I got a SANS pamphlet in the mail today, which makes me feel guilty. Not really guilty, as in "I should go but I'm not" (even though I should, and I'm not), but because in terms of IT security, I've sort of been in the "Oh, I'm sure that'll be fine while I'm doing all of this other stuff" mode. It's not a good practice to be in, but I don't see any way to give IT security the attention it deserves when all (and I mean all) of my free time is spent building new infrastructure and stopping the existing infrastructure from falling apart. And if you don't believe me,
msimmons@newcastle:~$ ps aux | grep Eterm | wc -l
21
That's not counting the VMs that are installing right now, or the VM diagram I'm using to keep track of which physical machine will be getting what virtual machine.
I cringe whenever I think about this phrase, but I don't have enough time to worry about security. The automatic response to that (even from/to myself) is "do you have enough time to clean up a break in?". I'm not monitoring logs like I want, and I don't even have enough time to set up a log monitoring system to do it for me. I'm hoping that in a few weeks things will relax and I can start putting emphasis where it should be, but it isn't right now. I really need more staff to give proper types of attention to security, various Oracle, Postgres, and MySQL databases, site buildouts, asset management, user support, and backups, but I don't have it, so I find myself juggling all of those various tasks, and my stress level is directly related to how many balls are in the air at one time.
Looking through the SANS booklet, I see all kinds of classes that I'd love to take (the Network PenTest / Ethical Hacking class, for one) but I can't even foresee enough free time to take the class, let alone utilize it.
Have any of you ever been to a SANS conference and received training? Was it worth it? How did you get to use it back at your job? Cheer me up and regale me with stories of success from conference training ;-)
skip to main |
skip to sidebar
A blog for IT Admins who do everything by an IT Admin who does everything
Blogs I frequently don't have time to read
Posts
Blog Archive
-
▼
2009
(119)
-
▼
May
(16)
- Outstanding new sysadmin resource
- Software Deployment in Windows, courtesy of Admin ...
- Followup to slow SAN speed
- SAN performance issues with the new install
- Monitor Dell Warranty
- That was a well needed break
- Ouch.
- Security is a process and not plug&play
- Happy 1st Blogiversary!
- Obtaining the WWPN of fibre channel HBAs
- Quick blurb: Nagios is forked
- NVidia's Tesla C1060 - The FM principle?
- Learning
- Wahoo! 500+ Subscribers!
- Resizing storage LUNs in Linux on the fly
- Random thoughts on Slashdot
-
▼
May
(16)
People following this blog
Other affiliations / blog groups
Calling all guest bloggers
Do you have an idea for a blog entry that you want to write? Do you have a blog entry that you've already written, but don't have a place to publish it? I'm definitely interested!
As I don't make any money on this site, I can't offer to pay you for it, but I will happily link to whatever web presence you'd like. My current subscriber count is right around 500 people, so your article would be viewed by a lot of people.
To get in touch, email me at
standalone.sysadmin@gmail.com
As I don't make any money on this site, I can't offer to pay you for it, but I will happily link to whatever web presence you'd like. My current subscriber count is right around 500 people, so your article would be viewed by a lot of people.
To get in touch, email me at
Twitter / standaloneSA
Automatically Generated Amazon Ads
Labels
- security (14)
- networking (13)
- storage (12)
- vacation (9)
- administrivia (8)
- advice (7)
- guest blog (7)
- server room (6)
- virtualization (6)
- backup (5)
- learning (5)
- monitoring (4)
- nagios (4)
- whining (4)
- asking questions (3)
- blog (3)
- cat5 (3)
- fail (3)
- fiber (3)
- physical infrastructure (3)
- remote management (3)
- troubleshooting (3)
- windows (3)
- CLI (2)
- LVM (2)
- archive (2)
- colocation (2)
- debian (2)
- debugging (2)
- dns (2)
- esxi (2)
- giveaway (2)
- hardware (2)
- howto (2)
- laptop (2)
- lisa (2)
- policy (2)
- preblog (2)
- racks (2)
- redundancy (2)
- tech support (2)
- telecom (2)
- training (2)
- vmware (2)
- vpn (2)
- AoE (1)
- IPv6 (1)
- Level3 (1)
- Linux (1)
- NAS (1)
- QA (1)
- QC (1)
- T1 (1)
- active directory (1)
- article (1)
- automation (1)
- bandwidth (1)
- benchmark (1)
- bgp (1)
- blackberry (1)
- blogiversary (1)
- books (1)
- burnout (1)
- business (1)
- centos redhat ldap bugzilla (1)
- checklists (1)
- cisco (1)
- clusters (1)
- competition (1)
- conference (1)
- convention (1)
- cooling (1)
- database (1)
- documentation (1)
- education (1)
- encryption (1)
- ethernet (1)
- ethics (1)
- fibre channel (1)
- filesystems (1)
- fire (1)
- freebies (1)
- heroics (1)
- high availability (1)
- imaging (1)
- incident response (1)
- installation (1)
- international (1)
- iscsi (1)
- kvm (1)
- ldap (1)
- leasing (1)
- licenses (1)
- link (1)
- load balancing (1)
- marketing (1)
- mobile (1)
- money (1)
- openbsd (1)
- oracle (1)
- osx (1)
- passwords (1)
- patching (1)
- project management (1)
- rack unit (1)
- raid (1)
- recycling (1)
- remote desktop (1)
- resources (1)
- routing (1)
- rss (1)
- safari (1)
- sage (1)
- san (1)
- shortcuts (1)
- slashdot (1)
- small infrastructure (1)
- social networking (1)
- soho (1)
- ssl (1)
- stress (1)
- switches (1)
- systems administration (1)
- technology (1)
- terminal server (1)
- time management (1)
- top list (1)
- toplist (1)
- twitter (1)
- uptime (1)
- usenix (1)
- wireless (1)
- xen (1)