Networked Devices and Systems Track Overview Video

The following is a transcript of the video clip "Networked Devices and Systems Track Overview":

Tyler DeWitt (Senior): I'm Tyler DeWitt. This is Chris Schenk.

Chris Schenk (Director of Computing Operations): I'm Chris Schenk.

DeWitt: You can introduce yourself, sorry about that. Let's start off actually with a fun story. So a couple of years ago, you're sitting at your Mom's house for Thanksgiving, and you got a little phone call from somebody.

Schenk: Yeah, actually I wasn't going to bring this up, but the FBI called me the day before Thanksgiving, an agent from Seattle. And I ended up working with him over the course of two weeks to debug an issue on one of our servers that was misconfigured and allowed the downloading of the entire Amazon website, plus three others, that would most likely be used in a fake website to steal credit cards and that sort of thing. So, you wanted to bring this up because?

DeWitt: I think it's a fun story.

Schenk: Yeah. Yeah it's actually a good lead-in to, the reason why I went back to school for a Masters degree was specifically to do this kind of work about computer forensics and investigations and debugging, in the way this guy was doing to, basically his job was to protect our national interests against fraud, and different companies against people that were trying to steal intellectual property, and I found that to be a very intriguing idea for a job. And so this track is essentially born out of the idea to train people to train people to do that kind of work, in addition to a number of other things too.

DeWitt: So let's go ahead and take a look at the requirements slide here. And you can kind of talk through, what does this foundation coursework, how does that lead to the types of jobs you were just describing?

Schenk: So, this particular track sits at a level higher than computer systems. It's a conglomeration of a lot of different types of study, because you've got people who are writing software, software engineers, you've got systems people that Dirk's going to talk about in a little bit, writing low level code, device drivers, [...] Somebody's got to put all that together, and the people that do this kind of work, end up integrating all these systems, and have to monitor them and manage them all at the same time.

So, for our foundation, fits into, you're going to have to know your Operating Systems, you got to know how processes work, you got to know when things are going to go wrong, because things crash all the time. You got to know your Network Systems, you got to understand your network protocols -- we live in a day now where everything is connected -- and I spend a lot of time debugging network problems. System administration is essentially what I do for a day job. You basically do everything, you're installing other people's software, configuring to, tailoring to what you need, you're networking hosts together, monitoring those hosts. You're dealing with databases, user interface things, passwords, and all sorts of things, there's like, 12 different databases that you can touch. So you get a lot of that in that class as well.

DeWitt: So what's the difference between someone who takes this Network Devices and Systems track and somebody who goes to a community college and gets an IT degree?

Schenk: Well that all varies on the college, you go to some like, ITT tech, they might have very specific, like certification courses that they'll, Cisco certified, you can go and configure the network however you like. But you'll only know your network. In this particular set of, you understand your network, networking you get to do programming, clearly you got to go through our foundation courses. You got to do computer systems, you got to do data structures, algorithms, you're going to have to know all that as well. You're going to end up writing scripts, multiple languages you can do that in, Python, Perl, PHP, bash, or any other shell. You basically end up with way more exposure to these things, all these different things you can use to intentionally counter, well maybe a subset of that, you know what you learn here, Google's probably taken that and multiplied it by 1,000 to run their world. But at least you get a foundation, step into that role if you know you had to, at least for a wealth of information.

DeWitt: Alright, then could we take a look at the talking points slide.

Schenk: So I've already mentioned some of these things. One of the really cool parts that I like about this job is that I get to design solutions to stuff, kind of come up with new and cool ways to automate myself out of doing any sort of work, which actually never really happens, automate some, mainly out of things that explode, this happened with Dirk and I last night, both of our networks went down simultaneously which made for a very fun 24 hours, so things like that will always keep you busy.

But I get to integrate, you know, I've got servers that are running, different services, I run web servers, mail server, DNS, monitoring stuff, on a single-machine, multiple-machines that are backups, users have access to them so passwords, databases. I'm connecting all of them with switches, with fiber-optic cable and regular cable, 1 gigabit, Dirk's got some 10 gigabit stuff, got to understand those protocols. So tons of integration, tons of design to, how's it going to be manageable, how can we notify when something goes wrong, people get really annoyed when they can't read their e-mail, so try to keep that up as best I can.

And obviously there's a huge component of security, because no matter what we do, people are always trying to break into our stuff. The FBI case is a perfect one, there's people out there that are constantly scanning for servers that they can control, and do whatever they want, and so we're trying to keep them out, and if we do detect when they're in, we also have to do work to figure out how they got in, so we can prevent that from happening again in the future. So that happens a lot.

Obviously we're dealing with a lot of users; there could be things that even a good person is doing bad things -- I'm sure a lot of you have heard of fork bombs in Operating Systems, taking down servers, it happens, so we have to monitor those kinds of things. I really like the protocols. It's really neat, and this all goes back to designing, you get to really dig into what's happening today, what are people doing in terms of developing new protocols. We're clearly based on TCP and IP and all these things you use for general networking. But there's all these other management protocols, SNMP, extensions to these things that can really make your life easier in terms of managing this stuff, really get to the forefront of what a lot of large companies are doing, they're managing thousands of hosts, thousands of network devices, or they've got networks that cross country boundaries and continents, and how do you manage, you know, getting some exec's e-mail from Washington D.C. down to, you know, Rio de Janero, and have him be happy with the latency, you know, there's all these things that you end up having to think about.

And you get really good at debugging and problems solving. I always joke, when I taught sysadmin, if you learn one thing out of class, learn how to search, how to Google, because if you know how to do that you can basically figure anything out. But again, the forensics part is really cool, doing some of that, we can actually talk about the capstone here. The two classes, this is unique to this track, have a capstone that separates it from the usual senior thesis or general software engineering kind of stuff, where you take two separate classes, one where you learn how to essentially build the Internet from the bottom to the top, in terms of switching and routing, then you also take a second class which is all about security and is taught by a handful of security experts that work in industry today essentially keeping the bad guys out and assessing what they do, looking at the code they write, looking at new vulnerabilities that are in the wild that Microsoft doesn't know about, things like this, that's what they do day in and day out. And you end up learning how to do packet traces, how to look at dumps of network traffic and figure out what happened, actually look at malware to determine what it's doing, what it's doing to your computer and how when it's phoning home to some random server. It's just really neat especially when you've got these guys who've been doing it for 10+ years, it's really a good experience for the capstone.

DeWitt: And you mentioned the Network Systems class, which was a great time to fall asleep, but other then that, also taught me a lot, and it's really hands-on, and I found that, maybe you could talk more about how the Networks Systems track is really hands-on, like you were talking about security and like, one of my classmates used "test" and username and "test" as password, and it actually got hacked into.

Schenk: Within a day and a half.

DeWitt: So you're dealing with real-life situations here, even in the classroom environment.

Schenk: That's a good point, yeah. When we teach we have these virtual servers, right, to try to get you real experience -- as soon as you put a server on the Internet, it's getting attacked, from day one. And how do you prevent that? Especially, it's kind of freaky, you're a new student and you're learning this for the first time and after a day of "test" and "test" as username and password, someone from Romania is mucking around in your files. You can't substitute that experience with a fake environment; you're sitting there, and you're looking at the trace of users and where they logged in from, and you say, you see this? This is for real.

When I joke that the Russians and Romanians and Chinese are trying to break in, it's real, and students really enjoy that, the real application of it, especially, we saw it with DNS as well, understanding the worldwide distributed database that exists, that's managed daily, and how that operates, you get the real deal essentially [...] It's very hands-on, everything you learn is directly applicable to work You definitely get fluency on the command line, which will help you everywhere.

DeWitt: You've already listed a couple of potential careers, what are a handful of other jobs you might take after a Network Systems track?

Schenk: Well people ask me occasionally, "Where could you go with your experience?" I say, "anywhere that's got Internet". Because, since I know how to build the Internet now, I literally know all the protocols, all the different configurations that can happen on these networks, I can be a network engineer in any part of the world, because everybody needs people to manage a network. So that's one option, if you want to go a network route.

System administration route is the same way -- you got a machine that's connected to the Internet, you're going to need systems administrators to keep it safe, to keep the data in there secure, keep it up and running from hardware failure, from people fork bombing, from a host of things, and that's going to exist anywhere you have people working with computing. Specifically you've got a wide, varying range of things too. You could be, computer science is a fairly small shop, you know, you got a handful of servers, a handful of network devices, keep the Romanians and Russians out as best we can, support research as best we can, and we got places like Google or Microsoft, level three, fiber optic networks, trunking these massive amounts of data, and there's just this huge range of opportunities. Any company, that exists today, you could work for, that's got something on the Internet. It's kind of nice to have a lot of options.

DeWitt: And on the opposite end, who might want to get into this track? I'm guessing like if you're a script junkie or script kiddie already who is the Romanian who broke in, you might be more interested in learning the technical details, how this works?

Schenk: Yeah, you end up getting to be a real "hacker" when it comes to this stuff, because you know, you could be a hacker in terms of writing good code, when I say "hacker" I mean, in this case I mean malicious one, break into stuff, but it's really, the people who like getting into the details of how things actually work at that integrated level, and you can talk about TCP protocol all day long, but until you understand how that fits into a network stack, and how that affects everybody on your local segment, how much bandwidth you're using, and all that stuff.

People who get into this, I've seen people who, they start in the Software Engineering track, they just really like that, the more higher-level stuff. You're writing scripts to automate things, so people kind of converge. You're never going to get away from the Software Engineering stuff, I still, just last week, ended up writing a handful of PHP scripts in a couple of hours. So you're going to still use that, but it's much more like tool building, where Software Engineering can be this big piece of software, web application, this is like solving very specific problems, and I actually really like that part because you can get distinct projects and complete them, forget about them for a year and a half until they break. It's very tools-oriented.

DeWitt: And just to wrap up here, what do you say to all the concerned moms and dads out there who now think that their kid's going to have dangerous knowledge of this Network Systems, they're going to be breaking into the bank and getting an FBI call to get your son or daughter out of jail.

Schenk: I hope they raised them well. You know, I actually had another professor, here's another story, a student took the class two or three years ago, I demonstrated a password-cracking utility for the "test" "test" kind of case, where it's very easy to crack easy passwords, he ended up running it on another server in another department that he was the administrator on, and upset a lot of faculty, and so the faculty came to me and asked, "do you teach ethics in this course?" Because, he was starting to get upset at me because he was upset he had to deal with this situation at all, and I said, "absolutely", you know, that's one thing that's very strongly emphasized throughout the whole course, is that you want to be on the good side. When you get a phone call from the FBI agent, you want to say, "absolutely I'm doing everything I can to remedy this problem, and I am not the cause." So you know, stories like that, really close to home, brings this sort of ethereal world tat you see, in movies and TVs, straight to your seat in the classroom, I think it becomes fairly real and the people who are going to do it, probably have larger problems already. So, most parents I think shouldn't have anything to worry about. We usually try to teach people good things.

DeWitt: It will be taught by yourself, so it's a little sketchy.

Schenk:

(Laughs.)

Yeah.

DeWitt: Any other questions, anybody had? Alright, thanks Chris.

Schenk: Cool.

Transcript provided by Erik Silkensen.