Over the last few days I ran a challenge to see who could write a tcpdump/Windump filter to grab packets with the Window Scale option set. It was a bit of a brain twister. It was one of those problems that you start off thinking is easy, but then realize is very hard. You then start questioning if you are on the right track because it can’t possibly be as complex as it seems to be. I was specifically trying to push the envelope a bit on this one.
In the challenge I stated that folks should post their thoughts/answers in the comments section. Only one person was willing to do so, while everyone else contacted me via e-mail. At first I thought it was a privacy concern, but then I remembered that I let users pick any alias they want for a screen name. Folks had some really good ideas, but I think they were afraid to come across as too much of a “newbie” in a public forum. I’ve seen the same thing in classroom settings where I will teach a topic, ask if there are questions, no one will raise their hand, but at the end of the day I have a line in front of my desk.
I hit a bit of a milestone this year in that I realized I’ve been in the industry for over 20 years. To give you an idea how long that is in Internet time, one of my first gigs was helping to convert a government contractor over from the “host file system” to this brand new technology called “Domain Name Services”. I remember when Gopher was the slickest kid on the block. Experienced first hand how AOL connecting to the Internet dramatically changed the landscape of computer security. I’ve worked with such greats as Robert Morris Sr. and Alan Paller. I’ve traded tip and tricks with thousands of the brightest minds via the SANS Institute. I’ve spent time consulting to The White House as well as a number of other government agencies.
And with all that said, I’m the first to admit that I by no means know everything. In fact, I fully recognize I still have far more to learn than I’ve already squirreled away in the little gray cells. Personally, I still run across stuff (like filtering for the WScale option) that I look at and say “How the heck have I missed that all these years?”.
One of the things the obsessive side of me loves about network security is that it is a bottomless pit. You can spend every waking moment reading blog/list posts, downloading tools, testing in the lab, and still not be able to wrap your brain around all of it. Network security is subtle and full of nuances. Everyone’s brain is wired differently, so some of these nuances are obvious, and others not so much. One of the cool things about sticking yourself out there is you get the benefit of other people’s brain chemistry. Clearly one of the biggest problems on the white hat side of the fence is that we do not exchange ideas/perspectives often enough. I think far too often ego holds us back.
Are there folks that think they know it all? Absolutely. Again, ego can be a tricky master. I’m reminded of those old t-shirts and posters that read: “Teenagers: Leave home while you still know everything!”. With network security, like most things in life, there is a barrier of enlightenment. On one side of the barrier, the pond seems small and you think you have a handle on it all. Once you break through however you recognize the vastness of the galaxy and just how far ahead that road still stretches.
So I’m proposing a 12 step geek program and I’ll be the first to climb on a soapbox and admit “I don’t know everything and I’m OK with that”. Part of the reason I gave Jeff second place is he came at the problem from a completely different approach and developed a solution I didn’t think of. In other words, by putting myself out there I received the benefit of his brain chemistry.
Like Jeff, everyone reading this draws on their own unique life experience and are fully capable of coming up with unique and innovative solutions as well. You’ll never know for sure however unless you check the ego gremlin and stick yourself out there.
</soapbox>
Chris
