|
hihifellow posted:At an old job we used to manage firewalls for clients. Every so often a client would schedule a pen test (usually at like 3am) and not tell us, so we'd suddenly get flooded with alerts as the firewalls got the poo poo scanned out of them. Some of them were large enough that we'd get alerts in faster than we could delete them and the mail buffers would fill up and start rejecting incoming mail outright. Are you sure it just wasn't a port scan to check for open ports? Then they definitely should have scheduled it with you. But pen-test shouldn't be known outside of the executive sponsor (typically the CIO/CISO/CEO) and the pen-test team or you defeat the entire purpose. In fact the pen-test team should be at the very least a separate from the security ops and engineering teams, if not an external firm entirely. And anyone who port fucks your external interfaces like that is not a pen-test team I would trust to give an accurate report.
|
# ? Oct 21, 2016 18:39 |
|
|
# ? May 30, 2024 17:07 |
|
Filthy Lucre posted:Absolutely. Alternately they know they're useless, but these meetings and the *Big New Changes* they're talking about are the only accomplishments they can really claim to be a part of. So they prolong that as long as humanly possible in order to be *Seen Doing Something*.
|
# ? Oct 21, 2016 18:40 |
|
Just talked to my att rep. My ticket hasn't had any resolution today because "sigh...Russia." OK then.
|
# ? Oct 21, 2016 21:13 |
|
Bigass Moth posted:Just talked to my att rep. My ticket hasn't had any resolution today because "sigh...Russia." I would've used solar flares but that's just me
|
# ? Oct 21, 2016 22:30 |
|
Excuse of the day is "Dyn". "oh yeah your network share is lagging because of Dyn, did you see the news?" "yep I can't create that account for you today, Dyn's problems are slowing everything down."
|
# ? Oct 21, 2016 22:37 |
|
xzzy posted:Excuse of the day is "Dyn". Knowing my team, that'll be the excuse for the next month. "Remember when Dyn was down? Ya, probably still happening."
|
# ? Oct 21, 2016 22:49 |
|
Chip Creep
|
# ? Oct 21, 2016 23:39 |
|
Yay! networking finally managed to fix the blocked port...by opening all the ports. After an hour of going "okay, try it now." "nope". Networking says they've got it figured out now after seeing the traffic, so hopefully I won't walk in on Monday and see that the connection was lost again. I will be optimistic, but I'm not placing any bets or holding my breath.
|
# ? Oct 21, 2016 23:53 |
|
We've been having some intermittent VPN outages to the datacenter that hosts our financial software. Most of the time they're short, and either no-one notices, or they just deal with it and don't complain. I've tried reaching out to the team that manages that VPN, and they keep coming back with "Nothings wrong on our end, check your bandwidth usage" gently caress you guys, if it was a bandwidth issue I wouldn't have reached out to you in the first place.
|
# ? Oct 22, 2016 01:06 |
|
Daylen Drazzi posted:Yay! networking finally managed to fix the blocked port...by opening all the ports. After an hour of going "okay, try it now." "nope". Networking says they've got it figured out now after seeing the traffic, so hopefully I won't walk in on Monday and see that the connection was lost again. I will be optimistic, but I'm not placing any bets or holding my breath. Wat. You gave them the all the ports you needed open right? And they still had to open them all to figure it out? Reminds of this exchange with our CCIE (who was *not* allowed to touch the Enterprise routers) and the CSC "networking engineer" that managed our enterprise network. I managed to be on this magical conference call. OK, so I have opened the port you requested. It should work. Hmm... nope it's not working Sir, there must be something wrong with your application settings ... hold on... Sir, I have completed the change so I am going... HOLD ON Wait, when I telnet to the port, I should definitely be getting some kind of response... (in a condescending voice) Sir, telnet is blocked on your network Since we had been trying to get this poo poo to work for hours and this had been escalated three times until we got THE "senior network engineer", our guy went absolutely nuclear.
|
# ? Oct 22, 2016 01:33 |
|
I was told to be ready at 7am this morning to support some vendors getting connected to our network. In the past, they've called right at 7am if someone has a machine that isn't connecting, or they need help. So far I haven't been called this morning, and the switch they are supposed to use isn't even online. So I got up early for nothing.
|
# ? Oct 22, 2016 14:55 |
|
Nice early start to the weekend to sit at home, make a coffee and get paid for it and not really eat up any of the time you'd usually have on a Saturday. It could be worse.
|
# ? Oct 22, 2016 16:41 |
|
Unless he's not paid by the hour.
|
# ? Oct 23, 2016 00:57 |
|
Methylethylaldehyde posted:Alternately they know they're useless, but these meetings and the *Big New Changes* they're talking about are the only accomplishments they can really claim to be a part of. So they prolong that as long as humanly possible in order to be *Seen Doing Something*. I think what it may be, is that everyone who's attending wants a stake - which is good. None of them want to accept the result if it isn't what they want so they'll all be in it to the end, until someone wakes up.
|
# ? Oct 24, 2016 02:53 |
|
Bigass Moth posted:Unless he's not paid by the hour. Thankfully I am, didn't need to stay remoted into work for very long though, so all it did was get my rear end moving earlier then planned.
|
# ? Oct 24, 2016 06:09 |
|
Partycat posted:I think what it may be, is that everyone who's attending wants a stake - which is good. None of them want to accept the result if it isn't what they want so they'll all be in it to the end, until someone wakes up. This reads like something a markov bot came up with.
|
# ? Oct 24, 2016 09:49 |
Someone got the brilliant idea to stuff an important training video into a PDF file. Which of course requires Acrobat Reader DC and Flash to play. There are dozens of good, standardized, and well-supported ways to package video. Of course they chose one of the worst and least obvious ways to do it instead.
|
|
# ? Oct 24, 2016 11:37 |
|
How the gently caress is 1. Try thing, get a failure 2. Check logs 3. Chase down errors in logs until issue is resolved Such an alien concept to people? We have guys trying to diagnose an inbound mail delivery issue and checking the logs seems like a totally foreign concept that they haven't got to yet.
|
# ? Oct 24, 2016 12:03 |
|
Thanks Ants posted:How the gently caress is So what steps are they taking then?
|
# ? Oct 24, 2016 13:38 |
|
PBS posted:So what steps are they taking then? If I were a betting man, it probably goes something like this: 1 - Change random setting 2 - Did it work? 3 - Goto 1 ad infinitum, until the "fixes" they've tried have hosed things up even worse, because they never change things back and don't keep track of what they did.
|
# ? Oct 24, 2016 13:40 |
|
The above, and a bit of staring at it and testing again.
|
# ? Oct 24, 2016 13:51 |
That's because people who are bad at this kind of stuff stop as soon as something's working. I cannot fathom how some people are so incurious and unable to properly diagnose and solve an issue, but I see it every flipping day. There are two parts: figure out what went wrong and then correct it. Restarting a server and calling it a day because it 'started working again' isn't a loving solution! It ignores the problem.
|
|
# ? Oct 24, 2016 14:10 |
|
At&t rep updated the ticket saying they left me a voicemail. No voicemails or missed calls to any of my provided numbers. Coil.
|
# ? Oct 24, 2016 14:12 |
|
milk milk lemonade posted:That's because people who are bad at this kind of stuff stop as soon as something's working. I cannot fathom how some people are so incurious and unable to properly diagnose and solve an issue, but I see it every flipping day. There are two parts: figure out what went wrong and then correct it. Restarting a server and calling it a day because it 'started working again' isn't a loving solution! It ignores the problem. Although I could agree on the folks who never investigate, I also can't be assed to investigate every random issue that comes up in my environment. Rightfax server not doing X? Does restarting services fix it? Fine, lets reboot it and see if it works. It works? Cool, moving on. I am not digging through logs or calling support unless its recurring. I am not going to go to the loving event log for everything that sneezes at me. Too much , too often the logging of the issue doesn't exist or is too vague to help. Is the problem popping up often? Sure, lets figure this out.
|
# ? Oct 24, 2016 14:23 |
|
That's why you use some kind of log aggregator (such as splunk, but I'm not endorsing that as the best solution) or a well configured monitoring tool that keeps an event history. When you can bring up a web page, type in a host name, and see that a bad thing happens every Sunday at 2am, it really takes the pain out of it. Of course 9 times of 10 it turns out to be lovely firmware or old code and the device left support 5 years ago and no one wants to buy a new one, but at least you can point your finger at it.
|
# ? Oct 24, 2016 14:40 |
|
COMPUTERS ARE MAGIC YOU ARE MAGICIAN DO YOUR MAGIC Exec calls. "Help! I just typed in this whole page of information and when I hit 'send' it gave me an error! I have to re-type it all! Bring it back!" Remote in, they're on some vendor website which is using some sort of web form straight out of 2002. Click the 'Go back' button on the error page. Takes you back to re-start entering the data in the form. Click back in the browser to get back to the page they were on. Get some message about wanting to re-send the page. Sorry, can't help you. "BUT THE DATA IS THERE SOMEWHERE OOHHH NOOO MAKE IT COME BACK YOU KNOW YOU CAN"
|
# ? Oct 24, 2016 14:50 |
|
Pine Scented posted:This reads like something a markov bot came up with. Well, the meetings have gone to my head let me try again. This meeting is attended by technical representatives from different groups, with the goal to discover and procure the best product to do something. Each of these groups has their own priorities they want to have included. None of them actually have to commit to or use the item we all choose. But, to save face, you have to make sure your requirements are constantly being pushed, so you can blame the group when it doesn't do what you want and you take your ball and leave. So you basically get to a point where everything needs to happen, we're not sure how to do any of these things, and we must debate how the best way to do anything will be without actually figuring out if we should.
|
# ? Oct 24, 2016 14:55 |
|
Bob Morales posted:COMPUTERS ARE MAGIC YOU ARE MAGICIAN DO YOUR MAGIC At this point I blame the vendor. Their web page does not allow the retrieval of information. You will have to re enter it. You may submit a complaint to their customer support though! I've never been asked to do it, and not even sure they bother sending a message. Most people that type in long forms are in the habit of copy pasting to a word doc which I recommended when one loved to crash and we had to submit stuff monthly. It had a long box part that took several minutes to type. I see this method of "saving" used for even simple things with name address ect that chrome autofill could do and would be quicker to just type than copy paste.
|
# ? Oct 24, 2016 15:46 |
|
If its cached, make a hosts entry and log what it posts. You'll be a hero forever.
|
# ? Oct 24, 2016 15:52 |
|
Bob Morales posted:COMPUTERS ARE MAGIC YOU ARE MAGICIAN DO YOUR MAGIC So he's asking for a keylogger to be installed on his computer, right?
|
# ? Oct 24, 2016 15:57 |
|
Once or twice in my time I have cat'd /proc/kcore into a file to try and recover some unsaved text from a crashed editor. Probably couldn't do it these days with all the memory we stuff into our computers but back when we all were under 1gb? It actually worked.
|
# ? Oct 24, 2016 15:59 |
|
Bigass Moth posted:At&t rep updated the ticket saying they left me a voicemail. No voicemails or missed calls to any of my provided numbers. Coil. My MSP pulled that a few weeks ago and completely hung me out to dry. Bastards.
|
# ? Oct 24, 2016 16:02 |
|
SEKCobra posted:If its cached, make a hosts entry and log what it posts. You'll be a hero forever. If it were some swordfish level poo poo where John Travolta held a gun to my head while I was getting a blowjob and had to find the old data I'd hit up the Firewall and maybe dig into the browser history but
|
# ? Oct 24, 2016 16:08 |
|
flosofl posted:If I were a betting man, it probably goes something like this: I have a co-worker that does this, he just got moved onto our team, I'm going to beat this habit out of him somehow; physical, mental, or spiritual beatings, something will fix him.
|
# ? Oct 24, 2016 16:50 |
|
Bob Morales posted:If it were some swordfish level poo poo where John Travolta held a gun to my head while I was getting a blowjob and had to find the old data I'd hit up the Firewall and maybe dig into the browser history but "I know a place, it's kinda off the books but they'll get it back for you" Then cash the check.
|
# ? Oct 24, 2016 17:35 |
|
Earlier this morning the primary ISP serving our "datacenter" (small closet, lolol) had their main and only trunk line coming into town severed. While we do have a emergency backup connection, it is Frontier DSL at 3/768.... Our users are having one hell of a day trying to squeeze everything through 768Kbps connection! I've had to restrict our stores to running only a handful of registers to keep from saturating the connection. Several cellphone providers also apparently also share this trunk line, so basically the entire town is cutoff.. Only landline phones and Frontier DSL is working. Cellphones through both Verizon and Sprint, internet (though said ISP) and cable TV is out entirely. The ISP told me they have to replace some half mile of fiber due to the damage, and it doesn't help that it is along the side of a steep hill.
|
# ? Oct 24, 2016 19:16 |
A half mile?? Enjoy your vacation I guess.
|
|
# ? Oct 24, 2016 19:32 |
|
Got line of sight to anywhere with a working connection?
|
# ? Oct 24, 2016 19:44 |
|
Need a bunch of systems for a test build we're doing. Desktop support tells me we have 8 dell 9020s available, and I haul them to my workbench to start loading linux and docker and all that dev poo poo they need. Power the first one on, beep beep beep. Open the case, no memory or HDD. They had all been stripped, no one knows where the memory or SSDs went.
|
# ? Oct 24, 2016 19:52 |
|
|
# ? May 30, 2024 17:07 |
|
Wibla posted:Got line of sight to anywhere with a working connection? Our setup is a bit odd.. Our main servers are actually located at one of our branch locations, due to said location having the best connectivity at the time everything was installed. Our corp. office is in a entirely different town and thus unaffected. Except for when it comes to accessing our main ERP/EDI application over Remote Desktop which is running on the servers now stuck behind 3/768kbps DSL... The area of the state we are in is chronically underserved (as are large parts of the US) It's either the local ISP's fiber, or Frontier ADSL1 at 3/768 operating on ancient legacy GTE Telco equipment. I'm glad I didn't bring in Verizon's 4G for backup... Seeing as the local tower uses the currently dead in the water ISP as their backhaul!
|
# ? Oct 24, 2016 20:03 |