On mobile, but please add 2,000 angry words to this post.
turn volume down
Oh good, so itās not just me.
RPi4 at my front door! 5.5 more hour till I am home to play with it!
Have you messed with Crank? I think the pi4 is finally powerfull enough to make pursing that android auto type build.
o.0 Iāve just heard about it now, a quick google gives me information about a GUI designer.
Hi is it possible to learn all that stuff on your own online? I canāt afford to go to a Sysadmin school? If possible, suggest some sources, to begin with.
Yeah, actually Iām entirely self taught.
Iām on the clock at the moment, but remind me later and Iāll grab some sources.
@the other side of the infosec discussion, I do need to pull my perspective away from just my environment. Sounds like your companies hire a ādifferentā type of infosec that come from a different angle. Sounds sucky.
In the defense of IT where I work, for some reason the IT side has been getting squeezed to death loosing people left and right and not getting replaced- like to conspiracy theory levels like the company is getting groomed for a merger or something. Its made for a bad environment regardless of IA being a more technical IA that doesnāt ride IT on dumb stuff (haha, most of the time).
Trust me, within āinfosecā there are those who roll their eyes at the ācompliance naziā that when told āwe donāt need to enable that, we are air gappedā they reply ābutā¦ but it says right here- enable- onā.
So all that said, Iām sure at the frustration of my upper management in regards to their budget, we have made an inner āsmeā team of prior sysadmins/tech types that work the security tool dev, scripts, process etc when it was supposed to be ITās job. For me thats a sick opportunity and Iām trying to make my way into that team- if not 100%, by proxy with the various projects I support.
@Dynamic_Gravity have fun man- building and/or operating in a SOC is a great opportunity. It has been for me and continues to be.
So on all this sec note, anyone going to be at defcon this year?
Well I went a technical school, I just called it SysAdmin school because the course I took was a basically all of that with some access to resources and hardware.
All the information you want to know is out there.
Iām also on the clock so I only give you some topics to look into to start learning. A SysAdmin is kinda a jack-of-all trades kind of person, so you may want to look at what are emerging trends and start looking at getting certifications towards those specific things, as well as getting educated in the more generalized topics.
- Microsoft Windows Server Administration
- Active Directory Administration
- Citrix
- VMWare ESXi (You can actually download a free version of this and learn from that)
- Citrix XenServer (This SHOULD be free, but Iām having some difficulties finding the opensource version of it)
- Proxmox
- Using Linux commandline
- NAS/DAS/SAN devices and their differences
- Microsoft Azure
- Amazon AWS
There is a lot more, but I think theses are good starting points. It is mostly virtualization because that is what I am currently dealing with at work at this moment.
Depending on what you have for hardware, I would also look at building a homelab.
See if you can find cheap parts, computers, or laptops at an electronics recycling depot. Another option is to buy RPis if you are more interested in the Linux administration side of things.
Shameless plug: I wrote this a while back
There are some ideas I had put in there. Some online sources will be looking up random projects via your favorite search engine. āHow to be a Windows administratorā or āhow to be a Linux administrator?ā are viable searches.
I would also look at ānetworking fundamentalsā or ānetworking basicsā. Danās Courses has great networking content and Eli the Computer Guy has still relevant content.
Also Professor something, Messer?
https://www.professormesser.com/
Has a ton of content for free, too.
Sorry, Iām working through this thread backwards sometimes lol.
Interesting, that was a long time ago, technology wise. Have you been a sysadmin ever since? Love it? Favorite cert? Favorite encryption?
Users with sudo access to the tar command can get rekt:
sudo tar cf /dev/null file1 --checkpoint=1 --checkpoint-action=exec=/bin/bash
yields a root shell lmao.
No, I started out as a sysadmin, then moved into infosec, then I was a DBA for awhile, and now Iām a managing director.
We donāt care about most certs except when hiring L1s, as they only guarantee a minimum competence level, we look at experience. Of course some certs are very prestigious like OCM and CCA.
Not sure if this counts but can I just talk about how amazing properly setup QOS whether home network or 10k computersā¦ When setup right and it adapts to the networks needs every 30 ish secondsā¦ its just gorgeous because everyone is satisfied
I mean look at this. Steam gets bumped up in between the buffering of someones stream ā¦ its just amazing
if they have sudo
access couldnāt they just do this too? sudo su -
Not if they were limited to specific applications.
Ahh I see. So its like Cuckooās Egg level mischief?
Yeah. You can setup a users sudo permissions to only run on specific applications (tar in this example). That can be exploited, apparently, with various commands and arguments.
I guess Iāll shut up now
Wanted this to be like Lounge but Sysadmin Lounge lol.