logo

drewdevault.com

[mirror] blog and personal website of Drew DeVault git clone https://hacktivis.me/git/mirror/drewdevault.com.git

new-sysadmin-lecture.md (1594B)

    

  1. ---
  2. title: New sysadmin lecture
  3. ---
  5. You're a production sysadmin now. That comes with certain responsibilities. In
  6. short:
  8. 1. Respect the user's privacy, and look at only what you must.
  9. 2. Think before you type.
  10. 3. With great power comes great responsibility.
  12. Assorted tips:
  14. - Practice your changes on localhost first.
  15. - Ask for help if you need it.
  16. - Always run your SQL queries in a transaction.
  17. - `SELECT things, you, want FROM x;` is generally better than `SELECT * FROM x;`
  18.   when considering the user's privacy.
  19. - Share information on a need-to-know basis, both with people and with
  20.   computers.
  21. - Avoid doing things that cannot be undone.
  23. ## Spear Phishing
  25. Because you now have access to production systems, you may be a target for spear
  26. phishing. A bad actor may target you directly in a social engineering attack in
  27. an attempt to get you to leverage your access to mistakenly compromise the
  28. system. For example, someone may impersonate another admin and ask you to add an
  29. SSH key to a server. You need to be aware of this risk.
  31. If you receive a request to leverage your access for any reason, double check
  32. the veracity of the request. Is the person on IRC identified with NickServ for
  33. the correct account? Is the email they sent DKIM signed and verified from the
  34. right sender? If in doubt, ask for a secondary form of authentication, such as a
  35. PGP challenge.
  37. This also applies to normal requests from users - don't let someone impersonate
  38. another user in an attempt to gain access to or manipulate their account. Be
  39. especially careful with requests from users with 2FA enabled.