Ok, my gardening thread has hit the bottom, Billyman and MAC are handling fast car and gun questions better that I would hope to. So, what can I add??
Hmm.

I'm a networking consultant for a large computer company, and my primary specialty is network security. In my position, I work with clients inside and outside the company, mostly dealing with Internet connected networks.

I'll try to answer questions to the best of my ability, as long as it doesn't require me to discuss any of my clients, or specific methodologies used by them.

I'd be glad to talk policy, design, implementation, evaluation, event management, how I ended up in the field, funny stuff along the way, as well as any stuff you guys are interested in.

I dont have all the answers, but do have a wealth of reference material and people who specialize in various areas to check with.

So:

pass in/out all questions
pass in/out all responses

1. How did you end up in the field? :D

2. I know you had to have gotten hacked...do tell.

When I was h4x0rst0rming j00 the other day, how did you feel?

Originally posted by Escape Artist
1. How did you end up in the field? :D

2. I know you had to have gotten hacked...do tell.

I ended up in the field somewhat by intention, somewhat by neccessity. I used to fool with computers as a kid a lot, always up to some sort of youthful trouble on bbs's and pbx sytems. I didnt work in the computer industry during college, or right after, followed other paths, didnt even own one for 3 years. I sort of ended up getting computing duties in labs I worked in, and remembered how much I enjoyed working with systems.
As far as the security field, it sort of progressed from sytem admin, network operations guy, network engineer, then onto security. I've found the things that have helped me do a good job have been:

Protocol knowledge: You pick this up out of neccesity as a system admin, and refine it as you work with networks.

Process, procedure and documentation: My time working in labs beat this into me, you sneeze on a row of culture dishes, write down "sneezed on row 12", describe color od snot, present state of health, provide sample if process calls for it.

Interpersonal skills: Don't let my persona here fool you :) Working retail, help desk, auto mechanic all gave a lot to this, a consultant without good personal skills isnt a consultant very long. They end up as back room code toads.

Curiosity: Research is essential, you need to dig further and deeper, and see what happens before you write an idea off. This can get sticky, so do it in private, not on customer networks.

As to getting hacked, knock on wood, none of the customers and systems I manage at work have been successfully hacked to my knowledge, at this time by parties on the outside of their company. That might change in the next 5 minutes, so I better stay vigilant. A lack of ongoing evaluation, reevaluation and good "what if" documentation is what kills most secured sites and networks. That and malicious internal users combined with weak internal policies.

Off the customer nets, oh yeah, been ripped up one side and down the other. Sometimes, you just dont think. I set up a machine at home real quick, in front of the firewall to get on napster without having to dig into how to let it through my beloved yet cantankerous homemade firewall. Less than 3 days later, it had been loved on by automated hacking tools a number of times, and was all sorts of owned. I also keep a open net in a lab, that is there to get hacked. And that is does plenty. This lab has no special rights to any other network, and is really specific about what traffic is allowed out of it to prevent it being used as a jump point for further attacks. The payoff for all this is a very quiet machine in the corner that records every bit of traffic in and out of this network, so we can see todays techniques used in real time. This way, we see how the lower level bad guys work.

The big guys? That's why we read a lot of vendor, security professional, and underground sites, and keep watching for something wierd to happen. Hopefully we can just stay harder than the next network over, and they will go visit them instead.

Originally posted by Pianomahnn
When I was h4x0rst0rming j00 the other day, how did you feel?

Oh, i thought it was a fly. Sorry, have a cookie.

In all reality, the networks we manage do receive quite a bit of h@xorst0rming, which makes the job of telling the difference between trouble in the wires and a misguided youth even more fun. Intrusion detection filters are good for keeping the reading and alerting levels down, but what have you missed?

Why does a tractor not fit in your job description?

Originally posted by Mudflap
Why does a tractor not fit in your job description?

That is a good question. It might bear further research, but my first guess would be that a tractor might not be one of the best things to use while around pricy and small equipment.

I do wish there was some way I could squeeze a tractor into a project budget though, because we could drive it around the parking lot and make mean faces at people.

If you wanted to send your tractor down, we could do some extended testing to see if it proved to be useful in some way.

have you found Morpheus yet?

Originally posted by Mute
have you found Morpheus yet?

Yes. Have you found Salvation?

i don't think so...

This thread has been locked at Torque's request.

-MAC-