|
AutoArgus posted:Auuuuuuughh as much as I enjoy working on the dark side as a consultant (Seriously, its great, except for these days), the days where a client decides that You Are The Problem (TM) and everyone involved gets defensive and reaches for their CYA documentation just suck out loud. Everything gets smoothed out in the end but every time a day gets filled with meetings to figure out what the hell just happened I get flashbacks of helpdesk days. You're easier to blame and easier to get rid of. Everyone wins! Except you.
|
#
¿
Aug 27, 2014 21:15
|
|
|
|
| # ¿ Apr 27, 2024 07:13 |
|
|
I'm a Senior Specialist Operational Security. A more appropriate title would be Pretty loving Jr. Intrusion Analyst Slash Some Other Stuff. Senior and Engineer don't mean anything.
|
|
#
¿
Aug 29, 2014 02:01
|
|
|
My teams Director told me the same thing. Call myself whatever I like externally, my title just basically exists as an attachment to the pay grade I'm in for internal means. evol262 posted:Contractors are a fixed expense for a fixed time span, though, which is an easier sell on the budget So true. No head count availability? Hire a contractor. You can always convert them later to employee if they are a rock star and the position is added to the count.
|
|
#
¿
Aug 29, 2014 16:26
|
|
|
TheEffect posted:Also, if a company gives you the greenlight to use whatever title you want on your resume take them up on it man! Don't go overboard and say you were a director or something, but definitely make yourself sound good. Essentially when you're job hunting you're trying to sell yourself to a company. Don't undervalue your previous accomplishments or work experience. This pretty much. Don't lie about it but put down whatever is actually applicable to the job you're interviewing for. My title is related to Operational Security but if I was applying for a straight up analyst position I'd apply with my title being "Intrusion Analyst" or whatever sounded good but was truthful. You can at least get by any title checkers that way.
|
|
#
¿
Aug 29, 2014 16:36
|
|
|
MC Fruit Stripe posted:In this thread we're spending our day documenting, documenting, documenting. Yes. SOC procedures. Yawn.
|
|
#
¿
Sep 2, 2014 18:33
|
|
|
E: Was already said by like, everyone in this thread. Carry on.
|
|
#
¿
Sep 3, 2014 18:24
|
|
|
Sepist posted:Hidden con to having a fat foodie boss: Recommending a place for lunch that he ends up hating may cost you your job, or at the least his trust. Guess he's not a fan of my sushi joint Respond "my dead what?"
|
|
#
¿
Sep 3, 2014 18:53
|
|
I just keep getting texts that say "your dead"
|
meanieface posted:What do you goons do to stay in shape while you're sitting all day? Smash the gym before work? Get up and walk every so often? I'm exhausted when I get home now so my after work plan isn't working. I'd like some advice. I get up at 0415ish to be at the gym by 5. Work out until 0600ish. Get to work around 0800 or so and have a standing desk. A standing desk means you just slouch in a different way. I'm usually passed the gently caress out by 2100 too since it feels so amazing to sit/lay down when I get home.
|
|
#
¿
Sep 14, 2014 22:20
|
|
|
Dick Trauma posted:What's up early bird? I get up around 0420 a few times a week to get to the gym before it opens. Cardio some days, lifting others. Also I walk a mile to work, about half is uphill. After three years of that I must be in better shape. Funny enough I'm actually in the worst shape of my life. I could drop like 10 or so lbs to get rid of these developing love handles. Beer is good as gently caress and I really just need to give it up at least 6 out of 7 days.
|
|
#
¿
Sep 15, 2014 23:38
|
|
|
dogstile posted:I kind of missed this but how do you manage to function after you go to the gym? I've just got back from mine and i'm wiped out. I just want to sleep. I feel like a greek god after working out. I won't make it until 10PM and often times pass out by 7 after work but it kick starts the gently caress out of my day.
|
|
#
¿
Sep 18, 2014 23:10
|
|
|
A mix of compound (squats, deads, rows, presses, etc) and isolation (curls and other feel good lifts for dat pump). I do cardio whenever I feel like it mainly but try to keep it limited to sprints or the row machine or something. Yogging bores me to death.
|
|
#
¿
Sep 18, 2014 23:26
|
|
|
Unless you have a seriously dedicated MDM team it sounds like bullshit. That or your company is like 20 people.
|
|
#
¿
Sep 19, 2014 00:33
|
|
|
JHVH-1 posted:Anyone have any suggestions as far as headsets? http://www.amazon.com/V-MODA-Crossfade-Over-Headphones-Gunmetal/dp/B003BYRGKY/ref=pd_sim_e_4?ie=UTF8&refRID=0JTHXTRAGSZH02GGY9E3 + http://www.amazon.com/gp/product/B00BJ17WKK/ref=oh_aui_detailpage_o04_s00?ie=UTF8&psc=1
|
|
#
¿
Sep 19, 2014 22:17
|
|
|
JHVH-1 posted:Wow, will it make me look like this No you are too fat and ugly.
|
|
#
¿
Sep 19, 2014 23:26
|
|
|
psydude posted:New job is soooo stereotypically Northern Virginia IT. Buncha libertarian unix and linux neckbeards calling Windows "Windblows," talking about guns, and making fun of one another. Still have no idea what I actually do, but I'm getting paid, my boss is super chill, and everyone I've met so far is 1000% less terrible than the people I worked with in Afghanistan. I saw my PM wearing jeans today, too, so I think I can get away with it on Fridays maybe. Oh yeah, and they're sending me to a SourceFire course, which is pretty neat. Maybe I work in a vacuum or something but I've worked in "Northern Virginia IT" since 2007 and that doesn't sound like my experience. I don't work in contracting though. Oh and I can't imagine the shitbirds you must have had surrounding you in Astan. Sourcefire, are you in the security group?
|
|
#
¿
Sep 25, 2014 00:32
|
|
|
Do you actually have experience with intrusion analysis? I'm not sure how "I'm a Unix admin" = "I'm going to apply to be an IA".
|
|
#
¿
Sep 25, 2014 20:52
|
|
|
Sickening posted:How does operational knowledge NOT transfer over into a position that is based on securing those systems? How does being a sysadmin qualify you to be a "Security Analyst"? Also what does that mean. Intrusion analyst, security engineering, pentesting?
|
|
#
¿
Sep 25, 2014 21:20
|
|
|
Zorak of Michigan posted:Thanks for all the responses. Security is (in my opinion) the most fun field to be in. Good luck with the position, let us know how it goes. Your *nix experience will go a long way for sure.
|
|
#
¿
Sep 25, 2014 22:56
|
|
|
Docjowles posted:Goondolences to my fellow Linux admins.I've been seeing hits in our server logs from drive-by scanning attempts I'd be shocked if somebody hasn't had their external range scanned yet. VRT (if you're on SourceFire) and ET both have SNORT rules out for plugging into your IPS. 2019231 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in URI (web_server.rules) 2019232 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers (web_server.rules) 2019233 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body (web_server.rules) 2019234 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 2 (web_server.rules) 2019239 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Cookie (web_server.rules) Bloodborne fucked around with this message at 23:13 on Sep 25, 2014 |
|
#
¿
Sep 25, 2014 23:02
|
|
|
I bought an XB1 a few weeks ago. I think I've turned it on twice. I'm good with money.
|
|
#
¿
Sep 26, 2014 01:19
|
|
|
psydude posted:All of our stuff is pretty *nix heavy. He might not necessarily be outright qualified to be an analyst, but he could definitely be an operations engineer that interfaces with analysts. Oh without a doubt, most everything we have is on a *nix appliance/box. I wasn't trying to say there's no way for him to transition, just that I wasn't sure from what was said how Unix admin = Sec Analyst. If nothing else learning to be an analyst is really a lot of loving fun. Leveraging multiple systems either individually or into your SIEM to correlate data and play network detective? Work is fun and usually you'll find sec dudes love their jobs. Fiendish Dr. Wu posted:Silly me thinking engineer is higher than analyst It is where I work; analyst however is in higher demand across the industry so there's that as far as getting a job or choosing what to focus on in security.
|
|
#
¿
Sep 26, 2014 11:30
|
|
|
Psybro of course they're different roles. Our sec engineers have a higher grade/salary, it's not a linear ranking system of CPL > SGT or whatever and they aren't above us but yes. E: Analyst isn't something you spend your entire security career doing either, in most cases. Unless you want to be some tier 3 super lead threat center analyst guy then most people leave that for penetration testing or the engineering architecture side. Analyst time does nothing but benefit you regardless of the path. What I'm trying to say is you see analyst to engineer moves. Not often you see an engineer move into an analyst role. Bloodborne fucked around with this message at 12:10 on Sep 26, 2014 |
|
#
¿
Sep 26, 2014 12:04
|
|
|
Zorak (sweet Space Ghost ref btw), when do you find out if you're moving over? I think SA needs more sec dudes posting about sec things. YOSPOS doesn't count, that thread hurts my eyes and brain.
|
|
#
¿
Sep 26, 2014 19:44
|
|
|
psydude posted:Who else's leadership is freaking out about ShellShock today right before the weekend? Not really here, we've identified the inventory of what's what and watching what's tripping alerts in Sourcefire, of which is set to drop anyway.
|
|
#
¿
Sep 26, 2014 19:49
|
|
|
Tab8715 posted:Can't some kind of network security appliance or deep packet inspection stop shell shock? You can drop the traffic at the IPS level by setting whatever identifying rule you have (VRT or ET here) to generate alerts and drop traffic from the sensor the traffic comes across. Internet/DMZ/Internal/etc. It's still signature based though so only as good as the matched conditions in the rule.
|
|
#
¿
Sep 26, 2014 19:55
|
|
|
DrAlexanderTobacco posted:My god, just suck it up! Do it a few times, make your boss happy. Smile and nod. Break out of the stereotype. Listen to Dr. A. Tobacco. FISHMANPET posted:Yeah I'm not even supposed to be doing user support, I built everything from scratch in that department 5 years ago (while on help desk, everything is stupid) and now my replacement is on a 2 month vacation so they've slotted me back in. I'm less than thrilled. After that I get to "run" (nobody knows what that means yet) another help desk while the person that "runs" it now goes on maternity leave. What's your actual position in this company (that owns multiple Help Desks with no set plan for management coverage in any)? Two months of PTO. This might be an unpopular opinion but unless it's due to health issues or something on that level then eight weeks paid time off being taken all at the same time is bullshit.
|
|
#
¿
Oct 3, 2014 10:01
|
|
|
That's adorable. Can you imagine the satisfaction felt as he placed it 
Bloodborne fucked around with this message at 14:35 on Oct 3, 2014 |
|
#
¿
Oct 3, 2014 14:23
|
|
|
Print this page out and put it in his mailbox. Highlight the price. http://www.amazon.com/Canon-Office-Products-IP2820-Printer/dp/B00HM0IV8E/ref=sr_1_3?ie=UTF8&qid=1412345185&sr=8-3&keywords=printer
|
|
#
¿
Oct 3, 2014 15:08
|
|
|
FISHMANPET posted:we have 3 rooms where IT people sit and answer calls and help people that walk in. That is literally a Help Desk. What's the function called if not a Help Desk? Discouraged by central IT? Employee is a status not a role, do you not have a grading system or titles or anything that gives you a job code/classification? Systems Administration Adviser/Representative/Principle/Penguin/etc. It sounds like your work environment is run by clowns.
|
|
#
¿
Oct 3, 2014 15:44
|
|
|
Zero VGS posted:Inkjet huh? Dudes trying to push a printer from 1743 on IT to support. For 30 bucks I think the smug in question would be alright with it.
|
|
#
¿
Oct 3, 2014 15:45
|
|
|
Godspeed sir. Keep your options open which I'm sure you already know. In other news I don't even know why I pick up calls from external numbers at my desk anymore. It's always always always some vendor cold call because I downloaded a whitepaper that one time.
|
|
#
¿
Oct 3, 2014 17:00
|
|
|
Excellent, congrats and good luck.
|
|
#
¿
Oct 4, 2014 20:25
|
|
|
KennyTheFish posted:It is very very simple. install WSUS, set GPO so machines talk to Wsus. approve patches. Smoke weed.
|
|
#
¿
Oct 16, 2014 04:29
|
|
|
psydude posted:Depending upon your organization's size and budget, most IDS/IPS manufacturers will usually expedite the release of signatures to detect major exploits soon after they're discovered. Generally, your security analysts will specifically look for those exploits during your testing and evaluation phase for patches. This can be an imperfect solution if the exploit is so simple that it would generate a large number of false positives, but it's usually the best tradeoff between breaking your production environment and leaving everything completely unprotected while testing is under way. Yep exactly this. Example: http://emergingthreats.net/daily-ruleset-update-summary-10142014/ I don't know if I'm a fan of ET's rules, but they kick them out quickly and you get to say in response meetings that signatures are in place if the platform vendor hasn't released theirs yet.
|
|
#
¿
Oct 16, 2014 14:54
|
|
|
Tab8715 posted:
Is this a real question? Because I like and want the choice to display or hide what I like.
|
|
#
¿
Oct 16, 2014 16:36
|
|
|
Ashley Madison posted:Can anyone recommend any decent security blogs? I'm not well-informed on that side of the industry because it's outside of my purview, but I would like to stay informed. A few and in no order: http://www.darknet.org.uk/ http://www.wired.com/category/threatlevel/ http://krebsonsecurity.com/ http://nakedsecurity.sophos.com/ http://threatpost.com/ http://blogs.technet.com/b/security/ http://www.fireeye.com/blog/ http://blog.sucuri.net/ Bloodborne fucked around with this message at 20:56 on Oct 16, 2014 |
|
#
¿
Oct 16, 2014 20:53
|
|
|
The Dreamer posted:Thanks for all the advice guys. One last question. For a resume targeted at entry level IT is it a good idea to list customer service experience under professional experience? It seems like something that would be important for Help Desk and Tier 1 support type jobs. Yes you should. It's highly important for Help Desk.
|
|
#
¿
Oct 30, 2014 18:50
|
|
|
Dr. Arbitrary posted:I guess I could ask this in the Linux thread but I'm sure others are in the same spot as me. https://www.edx.org/course/linuxfoundationx/linuxfoundationx-lfs101x-introduction-1621 Download Virtualbox and Ubuntu to get familiar.
|
|
#
¿
Oct 31, 2014 03:22
|
|
|
15 years lol suck my dick.
|
|
#
¿
Nov 1, 2014 02:26
|
|
|
|
| # ¿ Apr 27, 2024 07:13 |
|
|
Race Realists posted:Has anyone here ever taken an IT internship from their college? Would they recommend it? Yeah if you aren't awful at whatever skill set the internship is for. We interned a dude in our security group and he didn't really know much of anything; as a result we couldn't involve him in anything fun.
|
|
#
¿
Nov 3, 2014 10:47
|
|