• LCrawford (unregistered)

    He went around and set everyone's DNS server to 192.168.1.0, the address they always used in school. It didn't help

    In part II, we learn that he set up a VPN to school in order to get a proper DNS setup after frist trying everything else locally.

  • Little Bobby Tables (unregistered)

    There was me thinking the problem was caused by the fact that he'd turned those two machines off that didn't seem to be doing anything.

  • Lorens (unregistered)

    I hope they didn't pay him too much... TRWTF is companies treating IT as a cost center to be minimized at all costs.

  • Ross (unregistered)

    ༼ つ ಥ_ಥ ༽つ

    please tell me he dies in Episode II

  • (nodebb)

    Okay, I give up. Why would he use French Telecom for his DNS server?

  • (nodebb)

    Unfortunately the reset email was sent to his predecessor's deactivated account.

    You are the admin. Reactivate it.

  • (nodebb)

    He dies in Episode II, right? Torn limb from limb by the ravening employess?

  • marcodave (unregistered) in reply to Little Bobby Tables

    There was me thinking the problem was caused by the fact that he'd turned those two machines off that didn't seem to be doing anything.

    Oh, I am pretty sure those will come back like a brick joke!

  • my name is missing (unregistered)

    At my last job they hired an admin after interviewing various people, he seemed to know something, but no one in the office knew anything about MS administration so it was hard to really know what. Once he started he spent 90% of his time on the phone with support for various MS and other systems badgering them to tell him what to do. After 6 weeks he was fired. My cube was right by his office so I worked all day with someone yelling at the phone.

  • Kashim (unregistered)

    "Totally legit technical Institute" I get that people expect there to be some holes in their education when they are just leaving school, but c'mon. Getting any kind of Admin degree without knowing more about DNS than "This is what worked at school."? I got a 2 year Sys-admin degree. Absolutely nobody who actually finished would make that kind of mistake. So... Not surprised he had to take ANY job, if he'd managed to miss basic stuff like DNS in school. Yikes. TRWTF isn't the system he's walking into, it's that the guy huge blanket changes to a generally working environment and broke everything, and didn't immediately get fired, and that they didn't hire a consulting firm to get someone for them who was actually qualified to do the job.

  • Little Bobby Tables (unregistered) in reply to Kashim

    I think that part of the problem was that they (or at least, most of them -- Ralph seems a bit more clued-up) didn't know enough to realise what a bad job this guy was doing in the first place.

  • Zenith (unregistered) in reply to Kashim

    He's walking into a system that's still dependent on Access97 and NT 4 in 2015 and your takeaway is that he shouldn't touch local DNS settings? I'm all for not fixing what isn't broken but the company clearly threw "Jesse" into rush hour traffic without much warning. TRWTF is the company not knowing what a clown Jesse's predecessor was and looking to cheap out on a replacement...or it would be if it weren't such a common state of affairs.

  • Mark (unregistered)

    Are you sure the DNS server in school was 192.168.1.0? Not maybe 192.168.1.1?

  • Boordum Ogrerish (unregistered) in reply to Ross

    LOL

  • siciac (unregistered) in reply to Zenith

    I'm all for not fixing what isn't broken but the company clearly threw "Jesse" into rush hour traffic without much warning.

    Quite a few times carrying a pager, I got pleas from support people who were lost in the sauce and getting the third degree from Super Important Clients, so I think that's fairly common.

  • siciac (unregistered) in reply to Kashim

    Absolutely nobody who actually finished would make that kind of mistake.

    ... if they were answering the question on a test after preparing for it all semester long, sure.

    But when they're a nervous kid at their first job and have angry customers demanding they fix things yesterday? They're going to jump for the first nugget of knowledge that pops into their head.

  • Just Me (unregistered)

    For my router, the "reset" button really resets to factory defaults - something that Jesse really wouldn't want to do. He wanted to disconnect the power cord, wait the requisite minute, then plug it back in. I would also have run an ipconfig /all on my laptop before messing with the router. The address 2.2.2.0 is publicly accessible (not to mention that 0 as the last octet is almost unheard of), so more red flags.

  • Decius (unregistered)

    Everyone knows that 127.0.0.1 is the best DNS server. Do it yourself!

  • John Adriaan (unregistered) in reply to Just Me

    "(not to mention that 0 as the last octet is almost unheard of)" I saw that with the DNS of 192.168.1.0 too - it should have been 192.168.1.1

  • WTFGuy (unregistered)

    The way I see it, the world will be better off with that company dead. The new guy may well hasten the day. We should be applauding, not jeering.

    TRWTF is that companies can convince themselves to operate the way that one was before they replaced the last admin. If they owned a delivery van that shook and smoked and ended up dead by the roadside every few days they'd do something. Ditto a flaky assembly line for their product. But somehow when it comes to IT assets they Just. Don't. Get. It.

    Far too many IT people, both good and bad, aid and abet this sorry state of affairs at great cost to their sanity.

  • Ook (unregistered)

    Poor guy. Thrown in at the deep end.

    But a great learning experience.

    Let's hope he get out of there before the mission-critical server with the dodgy RAID5 array falls over completely. :)

  • dus (unregistered) in reply to CoyneTheDup

    .... because it's his upstream DNS server? people do actually work and live in france

  • Alby (unregistered)

    Assuming the server is running RAID-anything... I'll bet it's just a cobbled together JBOD array. If he's lucky.

  • RLB (unregistered) in reply to dus

    Maybe, but 2.2.2.0 doesn't seem to be registered to anyone.

  • Tinkle (unregistered)

    @RLB

    2.0.0.0 - 2.15.255.255 is registered to Orange S.A. in France, as dus indicated.

    So Jesse went around and applied a change to every computer without checking if it worked on the first one. Jesse is a dangerous noob.

  • Tinkle (unregistered)

    Addendum:

    As 2.2.2.0 is a broadcast address it would be unlikely to make it past the router, so I do not know what would happen if this was used. Ulp!

  • (nodebb) in reply to Tinkle

    That's only true if the subnet mask is 255.255.254.0 or 255.255.255.X, but 2.2.2.0 is a class A address so could easily be on a larger subnet.

  • ax6 (unregistered) in reply to urkerab

    While the subnet comments are correct, remember that classes have been deprecated for at least a decade.

  • Mikko (unregistered) in reply to Just Me

    That was my first thought. I wouldn't trust a shop that's using Access 97 and NT 4.0 to have their router config saved in any sane way, and if it happened to be anything complicated, that factory reset could result in a very bad day indeed. I was surprised that "Ralph" was able to get things running again.

  • Free Bird (unregistered) in reply to Just Me

    Byte. Octet is a French word.

  • (nodebb) in reply to ax6

    CIDR was specified in 1993, so yes, at least a decade indeed. I'm professionally involved with ISP backbone routing, in particular routing protocols (IGP, BGP and so on) and can assure the readers of this forum that class-based routing is as dead as a dodo. Subnet masks are, unfortunately, not – for all I care they can disappear over night from all router UIs everywhere, I wouldn't miss them. They are only good as an implementation detail, and even then please why DECIMAL of all number systems?

    Anyway, I digress… because of CIDR, 2.2.2.0 is actually a valid host address in the hypothetical 2.2.0.0/22 or a larger network. Only the lowest and highest address in an IPv4 network are reserved as network and broadcast address, rsp.

    In practice, I have no idea whether a network of this size is actually used. I used the Deutsche Telekom BGP looking glass to get some information on this address (I'm currently accessing the Internet via DT), and it is contained in 2.2.0.0/16 – since BGP prefixes are often aggregated from smaller networks, that isn't saying a lot.

    sh ip bgp 2.2.2.0 BGP routing table entry for 2.2.0.0/16 Paths: (1 available, best #1, table Default-IP-Routing-Table) 5511 3215 194.25.7.203 from 194.25.5.8 (194.25.7.203) Origin incomplete, metric 1000, localpref 100, valid, internal, best Community: 3320:1276 3320:2010 3320:9020 64512:200 64900:36001 64900:36301 Originator: 194.25.7.203, Cluster list: 194.25.5.8 194.25.5.28 Last update: Fri May 11 07:00:27 2018

    Note that the looking glass is in DT's backbone AS3320 (AS = Autonomous System, it's basically a high level Internet routing and administration unit – a typical ISP has at least one and often a couple public AS numbers). AS5511 is OpenTransit Orange SA, which is Orange's backbone AS – as expected, DT's backbone is directly connected to that of Orange. AS3215 – the originator AS – is also owned by Orange SA. 2.2.2.0 is certainly a routable address for all that my provider cares – to Orange SA.

  • (nodebb) in reply to Tinkle

    No… 2.2.2.0 is not the broadcast address in any IPv4 network, because that's what the highest address in the network is used for broadcast. Either that or 255.255.255.255 for the theoretical all networks broadcast, which is in practice almost never forwarded across network boundaries for the obvious reason of possible intentional or accidental misuse. 2.2.2.0 is only – trivially – the highest address in 2.2.2.0/32, and a /32 is by definition an address, not a network. Also, DNS is unicast, usually UDP, to a lesser but growing extent TCP. By the way, IP broadcast is not used much but for e.g. DHCPv4. Even Zeroconf (or, as only Apple calls it, Bonjour) – mDNS in particular – and UPnP discovery use multicast instead. The difference is that multicast uses a subscriber model. So, basically, an unmanaged switch will stupidly forward a broadcast packet on all (but the incoming) ports, but will forward a multicast packet only on subscribed ports. You can imagine that the difference in network load can be very large especially if you have hundreds or thousands of hosts with relatively few subscribers, and/or a hierarchy of switches.

    The real WTF is of course that Jesse tried 192.168.1.0 because it worked at school. Again, it is only a valid host address in 192.168.0.0/22 or greater for the reasons I mentioned in my previous post. Possible but not very common (for once, the factory default on a small gateway is to use a /24). Personally, if I had to give telephone support to a desperate relative or acquaintance, I might tell them to try 192.168.178.1, just because this is the default private addy of AVM Fritz!Box gateways, which are very popular in Germany. Anything more is basically a wild guess anyway. Depending on the amount of desperation, might tell them to try 8.8.8.8 or the recent rival 9.9.9.9 instead, but of course these will not resolve company private names and in this setting are probably not too helpful.

    Addendum 2018-05-30 15:45: Should be 192.168.0.0/23, not /22…

Leave a comment on “The New Guy (Part I)”

Log In or post as a guest

Replying to comment #:

« Return to Article