What the heck!
Misadventures of an IT worker in a technologically-impaired country
30/10/2003
PIX for food
Tomorrow will be the big day of the PIX installation. We'll reform the whole network topology, make some major configuration changes and a lot of minors.
My client has said that we well have a good lunch tomorrow. That means that I'll have to make my best effort to contain myself with red wine. It is nice to plan a hard working day this way.
Man, sometimes I love Spain.
My client has said that we well have a good lunch tomorrow. That means that I'll have to make my best effort to contain myself with red wine. It is nice to plan a hard working day this way.
Man, sometimes I love Spain.
Not bad
The speech didn't went bad, taking into account that it was material written by me, without having any formal knowledge of the subject. The attendants didn't complain so much about the contents or the presentation (I got very nervous when public speaking). So it was much better than I thought would be...
28/10/2003
At last
Tomorrow I'll give the long time announced speech about BCM, so this afternoon I'm heading to Madrid.
We have a really awful weather and I hate flying.
I have read about a Crisis Management speech Rudolph Giuliani is going to give in Madrid in a few months, I'd like to assist, but I don't think I am going to get the 650€ it costs. If anybody wants to support me...
We have a really awful weather and I hate flying.
I have read about a Crisis Management speech Rudolph Giuliani is going to give in Madrid in a few months, I'd like to assist, but I don't think I am going to get the 650€ it costs. If anybody wants to support me...
25/10/2003
It is saturday, I am working
Here I am. Saturday afternoon and I am preparing the several times cancelled speech about BCM. I've been told that two people and a half (whatever this means) are going to attend to the speech, but you can never be sure. So if nobody comes we will go to drink something.
23/10/2003
Pissed off
Some of my mates seem to think that I should be doing Their work. I wonder what are they doing then.
I am so pissed off that I am not going to make any comment.
I am so pissed off that I am not going to make any comment.
20/10/2003
Obvious things
The course is over, and I have a bitter-sweet sensation. I feel like I have done what I was expected to do, but I believe that the attendants to the course didn't learn many things. They were very experienced people with a big, very big background that allowed them to understand easily every new concept I introduced them. I guess that they would have learnt the same just reading, without teacher's (me) intervention, the documentation I provided.
Anyway, as they were just two people, we had pretty nice convesations talking about how much the computers world has changed in the last 25 years. In fact, they talked about systems they worked with while I was like 5 years old.
One of the concepts I introduced was the IPS (Intrusion Prevention Module) as was stated by Bruce Schneier in his book "Secrets & Lies". In the book, Scheneir proposes a three-layer model:
-Prevention: security controls to prevent known attacks and the exploiting of vulnerabilities.
-Detection: As a complementary measure of prevention, we should detect any attack that hasn't been stopped by the controls y the first layer.
-Response: We should response adequately to the detected attacks.
When I explained this. One of the attendants said that this wasn't worth to comment because it was obvious. The logical (and only) way of doing things.
I stopped talking, looked at him, and thought: "he is right, and he has just destroyed the next twenty minutes of my speech, I have to do something..." So I said: "Yes, you're right. Have you read Who moved my cheese?". The man looked surprised and said: "er... yeah", then I explained: "Well, it is the same concept. In that book, they use 150 pages to explain an idea that would have been made out in just two pages, so here Schneier is explaining something obvious. I guess this is an image of the actual mentality in the US where they need to be told things they already know..."
Probably I am getting enemies with this thought, but I served me in that moment...
Anyway, the course is over, and I have found out several things that could be improved.
Anyway, as they were just two people, we had pretty nice convesations talking about how much the computers world has changed in the last 25 years. In fact, they talked about systems they worked with while I was like 5 years old.
One of the concepts I introduced was the IPS (Intrusion Prevention Module) as was stated by Bruce Schneier in his book "Secrets & Lies". In the book, Scheneir proposes a three-layer model:
-Prevention: security controls to prevent known attacks and the exploiting of vulnerabilities.
-Detection: As a complementary measure of prevention, we should detect any attack that hasn't been stopped by the controls y the first layer.
-Response: We should response adequately to the detected attacks.
When I explained this. One of the attendants said that this wasn't worth to comment because it was obvious. The logical (and only) way of doing things.
I stopped talking, looked at him, and thought: "he is right, and he has just destroyed the next twenty minutes of my speech, I have to do something..." So I said: "Yes, you're right. Have you read Who moved my cheese?". The man looked surprised and said: "er... yeah", then I explained: "Well, it is the same concept. In that book, they use 150 pages to explain an idea that would have been made out in just two pages, so here Schneier is explaining something obvious. I guess this is an image of the actual mentality in the US where they need to be told things they already know..."
Probably I am getting enemies with this thought, but I served me in that moment...
Anyway, the course is over, and I have found out several things that could be improved.
15/10/2003
Oh crap!
The attendants to the course are very clever guys and we are going through all the points like a Soyuz in ballistic descent mode.
Probably will finish our schedule tomorrow. I'll have to invent something for friday.
Probably will finish our schedule tomorrow. I'll have to invent something for friday.
14/10/2003
VIllian or hero?
First day of the course. The attendants are people from the mainframe world, they even remember when they used punch cards. So they are like *NIX handicapped.
Most of the day we've spent learning to use the VI.
Tomorrow I've promised to take a resume about UNIX commands and VI usage. What was this course about...?
Most of the day we've spent learning to use the VI.
Tomorrow I've promised to take a resume about UNIX commands and VI usage. What was this course about...?
12/10/2003
The travelling teacher
On tuesday I'll be in Madrid to teach a security in systems and networks course. There should be no problems, but...
08/10/2003
The weight of data
Today I've made an ADSL router installation. I asked for the location of the splitter and the client pointed me to a box-in-a-wall, partially concealed by a big (but very big) piece of furniture.
Guess what? Yeah, I had to move the furniture, test the line, and put the furniture in its original place again.
Now, I know what's called heavy work.
By the way, the speech about BCM I've been preparing for the next week it's been cancelled...
I love my job. I feel like a bit schizofrenical, one day I'm the guy who talks about the latest security issues or about BCM, and the next day I'm moving furnitures or sneaking under dusty desks searching a wire.
Guess what? Yeah, I had to move the furniture, test the line, and put the furniture in its original place again.
Now, I know what's called heavy work.
By the way, the speech about BCM I've been preparing for the next week it's been cancelled...
I love my job. I feel like a bit schizofrenical, one day I'm the guy who talks about the latest security issues or about BCM, and the next day I'm moving furnitures or sneaking under dusty desks searching a wire.
07/10/2003
The In-Ternet Protocol
Had to go to a client to change a broken WAN Interface Card. I had to stay at my office at 8:00 AM because the spare card will arrive early. Of course it arrived at 10:00 AM
I went to the client's house (a funny building resembling cans of beverages) and changed the card. I called to the NOC to report and they said that it was okay, that they had the remote management working.
I said it to the client, who tried a Internet connection from one of the PCs, as usual it didn't worked. I said that I didn't know anything about their local configuration, and that the orders I had were to change the card letting the equipment ready for the future use of the ADSL. (They were connecting via an ISDN)
Of course, the client said that he wanted the ADSL NOW! (this is a very common war cry here)
I called my NOC to report, they said that they will talk to the communications department of the client, and then will give me the OK to go.
While I was waiting, I was watching one of the persons there testing the connection from his PC. He was saying to his phone:
This one would have to work, 'cause it has a new eye-tee-pee, the one over there still has the old eye-tee-pee, but this one has the correct ITP because the boy from down here did it yesterday.
Twenty minutes later, the eye-tee-pee still was wrong, and I realized that the person who was at the other side of the phone it was the person my NOC wanted to talk with.
They had some kind of local connectivity problem (I'm sure that they were wrong with the internal eye-tee-pee of the router), but I didn't say anything (typical spanish attitude)
Half an hour later, I asked to talk to the person in the phone and explained my point of view, and told him, please, to speak with my NOC.
Finally: One hour and a half for five minutes of effective work.
Tomorrow I have an ADSL installation, and they have told me to take telephonic wire, just in case...
I went to the client's house (a funny building resembling cans of beverages) and changed the card. I called to the NOC to report and they said that it was okay, that they had the remote management working.
I said it to the client, who tried a Internet connection from one of the PCs, as usual it didn't worked. I said that I didn't know anything about their local configuration, and that the orders I had were to change the card letting the equipment ready for the future use of the ADSL. (They were connecting via an ISDN)
Of course, the client said that he wanted the ADSL NOW! (this is a very common war cry here)
I called my NOC to report, they said that they will talk to the communications department of the client, and then will give me the OK to go.
While I was waiting, I was watching one of the persons there testing the connection from his PC. He was saying to his phone:
This one would have to work, 'cause it has a new eye-tee-pee, the one over there still has the old eye-tee-pee, but this one has the correct ITP because the boy from down here did it yesterday.
Twenty minutes later, the eye-tee-pee still was wrong, and I realized that the person who was at the other side of the phone it was the person my NOC wanted to talk with.
They had some kind of local connectivity problem (I'm sure that they were wrong with the internal eye-tee-pee of the router), but I didn't say anything (typical spanish attitude)
Half an hour later, I asked to talk to the person in the phone and explained my point of view, and told him, please, to speak with my NOC.
Finally: One hour and a half for five minutes of effective work.
Tomorrow I have an ADSL installation, and they have told me to take telephonic wire, just in case...
Proposal?
Yesterday I've been all the day at my client's making a basic configuration of the PIX and setting up several aspects of the incoming migration. My client is a medium-aged man, very kind, he is a very nice person. He is in a very low speed working mood, so I am frequently interrupted for having a coffee, a late breakfast o simply some chit-chat. He has told me that he would retire in some three years, and that his second has a severe illness (something about his bones) that probably will put him apart of work, so there are gonna be some vacant jobs there.
I think that he would like me to apply for a job there. It is not a very bad place, the job seems easy and quiet, maybe I will think about it...
I think that he would like me to apply for a job there. It is not a very bad place, the job seems easy and quiet, maybe I will think about it...
03/10/2003
Another nice day
Nothing remarkable today. On monday I'll go to my client site to start the PIX installation.
02/10/2003
An easy day
Been messing with GNUpg preparing some exercises for the next course.
Reading OSSTMM 2.1
A nice day :)
Reading OSSTMM 2.1
A nice day :)
01/10/2003
The reverse side
Telefonica, the main Spanish carrier has setup their name servers (widely used here) to make reverse resolution for all the private addressing. For example:
$ dig @194.179.1.101 -x 10.0.0.2
; <<>> DiG 9.2.1 <<>> @194.179.1.101 -x 10.0.0.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1694
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;2.0.0.10.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.0.0.10.in-addr.arpa. 86400 IN PTR privadas.nuria.telefonica-data.net.
;; AUTHORITY SECTION:
10.in-addr.arpa. 86400 IN NS nsampen1.lo.nuria.telefonica-data.net.
10.in-addr.arpa. 86400 IN NS nsamrro1.lo.nuria.telefonica-data.net.
10.in-addr.arpa. 86400 IN NS artemis.ttd.net.
;; ADDITIONAL SECTION:
artemis.ttd.net. 345600 IN A 194.179.1.101
nsampen1.lo.nuria.telefonica-data.net. 172800 IN A 213.0.184.85
nsamrro1.lo.nuria.telefonica-data.net. 172800 IN A 213.0.184.88
I don't know what are they thinking about, but I reckon it is nothing good...
$ dig @194.179.1.101 -x 10.0.0.2
; <<>> DiG 9.2.1 <<>> @194.179.1.101 -x 10.0.0.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1694
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;2.0.0.10.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.0.0.10.in-addr.arpa. 86400 IN PTR privadas.nuria.telefonica-data.net.
;; AUTHORITY SECTION:
10.in-addr.arpa. 86400 IN NS nsampen1.lo.nuria.telefonica-data.net.
10.in-addr.arpa. 86400 IN NS nsamrro1.lo.nuria.telefonica-data.net.
10.in-addr.arpa. 86400 IN NS artemis.ttd.net.
;; ADDITIONAL SECTION:
artemis.ttd.net. 345600 IN A 194.179.1.101
nsampen1.lo.nuria.telefonica-data.net. 172800 IN A 213.0.184.85
nsamrro1.lo.nuria.telefonica-data.net. 172800 IN A 213.0.184.88
I don't know what are they thinking about, but I reckon it is nothing good...