mailing list archives
Getting Your Start Because You Got Hacked
From: rsreese at gmail.com (Stephen Reese)
Date: Thu, 14 May 2009 17:35:29 -0400
On Thu, May 14, 2009 at 2:30 PM, Paul Asadoorian <paul at pauldotcom.com> wrote:
I'd like to start a new thread where we all share our experiences on how
we got into computer security. ?Specifically I want to hear about people
whose boxes got hacked, and sparked a life-long career in infosec.
I may use your story in an upcoming piece I am working on, if I do I
will contact you off-list for permission and such.
Larry, I know you got a good story here ;)
I was working for a university as an IT slave and setup an Oracle
instance because I had read about it in a course I was taking and
wanted to experiment. I shut down the machine after the course was
done. Several months after my experimenting I received a phone call
from the university senior security engineer (John Sawyer) asking what
we were using Oracle for. My initial response was nothing, little did
I know the machine had been powered back on by a colleague of mine
(communication fail) and the Oracle instance had been exploited
providing the attacker with full access to the box. Fail. Of course I
didn't have much of a clue at the time about what actually happened
from a technical standpoint but from there on out it was like 5K
questions about how, what and why security works.
- Getting Your Start Because You Got Hacked, (continued)