Alienvault

Post Reply
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

Anyone have any experience with this product?

I'm in training on deployment and configuration today and tomorrow. (Guy's doing marketing crap right now...)

Followed the lab a bit and I just logged onto AWS for the first time ever... I think I'm in Catt's world now.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
TheCatt
Site Admin
Posts: 53725
Joined: Thu May 20, 2004 11:15 pm
Location: Cary, NC

Alienvault

Post by TheCatt »

AWS is my world, but Alienvault is not. We outsource all the IT stuff.
It's not me, it's someone else.
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

Pretty interesting training, although most of it has been spent helping people log on and one group of three who don't seem to be able to do a single thing correctly without the instructor's help. I've been sitting here for 20 minutes now as he walks them through a lab.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

In another two day online training session from home.

I really rip college students for being unprepared and lazy, but adults suck shit just as much.

Some of these other students are completely unprepared, aren't listening, can't follow simple instructions, and the lack of technical skills/knowledge in a fucking tech class is mind boggling.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
TheCatt
Site Admin
Posts: 53725
Joined: Thu May 20, 2004 11:15 pm
Location: Cary, NC

Alienvault

Post by TheCatt »

Leisher wrote: In another two day online training session from home.

I really rip college students for being unprepared and lazy, but adults suck shit just as much.

Some of these other students are completely unprepared, aren't listening, can't follow simple instructions, and the lack of technical skills/knowledge in a fucking tech class is mind boggling.
Why I stopped going to tech classes.
It's not me, it's someone else.
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

The current lab has us writing paragraphs about the incident we just made happen in our virtual lab. (We infected PCs with WannaCry.)

Guess what? I'm on spring break from college, and I'm not doing a writing assignment that doesn't get graded or even turned in.

Fucking busy work. How about teaching us something instead? Most SMBs aren't going to require reports be written in the event of an outbreak, and certainly not in this format. I'd rather do more exercises covering how to spot outbreaks.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
TheCatt
Site Admin
Posts: 53725
Joined: Thu May 20, 2004 11:15 pm
Location: Cary, NC

Alienvault

Post by TheCatt »

Leisher wrote: Most SMBs aren't going to require reports be written in the event of an outbreak,
Really? You don't do post incident reviews or retrospectives after events? I would argue most places with relevant CI processes do them.
It's not me, it's someone else.
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

Most don't have the staff for it. Hell, most don't have ticketing systems in place. (And that's really what we, as networking folks, would use.) We currently don't have one. I asked Cakedaddy for one he created way back in the day, but he doesn't have it anymore or something. My co-worker just finished a year long project creating a call reporting system in Access for one sales division, and I might have him now create one, but he won't be available until summer. I've shopped for them, but they're crazy overpriced.

And you'd shit yourself if you saw the number of businesses we deal with that still use fax as a primary means of communication.

Networking folks are much different than programmers. We're more like firemen. React, fix, move onto the next fire. Almost all of my reporting is verbal to the CFO (my direct boss), an email to certain department heads to give them a status, and if completely necessary, an email explaining what happened to the whole company. If I had a ticketing system I would throw the problem and fixes in there, but the only people that would have access would be IT. And who would I be writing a report for? Anyone outside of IT doesn't give a fuck. I'm the head of the department and I already know the details...

I also want to add a lot of SMBs don't have any IT folks on staff. No reports are being written there.

And if it makes you feel better, I have used this time to log onto my actual network to do things on the Alienvault software that I've learned in this class. :D
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
Leisher
Site Admin
Posts: 65253
Joined: Thu May 20, 2004 9:17 pm
Contact:

Alienvault

Post by Leisher »

Update: Of the 20 folks in class, zero volunteered to share their written document so the instructor could review it to the class.

I'm guessing I wasn't alone in my thoughts.

One guy even typed in chat: I had no clue how you even got the information to do the report, so I didn't do it. I guess he didn't do the previous labs?
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
Post Reply