Diary of a Network Geek

No, not really.

So, there’s obviously been quite a furor about this new law here in Texas that apparently requires anyone doing any kind of computer forensic work to get a Private Investigator’s License. Now, one of my favorite computer security bloggers, Security Monkey (aka The Chief) of A Day in the Life of an Information Security Investigator, has a blog entry about this. His sources in Texas have a different, more relaxed, take on this law. They seem to think that it’s only going to effect professionals doing investigative work for a third party. I think they’re wrong.
As at least one other commenter on A Day in the Life of a Computer Security Investigator pointed out, no matter what the lawyers think and say, only a judge sitting on a case can really interpret the law. And, only after that precedent is set can anyone say what the law covers and doesn’t.
Based on the Slashdot story about someone getting charged with a felony for using a fake name to sign up to MySpace, it seems like this is going to be an important step in the process. I mean, until that all important precedent is set, there’s no telling how people will try to use this new law.

As I wrote here the other day about this far-reaching law, I think it’s just another example of the sad state of our legal system. Laws like this have effects that are much, much further reaching than the bill’s author intended, and it’s ripe for abuse by our overly litigious society.

Advice from your Uncle Jim:
Just because something is simple doesn't mean it's easy.

The Houston Chronicle has an update on the law I mentioned the on Tuesday.

The Austin office of the Houston Chronicle did some more digging about the new law that would seem to require PC Techs in Texas to also become Private Investigators. According to the bill’s author, state Rep. Joe Driver, R-Garland, we’re all misinterpreting his new law. He claims that the law means “…anyone who retrieves data from a computer, analyzes it and makes a report to a third party must obtain a private investigator’s license.” To me, it’s almost the same thing.

As I read it, the law would require anyone performing computer security duties in *any* setting in Texas to get a PI License. That means that a corporate computer security officer, who’s job may include computer forensics, would be required to also be a PI.
Frankly, I’m torn between thinking that maybe this is a good thing and maybe it’s excessive. On the one hand, for someone who does independent security work, that background check and finger printing might be a good idea! On the other hand, it might make it impossible for someone in a small company to *legally* do their job.

I’ll give an example…
A small company may have a one or two person IT department who cover everything, like, for instance, me. If there’s a break-in to one of their systems, they would then have to be a licensed PI to investigate that, or they’d have to spend a similar amount of money on a consultant who was. In this case, I’d bet the law just would get ignored.

But, for the independent operator, who might not have any other controls or credentials which a consumer or consulting client can use as a measure of relative security, it might actually be a good thing. Again, I doubt that criminal background checks are being done on all independent computer security consultants right now and maybe they should be.

In any case, like many laws of this nature, they seem like a good idea on paper, but often have much further reach than their author intended.

So, now I need a Private Investigator’s license to work on PCs?

Yeah, according to articles at ExtremeTech and CW33, a recently passed law in Texas requires that ALL shops which include PC repair technicians have a PI license. Just so you know, a PI License isn’t for an individual, but, rather a business and all the employees would work under that umbrella license. Still, it would mean that at least one person go through the process of licensing, which has the following requirements:

• three years of investigative experience or a bachelors degree in criminal justice for investigations company license
• two consecutive years of legally acceptable experience in the guard company business
• successful completion of a two-hundred-question examination testing ability of the manager applicant to operate the guard company under the provisions of the statute regulating them
• criminal background check
• submitting fingerprints to have on file with the FBI
• ~$500 in registration fees, subscription fees, application fees, and fingerprint fees, payable yearly

(All that is from an article at Citronix Computer Techs. )

Now, it’s important to understand, too, that this is a brand new law, sponsored by a Private Investigation professional organization who are afraid of their profession becoming obsolete. Thankfully, there are also techs who have professional organizations, one of which is challenging the law, at least, according to KVUE.com.

Funny, I’ve always thought about getting a PI license and now I may be forced to do so! On the other hand, the $4000+ fines and possible jail-time are a great excuse for why I can’t help people at work with their private PCs!

Two great tastes that taste great together.

It’s that magic time of year again, when I think about career paths and long-term goals and what I need to do to meet them. For IT geeks like me, that often means training and certification. They’re not the same thing, incidentally. Sometimes, I think IT staff forget that. I’ve taken far more training courses than I’m certified in! But, since getting the right certifications can help get you past the gatekeepers in HR, they are important. And, even more important is getting the right one. So, here are the Top Ten Hottest Certifications for 2008, according to TechRepublic:

1. MCP (Microsoft Certified Professional)
2. CCNA (Cisco Certified Network Associate)
3. MCPD (Microsoft Certified Professional Developer)
4. SCJP (SUN Certified Java Programmer)
5. CISSP (Certified Information Systems Security Professional)
6. Comptia A+
7. Comptia Network +
8. MCTS SQL Server 2005 (The Microsoft Certified Technology Specialist)
9. RHCE (Red Hat Certified Engineer)
10. Comptia Security+

I have to admit, I was pleasantly surprised to see so many CompTIA certifications in that list. Why? Well, in part because I have one already, the CompTIA Linux+, but also because I’d been planning on doing another one which is on the list, CompTIA Security+. The other reason I really like the CompTIA certs is because once you certify, you never have to take the test again to maintain your cert. Trust me, that’s a big, big deal to someone with a bunch of certifications!

The other thing that I was looking at the other day was the Dice.com Third Quarter IT Local Market Reports. These look at the hiring and general employment trends that DICE has seen over the financial quarter. You can probably find your major metropolitan area in there, or one close. I’m not sure how the whole country is doing, but, I’m pretty pleased with how things look in Houston. Always nice to know that there are jobs out there, just in case.

Anyway, I hope this helps some of my fellow geeks plan out their personal and professional goals for the next year. And, folks, if you haven’t been planning, why not?

Today is System Administrators Appreciation Day.

Today is a day set aside to give thanks that either: a) someone else manages your servers, or b) you have servers to manage. It’s not an official holiday, yet, but, much like “Administrative Professionals” Day (aka Secretaries Day), it’s a day to think about the “little people” that make your job possible. This is the seventh annual System Administrators Appreciation Day and, to date, no one has done a damn thing for me. I’m so unloved.
Actually, that pretty well sums up my life in IT. I’m the glue that holds the network together and virtually no one knows, notices, or understands what I do. Well, at least I have this small and hollow comfort that someone, somewhere cares enough to setup a webpage dedicated to guys like me.
Thanks.

Anyhow, it’s Friday and your sysadmin has kept the network running long enough for you to read this, so you might as well click on this link and get him something nice for next year! (If your wallet is feeling up to it and you want to show me how much you appreciate my work, you can get me something from my ThinkGeek Wishlist. Hey, a guy can dream!)

If the only tool you have is a hammer, you tend to see every problem as a nail.
–Abraham Maslow

So, I’ve been doing a lot of strange things at work the past couple of weeks. And, by strange I mean working around problems like trying to get things done without spending money. That always seems to lead me through some interesting back doors and into areas that I’ve not been before.

First, I was asked to do some browser forensics. Basically, it was supposed that a particular employee, no myself, was spending a little too much tiem on the web. I was tasked with finding how much time and where they were going. Simple enough, right? Well, I had to do it on the “down low” and without sitting at their computer. Enter, Webhistorian, by Mandiant. This utility let me grab history files and arrange them into a nice, easy-to-read report that told me where, when and how long my intended target was spending time on the web. That combined with a drive mapped to the administrative share on his computer showed… That he was actually relatively innocent. Yeah, he went to some sports websites, but only first thing in the morning and at lunchtime. Nothing worth firing him over, at any rate.

Next, there was a more, um, general security question. And, okay, it wasn’t actually at work, but it’s good to know for work. A friend thought her computer might have been inadvertantly used in the comission of a crime by a “guest” and asked me to check it out. I can’t go into details because of pending legal action, but I decided to let her take it to the proper authorities first, in case I were to mess up any evidence. Once they’re satisfied, however, I’ll take a look at it. And, thanks to another blog I read, I’ll be using something called Helix.
I have read the aforementioned blog, A Day In The Life Of An Information Security Officer, for, well, years, actually. Mostly, it’s just an interesting diversion, but sometimes, I get good ideas from the posts and case files. This time, the new tool came from the comment section. Helix was suggested by another faithful reader. It’s a bootable, “live cd” Linux distribution. It’s also free, which is one of my main criteria for the tools I use.

I also had to clone a giant Windows XP disk this week. I tried a number of utilities, including Symantec’s Ghost, but it was another Linux distro that saved me. This time, I used Knoppix. Also a bootable, “live cd” distro which is available free from the Internet. I found the command by accident while searching for something else, but I also discovered there are other ways to clone a cd via Knoppix. My Google search turned up several HowTo documents. There was one on Knoppix.net’s forums, another on Linux.com and a third on Just Linux. I used the third method first, which turned out to not work so well at all. Something to do with XP and how finicky it is about hardware and booting, I suspect. So, I finally moved on to the appropriately named NTFSClone. I still had problems making it bootable, but I attribute that to the old disk running Windows XP. I hate XP. Truly. Still, I managed to have some good fun with all the different attempts. I enjoy a good intellectual challenge!

These days no one can afford to be just a “Windows Admin” or just a “Novell Admin” or, even just a “Unix admin”. We have to use the right tools to get the job done, whatever that looks like.
I’m the man behind the curtain who makes the great and powerful Oz go. If I want to outwit the flying monkeys that the Wicked Witch of the West sends after me, I’d better have a whole lot of tools in my toolbox besides my magic ruby hammer.
Even though I’m Linux certified, I don’t work with it enough for my taste, so I’ve finally gotten off my lazy butt and installed Open SuSE on two old laptops I have at the house. Again, it’s free and so were the laptops. One is an old Dell that came from an old job. The other is a Compaq that a friend gave me because he knew I’d get more use out of it than anyone who he might donate it to for the tax write-off. Either that, or I’ve become a charity. Hey, it could happen!
In any case, I’m working on expanding my toolbox, one piece at a time. And, now, you can take advantage of my tinkering to expand your own digital toolbox. Have fun with the new toys!

Hey, remember the days when I talked about geek stuff all the time?

Yeah, me neither, but, still, the title of the blog is Diary of a Network Geek and this is news that matters to geeks, so…  I saw this yesterday and again early this morning: Novell Sacks Cheifs. So, it looks like another changing of the guard at Novell.  I find myself wondering how long this company will be able to hold on these days.  I know, people have been saying that for ages about poor, little Novell, but, really, how much longer can they hold on at this point?  A dwindling market share, massive competition from giants like Micro$oft and endless management changes do NOT inspire confidence.  Sure, they’ve revamped their product line to embrace Linux, but I’m starting to think that it’s too little, too late.  And, trust me, I LOVE Novell and their products.  I’ve been a Novell zealot since I started in IT and Novell certified for fourteen years.  I used to live and breathe this stuff.  I’ve seen Novell product do more on fewer resources than, well, than almost anything going.  But, even I have to question the company’s decisions and direction these days.

I guess it’s a good thing I enjoy Linux and got Linux certified not too long ago.  Maybe, with this news, it’s time to focus on my Unix experience and abandon Novell to the market wolves.  I certainly would prefer a Linux or Unix job over a Windows Admin position.  Of course, if the pay is right, I’ll babysit your kids or design web-pages for you.  Heck, if you pay me enough, I’ll even publish trade magazines for the self-storage industry!

It’s been a long week.
And, frankly, next week doesn’t look like it’s going to get any easier. For starters, I’ve been wrestling with this server at work. I mean this has been real Jacob wrestling with the Angel kind of epic battle stuff here. In fact, it was so bad that just today I was looking at returning Novell’s Open Enterprise Server and SuSE Linux in favor of Windows Server 2003. For those of you who know me and know my Novell zealotry, you know how much I would have hated to do that. Thankfully, the guy Novell sent over to help out got me squared away. I think I’ve actually been Novell certified longer than he’s been in the business, but, still, he knew his stuff, so it’s all good.
I’ve been trying to get the server installed for the past two weeks and kept running into strange errors. Well, it turns out to have a really, tiny, picaune thing. Remember some time back I was talking about naming conventions? Turns out it was more important than you could imagine. In the old days, we all used the underscore character in our tree names, as in “CompanyName_Tree”. Now, apparently, no one uses that convention and, as a result, a bug slipped through that kills the install. So, do I get a prize for finding it? Doubtful.
In any case, we managed to convince the boss that we should stick with Linux and OES and that we’d go over the migration tools tomorrow, which is when most of you will be reading this post anyway. So, I’m still going to get those career goals in after all. Woot!

On other fronts, I’ve got at least one, dear, sweet lady crawling all over my site to try and find out all about me. No matter what she finds here, and, yes, I am directing her to put the best possible spin on who I am, it still won’t be me. Not all of me. Not the part of me that people really love. The blog gives information, but, I’m more than the sum of my stories. And, in fact, many stories simply won’t ever see print, here or anywhere else. I have collections of odd, little facts and strange, obtuse skills that simply don’t fit well into a blog. And my humor doesn’t really play well in print, either. It’s all timing with me, and you can’t do timing very well in print. Still, I worry that we’ll be all out of things to talk about by the time we actually connect for coffee. I hope she’s ready to talk about herself!
And, several people have come to me for advice in the past week. Or, I’ve seen a couple of situations that I’d like to advise people about. Thankfully, I’ve shown restraint. Mostly. No one really wants me to give them advice. My advice is rarely well recieved, even if it is dead on. It may be my communication style, but, whatever it is, people sure don’t like hearing my advice. i do try and temper it by starting off with “Well, if I were in your position, I’d…” Doesn’t always work that well. Of course, I never said I made the best choices for myself, either! Still, sometimes it’s just like watching a slow-motion train wreck. You can see it all happening, but what can you do? These folks wouldn’t believe me if I told them the pattern I see in their lives. They’d just get pissed off at me. Of course, it wouldn’t change that I was right or that they knew I was right, but, still…

Well, there’s more, but my brain is all a-whirl with thoughts of my upcoming day, weekend and week that I can’t summon them up. Besides, I have a feeling I’d really irritate someone if I did! Always seems to work that way. So, it’s off to a lonely bed with my faithful companion. G’night.

Have you ever had to learn on the fly?
Well, most of us geeks have, at one time or another. In my case, it was basic Cisco router administration while under fire. No, not literally under fire, just in a tight spot with tons of pressure to get things done quickly and right the first time. Back then, it was pretty easy to get an entry-level Cisco certification, but they made that harder right about the time I tried to get it. Which, honestly, is besides the point. I didn’t really need a Cisco cert to get stuff done. All I really needed was some basic commands. Well, now, we’re all in luck. Thanks to TechRepublic, you can get through some basic Cisco admin tasks with little or no help. Just hit Cisco Administration 101, and they’ll walk you through the basics of setting up a router. And, by basics, I mean setting the Admin password, too, not just configuring the interfaces. Basic configuration includes basic security!
Anyway, it’s a start and enough to get you through a tight spot.

Ready to claw your way to middle management?
Well, then you better have a good resume! Luckily, TechRepublic is there to help with the downloadable article, Ten Things You Should Know About Creating A Resume For A High-Level IT Position. I’m not sure I agree with everything they’re saying in this one, but, then, I’m not close to middle management these days, either, so it’s worth a look. Still, I’d pay more attention to the headhunter I’m working with than a canned article. Again, it’s a good place to start, but I sure wouldn’t stop there.
Unless you like the endless round of interviewing for jobs you’re not qualified for or interested in taking.