Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady

RFC2324 posted:

it was actually unplanned, and I forgot to open a ticket specifically for it. Server was unresponsive, so I rebooted and they wanted to know why I was in the console(checking for the black screen)
Ah, I didn't connect "unplanned event" with what I'd think of as "undocumented incident". Checking that it was actually you who did that as well as you having not gone rogue is security's job there.

Adbot
ADBOT LOVES YOU

RFC2324
Jun 7, 2012

http 418

Arquinsiel posted:

Ah, I didn't connect "unplanned event" with what I'd think of as "undocumented incident". Checking that it was actually you who did that as well as you having not gone rogue is security's job there.

I am not complaining in the slightest, and it was documented in the log we maintain for stuff done relevant to monitoring. I just failed to create a ticket, and so they reached out to make sure it was legit.

Point being that documentation was enforced :)

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady
90% of my SOC checks were:
"Is that you?"
"Yup."
"Okay so." *close incident*

It's the other 10% where things got interesting.

RFC2324
Jun 7, 2012

http 418

Arquinsiel posted:

90% of my SOC checks were:
"Is that you?"
"Yup."
"Okay so." *close incident*

It's the other 10% where things got interesting.

its my first time working under FedRAMP controls. Most things feel the same but every now and then security pops up and clears their throat at me.

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady
You should get your next shell with something from Metasploit and tell them you're just testing their response time and they passed. That'll win you lots of friends!

RFC2324
Jun 7, 2012

http 418

Arquinsiel posted:

You should get your next shell with something from Metasploit and tell them you're just testing their response time and they passed. That'll win you lots of friends!

noooo, I kinda am thinking security might be my way out of being directly customer facing based on the number of my coworkers who openly admit to text files full of passwords, so I am not going to annoy them more than I have to

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady
Find out what you can do that triggers a SIEM alert for them and start dropping them an email to their security@your.job address before you do it. They will treasure you. If you have a ticket you can throw in there too their minds will be blown.

Potato Salad
Oct 23, 2014

nobody cares


"I'm about to invoke X on Y machines via Z" is sometimes a quick phone call to the soc lead on duty

saves me the trouble of X getting interrupted on the back half of set Y

Bob Morales
Aug 18, 2006


Just wear the fucking mask, Bob

I don't care how many people I probably infected with COVID-19 while refusing to wear a mask, my comfort is far more important than the health and safety of everyone around me!

My boss is a moron and forwards SOC alerts to me all the time

SOME PC'S ARE HAVING PASSWORD FAILURES GO INVESTIGATE ASAP

Well...those dummies are typing their passwords wrong. We aren't being bruteforced.

Neddy Seagoon
Oct 12, 2012

"Hi Everybody!"

Bob Morales posted:

My boss is a moron and forwards SOC alerts to me all the time

SOME PC'S ARE HAVING PASSWORD FAILURES GO INVESTIGATE ASAP

Well...those dummies are typing their passwords wrong. We aren't being bruteforced.

Might be worth a cursory look for any patterns just for peace-of-mind (Sequential IP addresses, going down alphabetical usernames like a.aname, a.namf, a.anamg, etc) just to be able to throw it back that there's nothing to actually indicate anything other than user error.

angry armadillo
Jul 26, 2010
I am typically not at my desk and I am not allowed my mobile
My boss doesn't work here and the network is subject to monitoring is not remotely accessible.

It causes some difficulties with getting a quick response to tickets.

My boss suggested taking a radio so they can ring the control room who could summon me, I just laughed at him.

Potato Salad
Oct 23, 2014

nobody cares


Bob Morales posted:

My boss is a moron and forwards SOC alerts to me all the time

SOME PC'S ARE HAVING PASSWORD FAILURES GO INVESTIGATE ASAP

Well...those dummies are typing their passwords wrong. We aren't being bruteforced.

jfc. I thought my siem was underdeveloped. I'm so sorry

Spring Heeled Jack
Feb 25, 2007

If you can read this you can read
We just setup a new (managed by the vendor) SIEM and I’m getting blasted with alerts for every little change I make in Azure.

Sickening
Jul 16, 2007

Black summer was the best summer.

Spring Heeled Jack posted:

We just setup a new (managed by the vendor) SIEM and I’m getting blasted with alerts for every little change I make in Azure.

Azure audit events are important. For some orgs, its the only place where any communication on changes happen at all.

MJP
Jun 17, 2007

Are you looking at me Senpai?

Grimey Drawer
Thread, is there a point where you just said "I'm done learning stuff I suck at" and if so, what did it do to your career?

I've bashed my head against the wall to get better at Powershell and ARM templates for almost a year now, in my current role. I can look at a template/script and identify what stuff does, troubleshoot it, etc., and maybe even take its elements and use them for something I'm working on. But I just can't make these complex scripts and templates on my own. I'm not a coder, I'm only really into IT because it's what I do well, and I do far better on troubleshooting/figuring out stuff that I can see or feel. Code and scripting just doesn't come together for me.

My worry is that the attitude of "IT is always learning new things and if you don't do that, you might as well go dig ditches for a living" is something that's so broad and indistinct as to lose meaning. Over the years of getting certs, getting vertical movements, and even doing well enough to get overall positive reviews and feedback, I worry that since I just don't CARE about this stuff, I'll never be able to learn it, and if it's code-related, I won't be able to sustain a career for long enough until I can retire.

Is it ever OK to just say "I'm really good at Windows Server and sysadmin stuff, I can maybe do a bit of Powershell if it'll take less time to create and the script than the aggregate time of just manually doing the work" out loud? It feels like taboo to admit "I am not really good at this or interested in it, I struggle with it, and even if I ask for help I can't process it" at most points.

i am a moron
Nov 12, 2020

"I think if there’s one thing we can all agree on it’s that Penn State and Michigan both suck and are garbage and it’s hilarious Michigan fans are freaking out thinking this is their natty window when they can’t even beat a B12 team in the playoffs lmao"
It’s not taboo to admit that scripting sometimes takes longer than solving the issue by hand - you become a dipshit when you have to do that thing more than once or on tons of machines and rely on your mouse instead of scripting it. I’d argue PowerShell is no more code than any IAC or YAML is, I certainly can’t develop my way out of a paper bag but those things are all just performing actions for me using the three-tiers-of-abstraction-away-from-real-code instructions I can feed various systems to make my life easier. No idea if this will help but when I was sysadminning Windows servers I stopped using the GUI entirely unless a service forced it on me. Helped me understand I was just replacing mouse clicks with commands in PS. Also ARM is for loving assholes imo and Bicep is a sick joke.

I don’t know how much longer people will be hiring folks who can’t speak to PS/automation of some kind. But I do know 90% of the people who claim they know PS/automation either know Jack poo poo about it or rarely use it for anything so I wouldn’t worry too much just make sure you keep putting it on a resume.

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady

Neddy Seagoon posted:

Might be worth a cursory look for any patterns just for peace-of-mind (Sequential IP addresses, going down alphabetical usernames like a.aname, a.namf, a.anamg, etc) just to be able to throw it back that there's nothing to actually indicate anything other than user error.
How many failures before success? Anything less than lockout and you don't care.

You are locking out after, say, five failures, right?

RFC2324
Jun 7, 2012

http 418

i am a moron posted:

It’s not taboo to admit that scripting sometimes takes longer than solving the issue by hand - you become a dipshit when you have to do that thing more than once or on tons of machines and rely on your mouse instead of scripting it. I’d argue PowerShell is no more code than any IAC or YAML is, I certainly can’t develop my way out of a paper bag but those things are all just performing actions for me using the three-tiers-of-abstraction-away-from-real-code instructions I can feed various systems to make my life easier. No idea if this will help but when I was sysadminning Windows servers I stopped using the GUI entirely unless a service forced it on me. Helped me understand I was just replacing mouse clicks with commands in PS. Also ARM is for loving assholes imo and Bicep is a sick joke.

I don’t know how much longer people will be hiring folks who can’t speak to PS/automation of some kind. But I do know 90% of the people who claim they know PS/automation either know Jack poo poo about it or rarely use it for anything so I wouldn’t worry too much just make sure you keep putting it on a resume.

You misunderstood the question.

They are if there is a point you can just say 'gently caress it, I'm good at what I do, stop making me learn anything else'

Which is valid. As I get older I have lost that love of learning that constantly drove me when I was in my 20s and 30s, and wish I could just stop being defined by my profession and could take a year to just do something else. Clock in, do my thing, clock out and go paint til bedtime every day or something to enrich me as a person, instead of learning poo poo so I can enrich someone else's bank account

Dr. Arbitrary
Mar 15, 2006

Bleak Gremlin
If you have a good password policy, you can actually set that lockout number really high without much risk.

Compliance rules might require something lower, though.

Bob Morales
Aug 18, 2006


Just wear the fucking mask, Bob

I don't care how many people I probably infected with COVID-19 while refusing to wear a mask, my comfort is far more important than the health and safety of everyone around me!

It’s five or six? Annoying as gently caress because you can hit enter 2/3 times before you even realize you are trying to login and failing

i am a moron
Nov 12, 2020

"I think if there’s one thing we can all agree on it’s that Penn State and Michigan both suck and are garbage and it’s hilarious Michigan fans are freaking out thinking this is their natty window when they can’t even beat a B12 team in the playoffs lmao"

RFC2324 posted:

You misunderstood the question.

They are if there is a point you can just say 'gently caress it, I'm good at what I do, stop making me learn anything else'

Which is valid. As I get older I have lost that love of learning that constantly drove me when I was in my 20s and 30s, and wish I could just stop being defined by my profession and could take a year to just do something else. Clock in, do my thing, clock out and go paint til bedtime every day or something to enrich me as a person, instead of learning poo poo so I can enrich someone else's bank account

I don’t think I did. I’m saying use it when you should and slap that poo poo on a resume and move on. Learn it or don’t, it doesn’t matter just make sure you tell people you did and you care about it

Potato Salad
Oct 23, 2014

nobody cares


A complex password can mitigate risk of collision from 10 requests per hour, 100 requests/hour, whatever; the math on collision risk as a function of password entropy is well established.

ssb
Feb 16, 2006

WOULD YOU ACCOMPANY ME ON A BRISK WALK? I WOULD LIKE TO SPEAK WITH YOU!!


MJP posted:

Thread, is there a point where you just said "I'm done learning stuff I suck at" and if so, what did it do to your career?

As a general concept, that can be fine. I'm not super good at a few things and teammates do that stuff when it comes up for me while I make up for it by doing the things I'm better at when it comes up for them. As long as you work on a team, that can be fine.

However - your specific example is going to be a serious issue going forward with systems administration. Scripting/config management (puppet, chef, ansible, etc) is pretty much the path forward right now for most places, and where it isn't yet it's probably going to become so over the next few years. There are going to be outlier jobs that still do everything by hand and such, but it's absolutely going to limit career opportunities if you're unable to do more than operator-level tasks when it comes to basic scripting and config management.

With that said, I have a suspicion you're overthinking this stuff. As another poster said, powershell isn't exactly "programming" and neither is most config management. It's generally a series of commands (or conditions to achieve) with some logic branches, usually not much more complicated than if-then-else or a case statement kind of thing. I'm somewhat oversimplifying, but you should be able to get 90% of what you need from looking at other code or searching on Stack Overflow or whatever.

Sickening
Jul 16, 2007

Black summer was the best summer.

Potato Salad posted:

A complex password can mitigate risk of collision from 10 requests per hour, 100 requests/hour, whatever; the math on collision risk as a function of password entropy is well established.

Its also a great way to increase your risk in other areas to the point I don't think there is much, if any overall security benefit. Brute force protections are so basic and standard that you have to be really loving up to make them a threat and password complexity rules at large are putting perfume on a turd.

Potato Salad
Oct 23, 2014

nobody cares


Sickening posted:

Its also a great way to increase your risk in other areas to the point I don't think there is much, if any overall security benefit. Brute force protections are so basic and standard that you have to be really loving up to make them a threat and password complexity rules at large are putting perfume on a turd.

Completely agreed. One can spend a lunch going over some of the math in 800-63b, implement a password and lockout policy more than adequate for your clients needs, and move on to more important things without getting hung up on user creds.

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady

Bob Morales posted:

It’s five or six? Annoying as gently caress because you can hit enter 2/3 times before you even realize you are trying to login and failing
Usually three, but I'd go slightly higher because of exctly that. Then have the account unlock after X*(1+ number of locks since successful login) minutes, and max out when that hits 3 and require admin intervention. Might also require manager intervention, if someone is doing it to dodge work, but you (HR really) can metric that.

shortspecialbus posted:

With that said, I have a suspicion you're overthinking this stuff. As another poster said, powershell isn't exactly "programming" and neither is most config management. It's generally a series of commands (or conditions to achieve) with some logic branches, usually not much more complicated than if-then-else or a case statement kind of thing.
It's pretty much the kind of thing where you can just do the task, make a note of the commands you run, and then work out how to verify if they completed or not. Rollback if you want to get fancy, otherwise wait until it fails and "iterate" by making a note of your troubleshooting steps.

MJP
Jun 17, 2007

Are you looking at me Senpai?

Grimey Drawer
Yeah, it's all those things: is it OK to suck at coding, is it OK to say "I do what I do well, and that's it", and overthinking my own failures/issues. In the past I've thought that I could make my way through the next 15ish years of the workforce and retire, but as I've come up against the limit of my skills and where I need to take my career, it's looked scarier and scarier. The "scripting and IaC are the future of infrastructure" school of thought is true, and it's really intimidating.

At least recently I've started to give thought to non-sysadmin/engineering roles that at least allow me to still take my technical skills and put 'em with problem solving. It's just a really big scary unknown and if COVID wasn't real I'd be trying to talk this out with trusted peers.

Arquinsiel
Jun 1, 2006

"There is no such thing as society. There are individual men and women, and there are families. And no government can do anything except through people, and people must look to themselves first."

God Bless Margaret Thatcher
God Bless England
RIP My Iron Lady
I think you are scaring yourself unnecessarily.

bell jar
Feb 25, 2009

PowerShell sucks.

i am a moron
Nov 12, 2020

"I think if there’s one thing we can all agree on it’s that Penn State and Michigan both suck and are garbage and it’s hilarious Michigan fans are freaking out thinking this is their natty window when they can’t even beat a B12 team in the playoffs lmao"
PowerShell more like PowerSmell amirite? It’s actually amazing for Windows, and if your beef is with Windows then yes PS sucks because so does Windows. If you work in Windows all the time and you think it’s no good I have some bad news for you.

guppy
Sep 21, 2004

sting like a byob
PowerShell is terrific in the sense that it has a lot of very powerful cmdlets that can do a lot of great stuff quickly and at scale. I also hate it because the syntax is very different from most of the other programming I do and I don't like it.

Wizard of the Deep
Sep 25, 2005

Another productive workday

Winston Churchill posted:

DemocracyPowershell is the worst form of governmentscripting language, except for all the others.

Inspector_666
Oct 7, 2003

benny with the good hair
PowerShell loving rules until people insist on trying to make it into something it isn't and then they get mad it's not a fully-fledged programming language.

As far as pushing boundaries go, I was very up-front in the interview process for my current job that my PS knowledge and skills were in using it for admin and management and not like, pulling in .NET classes and whatnot. But at the same time I think I am actually pretty decent at using PS in those boring confines and I can cite several projects that saved me a ton of time. I'd say if you don't know any PowerShell you're at the very least handcuffing yourself just in terms of efficiency, but I think there's still room in IT for people who don't necessarily want to just be devs, but in a different department from the "real" devs.

I think the really cool thing about SDwhatever is that you can theoretically get further by really knowing the fundamentals and not have to spend as much time necessarily learning weird syntactical tricks that will only work on one model line of one vendor's gear.

Inspector_666 fucked around with this message at 02:50 on Mar 2, 2021

Agrikk
Oct 17, 2003

Take care with that! We have not fully ascertained its function, and the ticking is accelerating.
I came dangerously close to owning a thing tonight.

I am on the board of directors for my kids’ sportsball teams and tonight was another clowncar of a board meeting.

The topic of the night was the amount it cost to store files on the web hosting company (apparently different clubs can upload stuff to it where they will be saved forever and we have stuff in there from 2004). Guy says that we can save a bunch if we delete “old files” which queues up an unmoderated shitshow of a discussion about how to delete them, who is allowed to delete them, when should we delete them, etc. the conversation eventually starts to spiral with people suggesting downloading the old files to an external drive and then backing up THAT to g-drive somewhere.

Exasperated, I break in and say, “No, there will not be any downloading, any backing up, and copying or uploading. These documents are to be deleted. Why are we going to back them up more? The bylaws state that all uploaded documents shall be retained for two years, so at two years plus one nanosecond from the creation date the files are getting purged with a script.”

Half the group responded with “hell-yeah” the other half looked like I just poo poo on their desks and the president said “sounds like you have some familiarity with this. Could you set something up for us?”

Yeah no. “I’d be happy to advise but this is a job for whomever manages our web site. We need to keep all management and functionality of the site in one basket managed by one team.”

No loving way am I on that team.

SyNack Sassimov
May 4, 2006

Let the robot win.
            --Captain James T. Vader


Agrikk posted:

I came dangerously close to owning a thing tonight.

I am on the board of directors for my kids’ sportsball teams and tonight was another clowncar of a board meeting.

The topic of the night was the amount it cost to store files on the web hosting company (apparently different clubs can upload stuff to it where they will be saved forever and we have stuff in there from 2004). Guy says that we can save a bunch if we delete “old files” which queues up an unmoderated shitshow of a discussion about how to delete them, who is allowed to delete them, when should we delete them, etc. the conversation eventually starts to spiral with people suggesting downloading the old files to an external drive and then backing up THAT to g-drive somewhere.


What the gently caress files are being saved for a kids sportsball team? And good job not getting suckered in, that sounds like a nightmare all around. Nothing worse than unpaid volunteer IT work for community organizations, i.e. the same people who post on Nextdoor.

ssb
Feb 16, 2006

WOULD YOU ACCOMPANY ME ON A BRISK WALK? I WOULD LIKE TO SPEAK WITH YOU!!


SyNack Sassimov posted:

What the gently caress files are being saved for a kids sportsball team? And good job not getting suckered in, that sounds like a nightmare all around. Nothing worse than unpaid volunteer IT work for community organizations, i.e. the same people who post on Nextdoor.

I can only assume it's liability related either for injury or abuse claims and such. Maybe some sort of financial poo poo to make sure nobody is embezzling from the team funds and/or ensuring that fees are paid and receipted appropriately and such?

Steakandchips
Apr 30, 2009

Entropic posted:

It finally happened; I spent most of a day unwittingly reenacting the DNS Haiku.

A few pages back, but this made me properly laugh.

Agrikk
Oct 17, 2003

Take care with that! We have not fully ascertained its function, and the ticking is accelerating.

SyNack Sassimov posted:

What the gently caress files are being saved for a kids sportsball team? And good job not getting suckered in, that sounds like a nightmare all around. Nothing worse than unpaid volunteer IT work for community organizations, i.e. the same people who post on Nextdoor.

shortspecialbus posted:

I can only assume it's liability related either for injury or abuse claims and such. Maybe some sort of financial poo poo to make sure nobody is embezzling from the team funds and/or ensuring that fees are paid and receipted appropriately and such?

PII stuff is managed by an online registration company. The stuff here is far, far more mundane: old board meeting transcripts, countless versions and revisions of bylaws, plans for bake-sales and other fundraising activities, etc.

Why anyone cares about poo poo like this is beyond me.

Also this:

https://www.theonion.com/ask-the-minutes-from-a-heated-kiwanis-club-meeting-1819583825

ChickenOfTomorrow
Nov 11, 2012

god damn it, you've got to be kind

boss assigns me a ticket. the ticket is for a completely different department.

i unassign it with a note that it's for a different department.
he reassigns it to me with no note or message.
i unassign it with a teams message that it's for a different department.
he reassigns it to me with no note or message.

dsfaadsfk ewan fkwjafn adsn aedkcjan ds asdsadsdfdsfdsf

if its actually for me tell me tf why, i'm not a mind-reader.

Adbot
ADBOT LOVES YOU

Potato Salad
Oct 23, 2014

nobody cares


are they passive aggressively telling you to hand it off to the other department yourself?

  • 1
  • 2
  • 3
  • 4
  • 5