Share Tweet Share





I’ve been writing this blog for nearly four years (four years next month!) and sometimes I have a hard time deciding if I get more enjoyment from the blog postings and comments or the personal e-mails that I receive. Most of the e-mail consists of folks asking for advice like this one from a gentleman that is trying to figure out how to muster up some business for his web security company:

I own a web security company and I want some input on how to get clients. My problem isn’t pen testing at all. It’s HOW to approach companies towards my service and how I can gain clients.

I’m no expert in marketing and sales, but I pointed the fellow towards some resources that might help. Do any of you have any advice for him? Please post below – I know he’d really appreciate some tips. Back on the topic of my personal e-mail, every once in a while I get a banana cupboard-worthy story that is so angry I have to wonder if the author needs anger management or a switch to decaf. He acknowledged that he was angry when he wrote this and was nice enough to let me post it. Take a few deep breaths and read on…

Dr. Monkey, I’ve read your blog for years and it’s clearly my overall favorite. I never know what I’m going to read with my morning coffee. Keep it up! I had to share this story with you now that I’ve calmed down. I was a little pissed off when I pounded this story into a text editor so keep that in mind. I work for a big web hosting company in the United States. I am the monkey in charge of the team that actually works on the servers. We unpack the equipment, rack it, install the OS, install the hosting software, etc. I won’t say exactly how many servers we have because that might give it away. Let’s just say we have enough space to rack servers until 2050 or so. I wish I was kidding. A couple of key chimps that worked on my team got busted for stealing computer parts (CPUs and memory) and were terminated. This pissed me off big time because I barely have enough staff to complete our workloads over all of the shifts (we work around the clock, 24/7, 365 and we don’t get holidays off). I started interviewing replacements right away. I bet you I interviewed twenty or thirty people for these two spots. Nobody impressed me. Everyone was fresh out of school with a degree and NO practical experience (never even built a PC) or they thought they were God’s gift to hosting and demanded twice MY salary to start. What the hell? I was getting desperate. The rest of my staff was working double shifts and morale was low. Guys started calling in sick from exhaustion and colds. One guy got the flu somehow. I was screwed. I talked to management and they gave me permission to hire four of the previously mentioned flunkees to fill the two positions. They argued that we’d only be paying them half what the previous employees made so we could hire twice as many people. I’d just have to do a lot of on the job training with them. I thought this idea sucked, but I had no choice. I hired the best four flunkees out of the bunch. This was the beginning of my DOOM. Two of the guys really impressed me. Well, one was a guy and the other was a girl. They caught on fast and spent most of their “free” time at work reading books and following members of my team around. People like this still exist? Holy banana! The other two guys weren’t nearly as impressive, but they did the job. I moved the two star pupils to the day shift since that’s when most of our customers need support. They dropped right into place and took a huge load off of me. The other two worked our “third shift” which is late night to early morning. This shift is pretty much backup media rotation, network monitoring, and hardware racking. Nothing to it, right? A few weeks go by and I’m in this stupid comfort level. I reduce my hours and actually start going home after twelve hours. I get woken up at 2AM by my cell phone. It’s one of our biggest (and most profitable) customers calling to report that their site traffic is very slow and they can’t reach several of their machines. I tell them I’ll investigate and call them back. I call our “red line” which is a direct line to the NOC (ed: Network Operations Center). Nobody answers. I call again. Nobody answers. I look at the schedule that I wrote up and notice that the two ‘lesser’ newbies are both on shift. I call their cell phones. No answer. I pulled on the same clothes I wore yesterday and raced to the datacenter. As I’m rounding the last turn onto our street, I see blinky lights and smoke. LOTS of smoke. I roared into my parking space and raced towards the entrance of the datacenter. The firemen won’t let me in – they are still rolling through the building. I’m so upset at this point that I’m shaking and fearing loss of bladder control. I call every member of management in my cell phone and tell them what is going on. They are all on their way down. I light up a cigarette (ironic I know since my datacenter is ON F%#$@@$ING FIRE) and start roaming the parking lot. That’s when I notice both of my flunkees with oxygen masks on their faces near a paramedic truck. I grabbed one of them by the shoulders and start yelling at him and demanding to know what the hell happened. He starts crying (he was 22 btw) and can’t talk. The other guy decides that he’s going to pipe up but doesn’t make any sense at all. I nearly had a stroke from the stress. That datacenter was MY responsibility! Hours go by and I’m joined by senior management in the parking lot. Eventually a fireman approaches us and starts telling us what they found. Using the details that he provided and the ramblings that we got from the flunkees I started piecing together what really happened. (Now would be a good idea to stop sipping your coffee – even you Chief.) Apparently these two geniuses didn’t like having to take turns going outside and through our multiple levels of physical security to have a smoke, so they decided that they’d smoke in our storage room with the door closed. That room wasn’t really a “room” per say… it was more like four partition walls and a worthless door. There was no smoke detector or sprinkler in there. They had been doing this for nearly a week. The back wall of this storage room was near the side of the datacenter that housed our offices. (This is important later – the storage room was in the OFFICE part of the building, not the datacenter. There is a single badge-access door between the datacenter and the office. If you wanted to go outside there are two more doors and a lot of walking to do.) The geniuses were using an empty plastic coke bottle as an ash tray. Those of us that smoke know that if you’re going to do that, you fill the bottle half-way full of water so the ciggy goes out the moment you drop it in. Not these two geniuses. No water was in the bottle. They were both in the storage room and had about three or four cigarettes each before they decided to go do their rounds (you know, the stuff we PAY THEM FOR). They dropped their last two cigarettes in the bottle and went out into the datacenter. I still have no idea how the smoke pouring out of that door didn’t set off our fire suppression system, but that’s a mystery that is still under investigation. While the Phd candidates were out doing their rounds, the cigarette butts caught fire in the coke bottle and melted it. Sounds bad, right? Oh it’s not bad yet. They sat the coke bottle on top of a cardboard box. The cardboard box was full of cleaning supplies that the office manager had picked up at the local Costco. What kind of cleaning supplies? The aerosol kind. The fire from the bottle caught the box on fire, which caught everything else in the room on fire (this was a small storage room – maybe 10×10?). It went up quick. You see where this is going. What happens when aerosol cans get cooked beyond 120F or so? They explode. The can explosions apparently demolished the thin walls of this storage room allowing the fire to escape into the office section. The fire suppression system and fire alarm finally kicked off after about half the office was on fire. It didn’t take the fire department too long to contain things. By some miracle, the datacenter side of our building wasn’t harmed. Remember the client that couldn’t reach his boxes that prompted a cell phone call? He couldn’t reach his boxes because the geniuses hit the big red “power off” button to that client’s “suite” in our datacenter instead of the BIGGER red button near the door that kills all power and sets off the fire suppression system. What happened to our two star employees? They were terminated. Not the way I wanted to terminate them. They just lost their jobs. I still blame myself for much of this because I had overall responsibility for everything but I have to remember that I had no way of knowing that they’d do something this stupid. Unfortunately for Darwin, he missed these two. Thanks for the space to rant. HostMan

I don’t even know where to start. Somebody comment. I need more coffee. Chief New to the blog? Don’t miss the SecurityMonkey CaseFiles. You’ll not get anything done for days! 43006-070517-347191-13



© 2007 All Rights Reserved.