Options - Modernization:
@jt1001001 said in VDI Options - Modernization:
@jimmy9008 We have a use case involving a legacy client/server app that we've determined we're going to have to go VDI for in order to secure it. One lousy app for approx 5 users that I hope we eventually move away from. We are currently reviewing Azure VDI for this and it so far will fit the bill though we had to go throught a lot of "hoops" to configure networking, VPN back into our infrastructure, etc. We have not yet presented budget numbers to the bean counters but Im hoping when we do they will see the $$$$$ wasted for 5 users and will force them to a new product.
What other products do you plan to look at? Still VDI or something else? Any experience of VMWare Horizon?
We have around 600 - 1000 users globally (mostly developers) on the VDI I need to replace. The company dictates that the VDI must be in the same datacenter as the rest of the developers environments, so I don't think Azure VDI would work for us because of that mandate.
I know this isn't VDI, but what about something like GitPod, Eclipse Che, Coder, etc? In everyone's defense, developing over VDI truly sucks. This would keep the development environments in the same data center, but would give a much better experience.
Yeah I agree. Putting developers on VDI is a total waste. But it sounds like OP doesn't want a different solution and is not interested in thinking outside the box to implement IT based on strategy vs this is way things were always done.
That's why these people won't be calling the shots or making big bucks because they can't think outside their comfort zones and refuse to stand up to their superiors in order to make positive change.
I always sign offer and wait for background check, drug screen, etc BEFORE I put my notice in
