An IT contractor by design, is a person who can enter a client's site and very quickly become the expert within that entity, It is a requirement that we become the most knowledgeable person within that particular infrastructure or our clients would benifit more by training up an FTE.
In the words of Albert Einstien:
When asked for his telephone number, he walked over to a telephone directory, and looked it up saying to a rather surprised onlooker " An intelligent man is not a man who can store information, but a man who knows how to find it".
With experience we IT Contractors understand better than anyone how technology and heterogeneous environments communicate, and knowing how to find information makes us experts in our chosen fields.
This allows us to be the greatest benifit to our clients. I hope you enjoy this site.
The Register reported last week on a what they refer to as 'crimeware as a service' or 'CaaS.' It's an interesting read since it proves that there is increasing organization behind collecting and distributing vulnerability information online. In this case, it's a service, published by black hats, that contains username/password data for some 8,700 hundred Fortune 500 websites that can be used by attackers to disrupt, deface, or destroy some of the most popular websites on the internet.
You don’t have to have the ten-gallon hat and spurs to be a Cowboy (or Cowgirl) Systems Administrator. You just have to have the appropriate attitude. Here are some indicators on how you can determine if your attitude towards network management is a wee bit cavalier:
You have a post-hoc approach to pre-emptive maintenance.
Your server’s change logs consist of post it notes. To shake things up a bit, you use blue post-its on Wednesdays!
You’ve set the password expiration policy to never because users kept forgetting their new passwords. You’ve set the password retry policy to the highest number possible because you are tired of telling people to switch off the CAPSLOCK.
You’ve set your own password to never expire because you can’t be bothered changing it every two weeks.
Your patch testing routine involves deploying updates to users immediately and hoping that nothing important will break.
If something important breaks, it is your organization’s developers that are at fault. They should have tested those patches before you deployed them!
The only time you actually test whether a backup was properly taken is when you have to perform a restore.
If a problem arises, you reboot the server before you check the Event log.
If an item in the event log is serious it will be marked with the red icon. Yellow items in the event log are optional.
Your disaster Recovery plan hasn’t got past the first two words on the cover of the Hitchhiker’s Guide to the Galaxy.
I was having our weekly cigar meeting with the a local security guy when we stumbled across a pretty funny thought. There’s a pretty good paper put out by Cybersource about trends for 2008 in which it had a graph showing that as a percentage of online transactions fraud was dropping. Whoah! That’s not what I expected to hear. But then in closer examination that’s a red herring, because total fraud is still increasing at the same rate it always has. Not so good after-all, it just means consumer spending is out pacing the bad guys. That makes it worth being in the business of online retailing, but spending will eventually taper off with population growth.
The funny part of the story is what if all the consumers finally hit a tipping point where they just decided to go home and stop using the Internet completely? What if we just had bad guys trying to phish bad guys, and spammers just trying to spam other spammers? What would the Internet be when every page was a scam and every person on it was desperate for money because all the people who they wanted to scam went outside to go play in the grass? A funny thought! Hey, we were having cigars, so what if we were getting a little off topic!
