The sweet taste of victory

[tuba-man.livejournal.com]

Oh man, after spending 2 days with wireshark and Dunkin' Donuts coffee, I have tasted the sweet thrill of victory.  There are very few things as satisfying as staring at a 2GB pile of SMTP packets and randomly trying out filters when suddenly things click and the lighthouse turns on, complete with angelic chior (all playing tubas, of course).

A user hears from his contacts that the From address is coming out garbled.  All users of this system use the same web interface, but this guy is the only one having difficulty.  He sends that off to the programmer/dba/site owner, who sends it off to me, his sysadmin.  I've never seen anything quite like it before in an email, so I fire up tcpdump and leave it there for a week.

The only thing I have to go off of is:
(  Return-path: =?iso-8859-1?B?PGV4YW1wbGVAY29vbHNpdGUuY29tOz4=?= )

How to be Ineffective

[cjkline83.livejournal.com]

1. Show up at a customer site at 9am where they complain their office computer is infected with viruses.
2. Begin diagnosing the issue on site, instead of taking the problem back to the office for a reload, thinking this will be faster in the long run (skip the commute of 30 minutes each way back and forth from site to office).
3. Without being requested to do so, switch to the server which runs the point-of-sale operations for the entire restaurant.
4. Notice that the server is screaming about blocking malicious activity to some ip address of a webserver trying to download malicious code.
5. Freak out, and assume server is infected, begin running a scan on said server.
6. Find 31 infections on server, remove them, even though you haven't obtained permission from the customer; think you are going above and beyond the call of duty and preventing further issues later for the customer.
7. Discover one of those infections is Vundo. Oh shit.
8. Determine, without testing things, that the server is fixed. Return your attention to the original call--the back office computer.
9. Back computer only has four infections, but runs like dog shit. Disconnect and bring back to the office anyway to perform reload and backup.
10. While on site, be bombarded with calls that your "child", the phone systems at both offices, is throwing a bitch fit and not routing incoming calls anywhere. All incoming calls sit on hold indefinitely. Freak out part two. Resolve most of the issues on site via remote access.
11. Stop at the house because you need to fix the other phone server at the other office.
12. Feeling victorious at resolving everyone's pending major issues, celebrate with a lunch-hour nap.
13. Fail to hear your phone ringing the entire hour you are napping.
14. Fail to check voicemail, miss important defcon 5 message that the site you were just at is down and has major issues.
15. Freak out part three.

Today has been a very crazy day, and I did it to myself. The whole idea to being a slave of a supervisor seems more inviting all the time. Apparently when left to my own devices, I will make catastrophic business decisions.