Re: RE: present day admin skills

["R. DuFresne" <dufresne () sysinfo com>]

> I disagree.  Finding resources on the Internet is one of the best
> skills, and often overlooked.  I don't know how many times have I 
> been asked a question, the answer to which I didn't know but did 
> find quickly on the Internet.  I'm amazed by how many people never 
> even bother to try to do any research. I think to use a "walk through"
> you have to at least understand the what you need help with.  Most 
> people, IMHO, can't even isolate a problem, let alone troubleshoot it.
>
> Personally, I got my start in the Helpdesk world, from first level
> live call rep to technical team lead.  I learned troubleshooting in 
> a nutshell, but was able to use those concepts to diagnose more 
> detailed problems. I think the crux of the problem is that, with the
> IT crush of the 90s, people were hired based on potential or supposed
> talent.  Hell, thats how I moved from Helpdesk to Security!  But with
> so many people, they never had to "cut their teeth" as it were, and 
> they never built a strong technical foundation.

Much of this is socio-cultural, well ingrained into us from the time we
enter school and before, from our parents et.al., spoonfeeding...

One of the best High School instructors I had gave a few lectures my senior
year to his classes, to prep folks for college, after 25 years I still see
him in the minds eye here, standing in front of the class, pacing back and
forth <Mr. Loo, hi if yer out there>, ranting about how the years of spoon
feeding ended after H.S.  Once you  got into college you were expected to
find your own way he would tell us.  You are expected to know one of the
best resources is you campus library <the web did not exist then,
computers were not on desktops and tables at home>, get to know the
library well, find and claim a favorite chair, see if the librarian will
grant you privilege to "move in"...

How wrong he was, things must have changed in the years since he'd gone to
when I did, spoon feeding was the thing.  Text books gone over cover to
cover chapter for chapter in lectures, outlines of it all given the first
day of class, some classes were so 'well defined' one did not have to open
and read the texts at all, afterall it was covered fully for you the next
day.  And this attitude persists overtime and permeates society.  How many
folks have posted about admins of one level or another that come to them,
daily or weekly even, asking how to do the same task they asked how to do
just the other day, never taking a single note down so that they can do
this on their own after the first pointer?  I've come to send these folks
off for a notebook and pen before helping direct them these days...

Additionally:


> very point is where the rant that I wanted to avoid would go.  IMHO, to
> a certain extent, *all* people-related problems are management problems,
> and *all* management problems start at the top.  I do not mean to imply
> that all top-level management in all companies are completely clueless
> or negligent.  What I *will* say is that in companies where people at
> the C level and board level do have an appreciation for the value of
> competence and manage appropriately, there is a much better match 
> between
> the skills of the people who are on the job and their job requirements.

CNN had a great piece on the Yellow Trucking company, doing a re-org after
the recent downturn to the economy.  What struck me in that bit was
hearing the CEO mention that the first sign of trouble in getting managers
and employees to adapt to changes in corporate policies was hearing them
sight "this is not how we've been doing things before <paraphrased>", that
according to him was a BIG heads up that -specific attention- needed to be
paid to these folks, in this area/dept, to gain compliance to the changes
<reminding me of many of the old discussions of getting departmental *buy 
in* to corporate security policies [1]>. Humans are habitual beings, that
adapt slowly to change, sometimes, if there's not a fully compelling
reason to adapt, it can take generations <mjr mentions this in response
to the morris worm paper discussion of late>.  Yet, it fosters an attitude
common to this thread, that "this is just how things are, there's nothing
any one can do",  Bruce Hornsby and the Range said:

        That's the way it is,
                somethings will never change...


Which rings true as long as we accept that adage.  But, if we challenge
these assertions, then we have the potential to affect change, until we
do, each and everyone of us, in work life as well as personal life, we are
stuck in a rut, and deserve no better.  It seems that perhaps folks are
taking a closer look, and thinking it is time to affect change, and then
maybe they will run into so many walls they will come to the conclusion;

        That's the way it is,
                somethings will never change...

And corporate life will remain a place whence people get by just looking
busy, spinning wheels that are not tied to anything of substance.  In that
case we remain in a situation like the mentioned mitnick/shimomura
incident of the past, which bears a striking resemblance to the code
red/nimda blight of last year, shimomura was well aware of the *potential*
for the attack mitnick launched, he just ignore the possibility that
someone might actually use it against *his* systems it seems, just as
folks have had the information that patches are available, and to this
moment, I can parse my web logs and see the traces of worms back to
sadmind, code red's, and nimda's.


[1]  This topic has been gone from discussion for quite a number of years
now, departmental buy in when affecting corporate policies, especially as
it relates to info-sec.  But, I see increasingly that reluctance centers
upon a practice of policy being driven from the top down and the
managements and employee base feeling they are *forced* to change only due
to a new 'few on top' this season attitude <referring here to how super
top level managers change horses so often it's hard to remember that this years
heavy weight for your company was last years loser for the competitor and 
his policies drove them into bankruptcy>.  How many companies are
rewarding their top folks for the poor preformance numbers of last year
with HUGE raises and bonuses, and how does this affect the employees
attitudes and the budgets of various departments, espeacialy those in IT,
some of whom could function for years on those alotted raises and bonuses 
as compared to current budget funding?


Thanks,


Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!






_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards