Changes for page Chris Short

Last modified by ChrisShort on 2020/02/28 15:25
<
From version < 7.1 >
edited by ChrisShort
on 2020/02/14 20:10
To version < 7.2 >
edited by ChrisShort
on 2020/02/14 20:12
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -17,11 +17,11 @@
17 17  
18 18  ~-~--
19 19  
20 -I started in tech at the age of 15 as an MIS Technician in a Microsoft shop. Windows NT 4.0 was brand new. This was my first job in tech and I was having a blast, but I felt limited by the software. Fast forward three years, I was working for an internet service provider when I discovered Linux (Red Hat Linux 5.1 was my first distro). It felt liberating to have a standard toolset that included almost all of the tools I needed to do my work out of the box. Open source software felt right and spending time learning about licenses and how the ecosystem worked was important. But, then the bottom started falling out...
20 +I started in tech at the age of 15 as an MIS Technician in a Microsoft shop. Windows NT 4.0 was brand new. This was my first job in tech. I was learning a lot, but I felt limited by the software. Fast forward three years, I was working for an internet service provider when I discovered Linux (Red Hat Linux 5.1 was my first distro). It felt liberating to have a standard toolset that included almost all of the tools I needed to do my work out of the box. Open source software felt right and spending time learning about licenses and how the ecosystem worked was important. But, then the bottom started falling out...
21 21  
22 22  The dot-com bubble burst and with no other options, off to the US Air Force for a technical role I went. Once in technical training, it was surprising to see how unstable and insecure the systems were (these were government systems, right?). I got in trouble one day for exploiting an oversight in the schoolhouse systems to message every classroom simultaneously kicking off dozens of messages flying across the network completely disrupting all learning. I got my butt chewed, sure. But, then I helped explain what I did and how to mitigate that risk and a few others. Months later, at my first duty station, an opportunity to learn by taking part in Joint Expeditionary Force Experiment 2000 was my assignment. This Experiment was to test new ways to adapt to changing conditions in the battlespace, which included red/blue infosec teams trying to ward each other off.
23 23  
24 -We hit a problem with some new network gear and the monitoring system we were using. There were many interfaces across the network that we couldn't monitor because our monitoring system required additional licenses to monitor SNMP devices. We knew attacks were imminent and the government acquisition system was not going to work in our favor. Enter open source software: I ran an idea I had up my chain of command. Upon approval, a mentor and I went off and grabbed a handful of spare parts off an equipment self. We cobbled together a modest Linux server. I spent a week carrying around a book titled, 'Unix Hints and Hacks' much to the chagrin of senior leadership. "Who was this hacker in our NOSC experimenting with new equipment and that evil Linux thing?"
24 +We hit a problem with some new network gear and the monitoring system we were using. There were many interfaces across the network that we couldn't monitor because our monitoring system required additional licenses to monitor SNMP devices. We knew attacks were imminent and the government acquisition system was not going to work in our favor. Enter open source software: I ran an idea up my chain of command. Upon approval, a mentor and I went off and grabbed a handful of spare parts off an equipment self. We cobbled together a modest Linux server. I spent a week carrying around a book titled, 'Unix Hints and Hacks' much to the chagrin of senior leadership. "Who was this hacker in our NOSC experimenting with new equipment and that evil Linux thing?"
25 25  
26 26  Within a few days, we had used [[nmap>>url:https://nmap.org/]], [[MRTG>>url:https://oss.oetiker.ch/mrtg/]], [[Apache httpd>>url:http://httpd.apache.org/]], and a handful of other open source tools to better lock down the network and build a network monitoring and utilization dashboard system. That would allow us to see anomalies graphed in real-time and react to them accordingly. Attacks did come, we were able to see an influx of activity at the network boundary and begin the work to thwart it while paying closer attention to internal systems for signs of compromise. The experiment ended in great success. Since we had created the only place in the Air Force that could monitor this new gear, my work center inherited directly from the vendor a bleeding-edge VoIP system for us to tinker with before it went for testing in early 2001.
27 27  

Submit feedback regarding this wiki to webmaster@opensource.org

This wiki is licensed under a Creative Commons 2.0 license
XWiki 14.10.13 - Documentation