On Thu, May 14, 2009 at 2:30 PM, Paul Asadoorian <[email protected]> wrote: > All: > > I'd like to start a new thread where we all share our experiences on how > we got into computer security. Specifically I want to hear about people > whose boxes got hacked, and sparked a life-long career in infosec. > > I may use your story in an upcoming piece I am working on, if I do I > will contact you off-list for permission and such. > > Larry, I know you got a good story here ;) > > Thanks! > > Cheers, > Paul >
I was working for a university as an IT slave and setup an Oracle instance because I had read about it in a course I was taking and wanted to experiment. I shut down the machine after the course was done. Several months after my experimenting I received a phone call from the university senior security engineer (John Sawyer) asking what we were using Oracle for. My initial response was nothing, little did I know the machine had been powered back on by a colleague of mine (communication fail) and the Oracle instance had been exploited providing the attacker with full access to the box. Fail. Of course I didn't have much of a clue at the time about what actually happened from a technical standpoint but from there on out it was like 5K questions about how, what and why security works. _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
