That’s why I appended the last two sentences. Keeping it on topic

If something needs a gui… like f’kn oracle installers… I’ll allow “server with gui” groupinstall and then set default run level to 3 so it doesnt start on boot.

That’s a pretty good tip, I’ll have to try that.

Completely agree.

With the exception of one place, I inherited a bad culture/relationship between SysOps/Sysadmin and InfoSec. I attempt to bridge the communication and camaraderie, with varying success, but it’s a lot of work and wasted time on something that should be effortless.

Sometimes

Sometimes it’s inquiring about web traffic being “unusually high” and asking if we’re getting “attacked”.

Bro, it’s the week before Christmas. Traffic has been “unusually high” for almost two months now.

Also being asked to lead a security training for the development team, while flattering, shouldn’t get dumped on me because of the ineptitude of the “Security Analyst”.

I understand the need for compliance. Believe me! I understand that they add value to the company and save, literally in the true sense, millions of dollars every year. Sometimes more. What I don’t understand is the ego and self importance that a lot of these folks seem to carry. Maybe my teams are the same, and it truly is the fault of both of us

Didn’t mean for this to be an attack, just a rant about my experience lol. Really excited for @Dynamic_Gravity. Working in a SOC is a rush, and pretty exciting most of the time.

I know not all Sec departments are SOCs behave at the above. I think getting worn down by endless streams of shite and butting heads with a lot of unwillingness probably evolves that attitude. Just hoping to foster a better tomorrow today

That’s a lot of tech. Is your certification collection > 9,000?

Tons of experience, too. Level 85 sysadmin, maybe?

To be fair, our SOC will just be a work-generator.

The company is selling Security Scanning as a Service to clients.

The T1 folks would monitor for different priority alerts.

The T2 folks would work with the resolver groups and notify them of such incidents.

The T3 folks are the overpaid engineers who are there for some reason.

I am hoping to be a T2. I currently am a T2 at the Service Desk.

My path to sysadmin has probably been, what some would call, unconventional.

As part of getting my degree in IT, I took a Redhat class and during the class, I was like yep. I love this, fuck windows.
So I made it my goal to pass the RHSCA and RHCE by the time I graduated with my 4 year degree.

So I did, took two tries to pass the RHCE, but only one try for the RHSCA. (RHEL6)

While I was in college, I was lucky and got an intern-ship to work in the enterprise test lab for a local company. All the other intern positions there were for help desk BS.

Graduated in '16, then a few weeks after, I got hired where I work now, as a Linux/Unix engineer.

What part got you, do you remember? IPv6 and DNS made my head spin on the RHCE lol.

That’s awesome, man. Love it? 10/10? Can’t imagine doing anything else?

By the way

For those of us that love learning and are continuously having to learn new things (or just manage multiple things), I have a recommendation.

IT PRO TV

Hands down, my favorite subscription service for I.T. I have used PluralSight, CBTNuggets, Linux Academy, and Udemy. The content is taught in a very laid back manner (think Wendell’s tutorials but not as awesome ). They also have awesome topics that I find lacking or hollow in the other channels: CISCO, advanced scripting (Linux, PowerShell), Red Team/Blue Team, Windows, VMware, tons of stuff. If you listen to a few podcasts you can get some decent promocodes. I pay $29 a month for the premium service.

Great content and a great cast of hosts. I highly recommend their free trial.

Pretty pricey from what i remember they advertise on Security Now a lot

I think now, for what they offer, they are cheaper than CBTNuggets, PluralSight, and Linux Academy.

I think PluralSight is $30 or $40, Linux Academy and CBT are more than that, I think. I know LA is really high for what it offers, I think it was $50 when I looked

I remember subbing to Linux Academy when it was $17 a month lol.

If I had more time, might be worth it, but would rather my company pay for it and those cheap fucks arent gonna spend money on that shit. Might be able to try and convince them to give it in lue of my education benefit (dont need since I have my GI bill)

Dude! That’s what I’m doing lol. I’m using my “learning credits” to put towards it. I can get a few books a month or a book and my ITProTV bill lmao.

Sometimes I’ll put up a topic I’m interested in in the background instead of Netflix or whatever. Something I don’t want to focus in on and master versus something I just passively want to hear more about works really well for this sub. However, when you want to dial in and master it, they have short videos and tons of demonstrations and tutorials that really reinforce knowledge too.

Dont they have lab stuff too?

Yeah, they have labs, forums, and virtual environments.

And, really, well worth the price of admission:

Daniel hacks into Don’s network and demonstrates how to recognize you’ve been compromised. Pretty slick.

The first time I ran out of time… I spent too much time in the man pages trying to remember manually configuring repos.

Last time I checked, MS recommended to set up Sever 2016 with the GUI, do what you have to and then disable exporer.exe. After boot, you then get a nice clean powershell.

Sysadmins/Companies that disable the firewall on servers. (especially windows servers) Seen it way too much.

Yeah, that made me chuckle.

Windows 8 was a bit of a UX mess, but the UI wasn’t all that bad.

What about disabling windows firewall on an AWS instance, in lieu of using security groups?

We pretty much exclusively use ACLs and SGs in production here.