Wanted: one explanation.

[arinoch.livejournal.com]

What part of "Uninstall PC-Cillin so we can install the newer version, that'll fix your hibernation problem." gets roughly translated to let's close the program, try to hibernate, epicly fail at it, and then complain at me because it doesn't work? No freakin' dur. Now. I've fixed you. Go die in a fire.

Long time reader/commenter, first time poster...

[firon.livejournal.com]

I've been at this a long time, so it's getting to the point that I just can't see any of my users/calls as being *special* enough to post about. As I'm sure many of you can attest to, stupidity tends to become the rule, so it almost gets to the point where you have to celebrate the occasional spat of intelligence. But that's not what we're here for, is it? :-)

( Why re-invent the wheel? )

Update: Please understand that I'm not faulting the guy for wanting to use an alternate to Adobe Reader, just that when he tried and the program he used failed to work the form at all properly (drop down boxes not working, submit button not working etc) he *continued* to try to use his program to type overtop of the broken parts in order to complete the form rather than just downloading and using Adobe Reader (even if just for this form).

At least he was pleasant!

[emerald-embers.livejournal.com]

While I'm not offended in a way I suspect I probably should be, I can't help feeling there's something a little concerning about the fact that after helping a customer out by booking a replacement modem power pack when their old one was well and truly dead, after running the usual quick diagnostics (because all too often 'broken power pack' means 'not plugged in power pack' or 'on a line with a power cut power pack') I overhear the conversation as he hangs up;

"She was a lovely girl. Should have been a secretary!"

Pet peeve #347

[lihan161051.livejournal.com]

The slash character ('/') and the backslash character ('\') are not the same character, do completely different things in most syntax contexts, and cannot be used interchangeably. If you, the customer, hear me say one and read it back as the other, please do not get pissy with me when I start over just to make sure you got it right and don't take us off on yet another half-hour tangent .. that is all ..

Sometimes I think the IT support group needs a weed-out day

[alexanderc.livejournal.com]

My net connection has been sporadic at best for a while. Last time this happened one of the clueful IT's found the cuplrit as an e-Donkey user that was infected and his machine was banging away at the switch's IP address causing it to panic and reboot over and over. Now I'm getting a bunch of outages again and it's taking out my whole building. Clueful IT is no longer there (he got a better paying job elsewhere).

A note on the net config: our network has multiple VLANs. One VLAN is configured for all the wireless access points in the building. A second VLAN is the live traffic on any active ports. A third VLAN is a black-hole that can't go anywhere. A random machine plugged into the wall will drop into the black-hole until the machine is authenticated and registered with the system. At that point, the switch is reconfigured automagically and the port gets moved from the BH-VLAN to the live VLAN. The outages I'm seeing are knocking out all VLANs both my live wired VLAN and the wireless VLAN.

So I sent in a new ticket of outages complete with dates, times and durations for the outages. Every outage is almost precisely 2.5 minutes long. That looks suspiciously like a reboot and configuration reload (the switches are running VLANs). On my end of the wire, I've got a Linux box as a NAT/firewall and everything else I have here is hanging off that one machine with private IPs. No big deal, it's an "unsupported" configuration so if anything goes out inside the NAT, it's my problem. But anything leading up to that box is their problem and is supported.

Then this email exchange happens (very very poor English has already been corrected):

IT: "Hi, I just got assigned your ticket. I want to make sure your IP is w.x.y.z and MAC is foobarbaz. Are you using any routers, hubs or switches? I am going to continuously ping your machine to watch for outages. What is the OS on the machine?"
Me: "Yes, that is my IP and MAC. I am using a Linux based router on the port. The other machines here are a mix of WinXP, Linux and Solaris. The machine isn't currently configured to allow pings. I'll have to reconfigure the firewall."
IT: "Ok, I can ping your machine fine. Do you have your Linux machine set up as a router? What is the IP? I don't see it registered on the system. If you are running a Linux server you might need to turn on keepalive. See if you're getting any erros on eth0."
Me: [thinking] o.O huh?

Yes, I already told you my Linux machine is my router, asking me again just tells me you're not reading. Why are you asking me the IP of my router when you just emailed me the IP of my router? How does that work? My head hurts.

Oh yeah, his official title lists him as "Network Support Specialist". His resume declares he's a "Network Engineer".

Security through idiocy

[trixtah.livejournal.com]

Just for a change, here's a post on utter stupidity that is not committed by the lusers.

In our network, we have two sides: let's call them "core" and "corporate". The Core side is not top-secret, but it does contain some critical systems which absolutely cannot be polluted from elsewhere, including the Corporate network. The networks are physically separated, except for a firewalled-up-to-the-wazoo DMZ that allows a few systems to pass data to the Corporate side.

On the Corporate side, we have a number of systems that crunch Core data, including one application that was having strange intermittent problems with corrupted data arriving from the Core side. The lead app developer came to me to have a chat about how to prove that the data that was traversing a particular router was causing the problem. The router apparently has a fault that means it can't process 100MB/full traffic, and the dev wanted to know of a tool that could show what was going on with the packets. Once that problem was identified, he'd lobby to have the router fixed so it could cope with the full load.

So, I started off discussing TCPDump, and how by comparing the packets on the Core side, and those received on the Corporate side, they could see how many packets are being dropped. The dev said that the missing data was really causing gyp with his app... and the word missing (as opposed to slow) hit my ear. So, I asked, are they using UDP to transmit this critical data that is supposed to be processed by the applications on the Corporate side that are part of our entire business management system (ie. scheduling the work that the Core side actually does), so accuracy is paramount? Oh, yes, says the dev, the Core admins only permit UDP traffic outbound, because TCP might cause "pollution problems".

Well, I think their concern about flood attacks coming from the Corporate network's potential malicious use of SYNs and ACKs is very ...diligent. Obviously the complexity of setting up stateful firewall inspection is a bit beyond them - and hell, if they're not processing the data, who cares about consistency or completeness? Anyway, I advised the dev to have a discussion with the application owner (one step down from the CEO) about the merits of "error correction" and "guaranteed delivery", and let him fight it out with the Core Gollums protecting their data Preciouses.