Network admin gold



  • I've had a few interesting anecdotes about some of the network administrators i've had to deal with over the years and figured they were worthy of a sidebar post.  As a programmer i find that your clients network admin can either be your greatest ally at the company or a complete pain in the ass.  You know the ones i mean, they have a couple of microsoft certificates and think they know everything about computers but actually know nothing.

    A project i was working on a year or so back was porting a large risk management system from a php/mysql on linux to sql server .net application(much more enterprisey).  Anyway we needed a dump of the mysql database in order to import some of the old data into sql server.  Knowing that the network admin guy was a windows boy i sent him an email with intructions on how to use mysql dump ie. mysqldump -u<database username> -p <database name> > somefile.sql (that's just off the top of my head and may not be the exact syntax but you get the idea)

    So we wait for a week and a few emails go back and forth etc. and finally they ask if i can come in and do it, so we charge crazily high consulting rates and i go in to do it.  I putty into the linuxbox and as you do the first thing i do is press up to see the previous command he has just pasted in the exact line from my email, i keep pressing up and realise he's tries doing it about twenty times without realising you might need to replace  <database username> with an actual database user and <database name> with the actual name of the database.  I mean seriously this guy calls himself a network admin and he can't work that out!!!11!1!!

    Anyway i do the dump into a file and then he hits me with the fulll force of his incompetence.  He says that there is no way to get the file off the computer because it's a linux file and we are on a windows machine!!!1!1!  At that point my jaw just dropped, this guy didn't even understand what a file was, he thought because it was on a linux machine there was no way it could be moved to or used by a windows machine.  I installed winscp copied the file and burnt it to a dvd and totally blew his mind in the process.

    A few months later we had another issue with the same guy, it was the classic works on the developement server but not on live server issue.  We don't have access to the live server and can't debug on it but he insisted fervently(in emails CCed to all the senior managers that the boxes were set up exactly the same).  I eventually tracked the problem down to the fact that he had serving to localhost turned off on the live server.  When we asked him to turn it back on he said he couldn't because browsing on local host was a security risk?!!?!!  When i asked him why he just sat there and mumbled some complete bs about windows users and permissions.  He kept insisting that he would not turn it on for security reasons and that we would need to rewrite + retest that part of the application.  We gave them a quote for the change and the senior managers ended up telling him to turn it on.  Maybe i'm missing something here but i can't think of any circumstance where serving a page on localhost would constitute a security risk, i mean if some 1337 haX0r has localhost access there's more serious things to worry about than him looking at pages on the webserver?

    Wow that totally turned into a massive rant, sorry about the length.  Maybe i'll put some of the other ones into another post.
     



  • The only situation that I can think of where localhost might maybe be a security risk is if your (non web) application would use some exotic stateless UDP based protocol to communicate and THEN blindly accept packets coming from "localhost" as admin commands. But that seems a pretty unlikely setup to me...



  • @PSWorx said:

    The only situation that I can think of where localhost might maybe be a security risk is if your (non web) application would use some exotic stateless UDP based protocol to communicate and THEN blindly accept packets coming from "localhost" as admin commands. But that seems a pretty unlikely setup to me...
    If that were the case, how would turning off "serving to localhost" on the webserver make any difference?



  • @GettinSadda said:

    @PSWorx said:
    The only situation that I can think of where localhost might maybe be a security risk is if your (non web) application would use some exotic stateless UDP based protocol to communicate and THEN blindly accept packets coming from "localhost" as admin commands. But that seems a pretty unlikely setup to me...
    If that were the case, how would turning off "serving to localhost" on the webserver make any difference?

     

    maybe the server is also an public accessible workstation and has something like this in his main page:


    <? if($_SERVER['REMOTE_ADDR']=="127.0.0.1") $isAdmin=true; ?>

    and when the admin wants to change something, he just goes to the server and turn localhost serving on?

     

    Sick...

    Oo 



  • @element[0] said:

    [ ... snip! ... ] i sent him an
    email with intructions on how to use mysql dump ie. mysqldump
    -u<database username> -p <database name> > somefile.sql
    (that's just off the top of my head and may not be the exact syntax but
    you get the idea)

    So we wait for a week and a few emails go back and forth etc. and finally they ask if i can come in and do it, so we charge crazily high consulting rates and i go in to do it.  I putty into the linuxbox and as you do the first thing i do is press up to see the previous command he has just pasted in the exact line from my email, i keep pressing up and realise he's tries doing it about twenty times without realising you might need to replace  <database username> with an actual database user and <database name> with the actual name of the database.  I mean seriously this guy calls himself a network admin and he can't work that out!!!11!1!!

    [ ... snip! ... ]

     

      Dude, no waaaay!  I just met that same guy on the cygwin list the other day!  Srikanth, right? It's a small world!

    See http://cygwin.com/ml/cygwin/2007-04/msg00448.html:-

     


    bash error

    <!--X-Subject-Header-End--> <!--X-Head-of-Message-->
    • From: srikanth4403 <srikanth4403 at gmail dot com>
    • To: cygwin at cygwin dot com
    • Date: Mon, 16 Apr 2007 00:39:55 -0700 (PDT)
    • Subject: bash error
    <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin-->
    <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message-->
    hi all,

    i am trying to take backup of oracle tables by using exp command but when i
    am entering the command it is giving a error as below
    bash: syntax error near unexpected token `('

    So kindly someone tell me how to rectify this and proceed for the normal
    export.

    The original command what iam typing is

    exp username/password@sid file=filename.dmp log=filename.log tables=(all
    table names separated by comma) indexes=n grants=n direct=true
    --
    View this message in context: http://www.nabble.com/bash-error-tf3582836.html#a10011526
    Sent from the Cygwin Users mailing list archive at Nabble.com.


    --
    Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
    Problem reports: http://cygwin.com/problems.html
    Documentation: http://cygwin.com/docs.html
    FAQ: http://cygwin.com/faq/

     




  • Nice.  We should all really take possible example options into account when writing a program.



  • @DaveK said:

    @element[0] said:
    [ ... snip! ... ] i sent him an
    email with intructions on how to use mysql dump ie. mysqldump
    -u<database username> -p <database name> > somefile.sql
    (that's just off the top of my head and may not be the exact syntax but
    you get the idea)

    So we wait for a week and a few emails go back and forth etc. and finally they ask if i can come in and do it, so we charge crazily high consulting rates and i go in to do it.  I putty into the linuxbox and as you do the first thing i do is press up to see the previous command he has just pasted in the exact line from my email, i keep pressing up and realise he's tries doing it about twenty times without realising you might need to replace  <database username> with an actual database user and <database name> with the actual name of the database.  I mean seriously this guy calls himself a network admin and he can't work that out!!!11!1!!

    [ ... snip! ... ]

     

      Dude, no waaaay!  I just met that same guy on the cygwin list the other day!  Srikanth, right? It's a small world!

    See http://cygwin.com/ml/cygwin/2007-04/msg00448.html:-

     


    bash error

    <!--X-Subject-Header-End--> <!--X-Head-of-Message-->
    • From: srikanth4403 <srikanth4403 at gmail dot com>
    • To: cygwin at cygwin dot com
    • Date: Mon, 16 Apr 2007 00:39:55 -0700 (PDT)
    • Subject: bash error
    <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin-->
    <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message-->
    hi all,

    i am trying to take backup of oracle tables by using exp command but when i
    am entering the command it is giving a error as below
    bash: syntax error near unexpected token `('

    So kindly someone tell me how to rectify this and proceed for the normal
    export.

    The original command what iam typing is

    exp username/password@sid file=filename.dmp log=filename.log tables=(all
    table names separated by comma) indexes=n grants=n direct=true
    --
    View this message in context: http://www.nabble.com/bash-error-tf3582836.html#a10011526
    Sent from the Cygwin Users mailing list archive at Nabble.com.


    --
    Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
    Problem reports: http://cygwin.com/problems.html
    Documentation: http://cygwin.com/docs.html
    FAQ: http://cygwin.com/faq/

     

     


     

    This is good, but this response is even better (http://cygwin.com/ml/cygwin/2007-04/msg00558.html):

     

    @raj8646 said:
    If not already solved try to escape brackets

    e.g

    exp username/password@sid file=filename.dmp log=filename.log tables\=\(all
    table names separated by comma\) indexes=n grants=n direct=true
     I find it amusing because this person knows enough to think about escaping brackets but not enough to read what the command that the person is actually putting in.
     

     



  • How about in a Terminal Server environment where users are logged in.  I'm not defnding this guy or anything.  He lost my respect when with a certification he can't figgure out the <Required Clause> [Optional Clause] command syntax.  Honestly, I wonder what this guy did the first time he tried to experiment with the netsh command.



  • @ssprencel said:

    How about in a Terminal Server environment where users are logged in.  I'm not defnding this guy or anything.  He lost my respect when with a certification he can't figgure out the <Required Clause> [Optional Clause] command syntax.  Honestly, I wonder what this guy did the first time he tried to experiment with the netsh command.

    Don't post while drunk, dude. 



  • >.<


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.