Email or username:

Password:

Forgot your password?
Lesley Carhart :unverified:'s posts Post Back to profile
Top-level
marek

@hacks4pancakes that reminds of the best lesson of my early IT life, I learned VTP very quickly, took me an hour or two to restore what blew up.
Good lessons, horrible protocol, should die on the lowest level of hell.
I feel sorry for people with big switching networks that do not read the fine print.

20 March at 20:04 | Wall-to-wall | Open on infosec.exchange
8 comments
Lesley Carhart :unverified:

@mlukaszuk This is why it is super important to have other experiences in systems and network administration going into security because stuff like this happens and they're like "switchports are flashing, network is dead, it's China"

20 March at 20:06 | Open on infosec.exchange
marek

@hacks4pancakes I reached security after few tech support roles. I can see that from my point of view this path is a huge benefit.
I know EXACTLY what you mean :)

20 March at 20:12 | Open on infosec.exchange
NightDice

@hacks4pancakes @mlukaszuk I feel like I should stop being surprised how prevalent "it can't be our own not-so-good decisions coming to haunt us, it must be [insert state-level-actor]" is.

20 March at 20:17 | Open on chaos.social
Bai Shen

@nightdice @hacks4pancakes @mlukaszuk That would imply that people were willing to admit their faults.

20 March at 20:35 | Open on mastodon.online
marek

@baishen @nightdice @hacks4pancakes we are going into a dark place here. I would like to start by saying that after being in various roles in IT for +20 years I honestly still have hope for people. Sometimes people act recklessly, sometimes they don't know better, sometimes they don't connect the dots quickly enough. People are mostly not malicious from my personal experience and in most cases they are willing to learn. As in any industry also in security there are assholes and as a (despite what the profile picture shows) white male I am fully aware of my privileged status which might affect the result here.
What I see in my personal experience is lack of willingness from people to invest in fundamentals how filesystems work, how network protocols work, how OSes run various processes in them, some basic (not language, level) coding, some basic concepts from cryptography. They are not required but they help a ton in understanding environments quickly and they allow to spot possible interesting problems between the boundaries of silos teams.

sorry for the wall of text, I was lurking here for a while already, but this topic struck that one note šŸ™‚

@baishen @nightdice @hacks4pancakes we are going into a dark place here. I would like to start by saying that after being in various roles in IT for +20 years I honestly still have hope for people. Sometimes people act recklessly, sometimes they don't know better, sometimes they don't connect the dots quickly enough. People are mostly not malicious from my personal experience and in most cases they are willing to learn. As in any industry also in security there are assholes and as a (despite what...

20 March at 21:13 | Open on infosec.exchange
XenoPhage :verified:

@hacks4pancakes @mlukaszuk And it's just the poor guy frantically blinking those lights with morse code because he's locked in the boiler room and someone turned the heat up.

20 March at 20:30 | Open on infosec.exchange
Tindra

@hacks4pancakes @mlukaszuk thereā€™s a reason why ā€œā€¦sometimes someone just tripped over a power cableā€ is a thing I say. Frequently.

20 March at 21:07 | Open on infosec.exchange
ljĀ·rk

@hacks4pancakes @mlukaszuk Can confirm. I've worked on the dark side (IoT dev) before switching to the good team (audits of aforementioned stuff and others)

20 March at 21:39 | Open on todon.eu
Go Up