If you forget to use sudo and spend some time editing a file with vim, not all is lost. You can actually escalate using sudo without leaving vim, and losing your changes.
:w !sudo tee %
Note : this only escalates for one write. You must run the command again if you want to save file after making more changes.
We are having a baby tomorrow. The c-scheduled for tomorrow morning. We have to be at the hospital at 5am.
Two kids under 2. Life is going to be crazy.
I stopped after work to fish a fully fresthwater retention pond for bass. A saltwater tarpon in a retention pond is something you see everyday.. Definitely not what I was expecting. I had to go in and get him out of the hydrilla. I took a video of the fight because I was 100% sure I was gonna lose him on 10lb test. What an epic battle!
Here is the video...
Some of ya'll need to hear this...
Welp, I made the jump into the IT security world. I am leaving Windows System Administration to join IT security full time. I wanted to make the announcement last week, but with the hurricane I figured I would wait.
When I started my career at GeekSquad for $10 an hour back in 2004 I would never imagine where I would be today. Fast forward 12 years and I am working an IT security job for a enterprise organization.
I have no degree and my path certainly wasn't easy. I started out at the bottom and worked my way up every chance I could get.
2004 - Geek Squad
2005-2006 - Enterprise Help Desk
2007 - 2008 - Desktop Support
2008-2010 - Network Technician (basically entry level system admin)
2010-2012 - System Admin
2012-2016 - Network Administrator II (basically high level System Admin)
2016 - Cyber Security Vulnerability Manager
I wanted to share my journey because if you have enough drive anything is possible. A degree is definitely not needed. I started out of high school when all my colleagues started by getting a 4 year degree. I am ahead of my everyone of my colleagues that I talk to that has a degree.
I am only 29 years old so my journey is far from over.
Ugh CEH is the worse option. I have it and that is scam certification IMO. It is like over $1000 to take a test that is multiple choice and extremely easy.
CISSP - Great, but you have to commit a good amount of time and brainpower to it. I have it and it was pain in the ass, but well worth it.
CISM - Weighed the same as CISSP by DoD DIrective 8570, but an easier test.
Security + - Used to be a basic watered down security cert like Scott said, but recently was made much tougher and is more well respected now
If I wanted the most value and was willing to do the work I would do CISSP.
If I wanted a good amount of value and wanted an easier test, I would do CISM
If I wanted to learn something and build a good base, I would do Security +
Luckily we didn't have any structural damage to the house during the Hurricane, but I did lose a good portion of my fence, some siding, and a very nice palm tree. We are lucky enough to be on the same power grid as an elementary school (we are directly behind the school) so we got power back very early on. However, we didn't get water until last night.
I am glad to be back at work as things return somewhat to normal.
@travisdh1 said in Split Hotel Room for MangoCon '16?:
Well, that idea appears to be a bust, the only rooms available are the ones with single beds.
http://www.aaronmchugh.com/wp-content/uploads/2016/02/planes-trains-and-automobiles-1.jpg
@DustinB3403 said in Vulnerability Assessment and Alerting Solutions:
Hey All,
I'm looking for a vulnerability assessment and alerting solution that is going to have to be agent based to alert for any OS vulnerabilities for a remote workforce.
Wazuh is the top item that comes to mind, but I'm not a huge fan of its presentation, likely I just need to sort out the views.
Does anyone else have any recommendations?
The target group is endpoint devices (workstations) and datacenter equipment.
TIA
Have you looked into OpenVAS?
@scottalanmiller said in Project tracking:
@IRJ said in Project tracking:
I've used Jira the past 5 or 6 years at all the places I've worked
I've used it a lot, but I don't like it
I do. It's super easy to use from a user side. I've not done the admin side on it, but it's a great user experience.
I've used Jira the past 5 or 6 years at all the places I've worked
What kind of marketing department is this? A movie firm? It seems insane to have video files average 10-20gb. Even high budget commercials are probably only that size.. Is this a bunch of templates or something?
I would be interested in understanding their work flow, as it seems very extravagant to have such large files and so many of them?
@travisdh1 said in Resume work:
@CCWTech said in Resume work:
@travisdh1 I've been searching on Indeed, Monster, Linkedin, and DICE. But so far I have only had 2 interviews. One went well, made it to final rounds. The other went really well, and they said they thought I deserved more money than the job offered and wanted to see if I was interested in other higher paying jobs with the company...I said yes, but not to count me out for this one. Then I got the "you haven't been selected" letter.
This was from a fortune 500 company so it wasn't "Jimbo's or Pat's". I'm really trying nearly anything really.
I get called by 'recruiters' in India who can barely speak english but not much else. I guess it's a tough market right now.
It's funny, I'm not used to applying for a job and not getting it. In the past if I applied for 3 places I usually had offers from 2.
All job listing sites are going to have more jobs that either aren't real jobs or have already been filled. If you pay attention, you'll find the same job listed on every single one. It's just a mess, without any way to weed out what are actual active listings.
I've mostly had recruiters come to me, but when I was applying I had a decent hit rate.
My advice is stop spamming out a general resume and tailor it towards the position you actually want. Basically apply for less jobs, but tailor your resume towards them. Also study up on anything you may not be familiar with when approached for the interview..
No problem spinning up virtual lab to learn about a product for an interview you want to nail. You could say something like I've used product A, but have also extensively tested X (their product). Then go into detail about some things about X to show you've actually used it. Say something like I'm not super familiar with X, but from my experience with it. It's quite intuitive and easy use. Then state your lab project and some challenges or accomplishments achieved during it.
@CCWTech said in Resume work:
What pay range should I be looking at? So many ranges out there it's hard to know what's real.
What job do you want? If you want to be an IT generalist then pretty low as some others have trouble breaking out of that type of job.
If you want to do something more specialized, you'll get paid quite a bit more on top end. However, you'll have to take a junior role (likely) to get there. Junior roles will probably pay similar to IT generalist, but you won't have the level of power you do as a generalist
@travisdh1 said in Resume work:
@CCWTech said in Resume work:
@travisdh1 What is 'better paying' what range?
And how do you know Spillman?
Pay range depends a LOT on location of the job offering. A couple examples from my life.
- Cleveland, OH ~$40,000/year. Basically poverty wage.
- Wooster, OH ~$40,000/year. Living well.
- Fairlawn, OH ~$60,000/year. Around the same as Wooster at 40k
Those values get to be hugely different depending on the area of the country, and I'd expect them to be around the lowest in the country because of the cost of living in Ohio compared to most of the rest of the U.S.I have my CJIS cert and supported Spillman for multiple police departments and a county sheriff at my previous job.
Ii don't know where you are getting this info from, but a quick search on LinkedIn for Cleveland, Ohio Jobs shows this is not the case.
Also, I get contacted for remote jobs on daily basis for well over $100k
@CCWTech said in Resume work:
Here you go!
Here's my constructive criticism. It's gonna sound harsh, but it's needed criticism.
I would throw this resume in the trash and start over from scratch.
In my hiring and interviewing experiences, rarely are small business where you are owner even considered as experience. The exception being if you can show decent revenue and/or fortune 1000 customers. Your business was an actual full time gig, and not a side job. I get that. However, that doesn't change the fact nearly everyone puts their own company on their resume and 99% of time it's means virtually nothing.
Also, I promise you that nobody cares that you were a cop 15 years ago. Not sure why that is even on your resume, let alone taking up 1/3rd of the page. If you absolutely most list it, make it a single line
What I would do to fix problem 1 is take your 2008-now job and break it up into small pieces (like 5-8 years) and create separate job titles and descriptions that describe projects you were doing at the time. Another thing you could do is add customers themselves (if you have any impressive ones you supported for years). You basically need separate IT job descriptions to make your experience feel much fuller and complete.
Lastly, build the resume for the jobs you want, don't spend so much time worrying about boring things you did or do on your job description. You're trying to sell me on calling you in for an interview. I don't care about mundane tasks...
@Texkonc said in I Cant Even...:
I cant even....Begin to see the breach data and lawsuits coming....
https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/
Shitty security, shitty hosting, but at least they are expensive 
@scottalanmiller said in Helpdesk - PC replacement routines:
@IRJ said in Helpdesk - PC replacement routines:
The Helpdesk team exists to be a human shield for users. Your main job is keep users away from the rest of IT. Customer service and user support is the job. Since your Helpdesk should be made up of entry level with fair turnover, I'm not sure you're gonna ever be efficient nor is that really the goal.
I started in Helpdesk as did many others I've met in higher IT positions. The employees that you have that are really good are not meant to stay there too long. If your company doesn't have the foresite to promote top performers, they will just leave and go somewhere else.
The TLDR is Helpdesk is supposed to be a a human shield for IT. It should be a starting place for aspiring IT professionals, and if they are knowledgeable enough to improve these processes they won't be around long (one way or another).
That said, some people like the interaction and choose to stay there. But that's not the norm. But even then, it's a customer service role for sure and "performance" will always be difficult. In fact, you might dislike performance if it means less human interactions with end users.
Yep. I've seen it. There's one guy that I worked with that just loved everything about Helpdesk. Far more capable than the desk. He could be working with servers, cloud, etc. He just decided he loved what he was doing and stayed there for many years. I kept in touch for many years beyond us working together and he was always there. Big fish in little pond so to speak, and I think he likes that.
