- Feature Articles
-
CodeSOD
- Most Recent Articles
- What a More And
- Hall of Mirrors
- Magical Bytes
- Contact Us
- Plugin Acrobatics
- Recursive Search
- Objectified
- Secondary Waits
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Nope.
Admin
Ok: "please please could you open port 21 so our company does not go out of business and please please could you keep it open until forever?".
this article leaves me speedless.
Admin
In Clayton's defense, nothing is wrong with the FTP server, and he's just doing his job. There's something missing from this story. Did Clayton previously receive an explicit request to close port 21? Are the customers not supposed to access port 21 directly? Are the customers instead supposed to use a VPN of some kind?
Admin
Are they running a Linux firewall or here's TRWTF.
As a side note, for about two months I've been seeing how our tech provider tries to handle access to a web page (that already has an authentication system) by using an IP white list and every time someone's router reboots, a ticket is issued to add the IP.
Admin
Not sure I get it - security patches on the FTP server interfering with a separate firewall?
Admin
Admin
Sounds like normal for networking support.
Admin
Sounds like Clayton is overpaid. Perhaps he should be working elsewhere.
Admin
The problem is that he's not working to solve the problem. He just sits there ignoring the fact that he caused the problem. All he seems willing to do is follow direct commands from others, while he should be trying to add value to the company.
Admin
"Look, there's a Port 21 blocking the FTP" "Nope, Chuck Testa"
Admin
You're referring to the act of "popping open a console", noting that a firewall probably shouldn't have a GUI, perhaps the firewall is running on a different machine that's being SSHd into... but port 22 is blocked. The netadmin has blocked all but his own IP for ports 20-23... Sounds like an act of spite, rather than an act of ignorance.
Admin
... and then he would've realised he can be replaced by someone who's already at the workplace, shat brix and fixed the problem...
Admin
TRWTF is not running FTPSSL only (but perhaps this is from the early days of the Internet.
Admin
Perhaps the guru has aspergers and didn't grasp the meaning of John's comments?
Admin
Sounds too passive-aggressive for there not to be something else behind it:
Or... I wonder if maybe Clayton may have sent John an email waiting for approval of the patch in order to open the ports to the outside, and John just ignored it. That would be funny.
Admin
Using a self-signed certificate, no doubt.
Admin
Admin
I think it's likely a combination of A and B. Having worked with multiple Claytons in the, it's usually a case of having received contradictory orders in the past, getting blamed for a problem, and then learning to only do as told and nothing else.
Admin
having worked with multiple Claytons myself, its usually a case of them being socially inept, egotistical fuckwits.
Admin
But not because of a verbal request.
If things have progressed/decayed to this stage, only a work order coming from a work order management system will do...
Admin
Or, having worked with the wrong kind of John's myself...
(Shut up. You know what I mean,)
...perhaps the communication problem went the other way.
"Bill can't run SpankyMonkey(tm)." John announced, entering the lair of Clayton, the company's Network Guru (self titled). "Why can't his window come up with the shiny charts? He really needs those charts. Really."
"I have no idea what you are talking about. Is there a network problem?"
Then silence. Clayton didn't look up from his monitor. His slicked hair shone with the glow of a thousand server-rack blinks.
John waited, sure that there was a follow-up to that statement. His phone buzzed, then buzzed again. "Um-- I built a Visual Basic GUI to track his IP address" John prompted, "I'm pretty sure something's wrong. Bill really. Needs. Those. Charts. Did you break SpankyMonkey(tm)?"
"Nope. I haven't touched any client applications. Could you try to find out what the cause of the problem is?"
John's mind nearly segfaulted trying to parse the logic behind that statement.
"But Bill really needs those charts" John echoed back, seemingly to himself. "Did you do anything to SpankyMonkey(tm)?"
"Nope." Clayton answered, wondering when if ever John was going to get to the point.
Admin
...Or Clayton is autistic and really can't comprehend why everybody is upset.
Admin
Nah, that's the final step - when people start "forgetting" that they asked for things when the fecal matter starts flying. THEN you make everyone put it in writing.
Admin
I've worked with people like this and 99% are straight off the boat from china. Job protection and minimal competency is the MO of these idiots.
Admin
... Or his real name is Chong Wang Dong
Admin
Oh, the flashbacks.
To the day before yesterday.
Admin
Admin
I hope that the writers realize one day that all the unnecessary embellishments in these WTFs actually make the articles less enjoyable to read.
Admin
I realize that, but I get off on ruining your day. Specifically YOUR day, poster called "Sam I am". So it evens out.
Admin
I wonder if the advertisers feel the same way...
Admin
I get stuff from FTP all the time. We download from vendors.
There are three classes we deal with:
People that give us encrypted data. Sure people could steal credentials, but the data is encrypted, they can't do much with it.
People that give us unencrypted, not specific to us data. Government T-Bill data and the like.
People that are somewhat clueless, and give valuable data with no encryption.
You're assuming the last, but we have a lot of the upper two.
Captcha: persto... persto chnago!
Admin
Analagous to faulty unit tests. After the change, no one tested hitting the FTP from an external connection. Should have been in the change control documentation to test this.
Admin
Simple matter of using port 22 for the client. Why didn't John inform the client about this?
Admin
{checks my current offerings from AdSense}
23 AMAZING Ways To Ruin Sam I Am's day
You won't BELIEVE this ONE TRICK to ruin Sam I Am's day!!!!
Learn the day-ruining secret that Sam I Am doesn't want you to know about!!!!!
@@@ => Meet hot local singles who are horny for ruining Sam I Am's day <= @@@
Admin
Regular guru... some may know how to do (part of) their job, but always stupid and smug.
Admin
Has no one noticed that Clayton is such a poor admin that he doesn't know that ports 20-21 are assigned to FTP? He could have been pretending to be deliberately obtuse, but even the greenest admins should know the most commonly used service ports.
Admin
Hey, I have a problem with this light not turning on... Did you change it? ...Nope, I didn't change the light at all. Did you look at the cord?? ...Nope, I didn't change the light at all ...Continues... Please turn on the circuit breaker you turned off to service things! ...Well why didn't you ask about that in the first place!
Some people...
Admin
Admin
Security is more important than usability!!! If it can't be used, it can't be misued. There's nothing more secure.
Honestly, at some level, I think the folks in charge of IT where I work honestly believe it.
Admin
This kind of behavior cannot be blamed on Asperger's or any other kind of autism that would cause social ineptitude. This guy is just plain inept. He's the kind of self-taught hack who memorizes the right answers to pass a certification but has no real clue how it actually works.
Admin
Needs clue stick!
Admin
Admin
A few years ago, our new "Fumble Fingered Firewall F**kwit" (as named by one of the many affected server admins) decided to "improve" network security, by blocking all port 53 traffic except to/from "authorised" IP addresses. Of course, that would have been SOOO much less disruptive had his list of addresses included both of the central DNS servers for the whole university...
CAPTCHA: Yep, he looked a real IDEO after that move.
Admin
I don't see the problem. Clayton answered every question accurately and honestly and did as requested in a timely manner. I guess it could be a WTF that a network guru actually let a commoner into his office, but that's a little bit of a stretch.
Admin
Admin
Come on now, he's a "network guru". Why would you expect him to know anything past Layer 3?
Admin
The Engineer and the Manager
A man is flying in a hot air balloon and realizes he is lost. He reduces height and spots a man down below. He lowers the balloon further and shouts: "Excuse me, can you help me? I promised my friend I would meet him half an hour ago, but I don't know where I am."
The man below says: "Yes. You are in a hot air balloon, hovering approximately 30 feet above this field. You are between 40 and 42 degrees N. latitude, and between 58 and 60 degrees W. longitude."
"You must be an engineer," says the balloonist.
"I am," replies the man. "How did you know?"
"Well," says the balloonist, "everything you have told me is technically correct, but I have no idea what to make of your information, and the fact is I am still lost.
"The man below says, "You must be a manager."
"I am," replies the balloonist, "but how did you know?"
"Well," says the man, "you don't know where you are, or where you are going. You have made a promise which you have no idea how to keep, and you expect me to solve your problem. The fact is you are in the exact same position you were in before we met, but now it is somehow my fault."
Admin
And even if he doesn't know what the ports are used for, he should be able to draw the link between "I blocked outside access to some ports" and "outside customers can't access services".
Admin
Okay, there are multiple problems here:
There is someone so busy at an organization putting out little fires that they don't have time to actually think. That organization needs to hire more people.
There is no automation. The guy who is swamped should be finding ways to automate his job so that he has time to think clearly.
There is no accountability.
A security patch closed a port. That means it got closed for a reason. Then someone went and opened the port again without evaluating that reason.
Admin
You're making an assumption there. It could also be that the network guy closed the port because he didn't think it needed to be open - oblivious to the fact that it was used by an essential service.
It doesn't sound like this guy's big on cause-and-effect...