I was doing a site survey today, just gathering info to do some troubleshooting from a client site and pulling configs from a controller as the first steps.
Usual story clients saying they get intermittent connectivity.
By the way I didnt do the implementation
I was surveying when a client told me we were using the wrong antennas?
Me "OK why would that be" I ask
Client "You shouldbe using directional antennas as they are more secure rather than omnis"
Me again "OK how do you work that out"
Client "Well I can pick this up in the car park"
Me "Well antenna type really isn't any correlation to security and typically in an office you will get omnis"
Client "Im a security expert and I know all about this sort of thing its the cheapest stuff they could buy"
Me "Well even if you did use diectional antennas with the right kit you could still pick it up in the carpark, and RF bounces all over the place so theres a good chance plus there are back and side lobes to directional antennas"
Client "Directional antennas focus the beam so you cant get onto the wireless"
Me "Shouldn't wee look at security as a more strategic indepth activity than the antennas such as EAP and encryption etc and what are the infrastructure capabilities"
Client "Yeah I know all that us three are security experts (pointing at colleagues) and know all about wireless stuff and this is rubbish"
Am I missing something or is this guy an idiot!
I cant post what I wanted to say but hey ho, we are all adults so you can guess!
Hand him a CWSP study guide and see if he can make it through.
Hahaha. OMG Pete, the term blowhard springs to mind.The thing is, when consulting all you can do is state the facts and hope that there is someone there intelligent enough to know that you are speaking the truth. There's a reason you have been employed and even though they work there they were not asked to do it. They can't fix it and you can. Often those in charge know what blowhards like this are and employ you directly to counter their bullshit with real expertise. Stick to your guns. You're there for a reason.
There are reasons why consultants are consulted in most environments:
1. The current staff is not up to the task.
2. The company needs an unbiased "professional" opinion on the matter and need to justify what the current staff may have or have not already stated.
3. Obtaining funds that might otherwise be un-botainable for pet projects that might not otherwise be approved.
4. The staff at the company are burdened with operational commitments and may not have time for more specialized or more wide-spread projects. Thus extra hands may be needed to get the work done in a timely manner.
I'm sure there are other reasons but these come to mind.
Might just be that they are ?%$&ing narrow minded &^%$?*&? %$??>%$?'s who thinks he know it all.
Sorry my pc encypts expletives.
This was a clients user who just does security for them not the actual client, this buffoon is a contratcor aswell, you would think there was some mutual respect.
Same thing I see all the time in regards to wireless. EVERYBODY knows wireless and "Come on...it can't be that hard/in depth!" Like Kevin said...give him a CWNA book and tell him "once you have learned to crawl I'll give you the CWSP Mr Security BIGSHOT!"
Read..."script kiddies who are now a pentesters"...haha. I may have seen the three at DEFCON a time or two, in the hallway instead of the competition room since they didn't have the 3733t skilllz to compete. Haha.
I am thinking that CWSP might be a little to advanced for this creature. Lets go with CWTS.
My point exactly.
Humility is not the worse trait a consultant can acquire.
Arrogance or perceived arrogance might be.
where I work we assign the blame to:
the last guy to quit / retire / get fired
the lowest ranking member of another organization
or the consultants