Overheard at the Office #47

A client is having trouble with a PC dropping off of the network randomly. I drive out and look over the PC. After cleaning off thousands of things with Malwarebytes (anti-virus is just a scam to take my money! claims the owner), we still don't see a drop.  Maybe the cleanup did it?

Then somebody prints something, and the power strip trips.  Everything but the PC in that cubicle goes off, including the only light in the cubicle, and the little switch under the desk that the PC is connected to.  See, it happened again!

You didn't notice that every time it happened, you were sitting in the dark?

Overheard at the Office #46

A client called in and reported that their Active Directory account was locked out.  They had no idea how, they hadn't tried logging in yet today.  So I unlock the account and stay on the phone while they verify that they can get in now.  I ask one more time about how it could have got locked, and then the user suddenly puts 2 and 2 together.  They were cleaning their keyboard out, and afterwards noticed that the computer was at the login screen when they were done.

The Small Client and Their 5 Routers

Keeping with the theme of the previous post about the client with their "redundant" servers, here's another amazing sight that I walked into. It's another small client with a part time IT guy. We're told immediately that he has a PhD in computer science. I'll give him credit for creativity, but I still have nightmares about fixing this.

The client was pretty cheap before we came on board, and they didn't want to spring for a business grade firewall or router. So our guy goes over to Bestbuy to pick up a Linksys. Problem is, they have a few servers on site that they want to make available to the Internet, and the Linksys could only handle one IP address on the WAN interface.

The solution?

• Buy two more Linksys routers. 
• Give all three unique IP addresses on the WAN side, and on the LAN side. 
• Statically assign everything, so all workstations are going out one router with NAT overload, the email server is going out one with a static NAT, and the webserver is going out the third, again with static NAT. 
• The asterisk box can be tied directly to the Internet, with a 4th public IP address.
• The 4th router was also sitting in the pile, using the 5th public IP address. He wouldn't tell us what that router was doing, but we found out soon enough that it was his unauthorized back door into the system.
• The 5th router was sitting in a file cabinet as a cold spare.

By the time 5 Linksys routers were purchased from Bestbuy, or wherever they came from, why couldn't they have just bought a decent firewall?

Small Client and Their "Redundant" Servers

I mentioned this client and their "redundant" servers in a previous post. Here's what they had. Their previous IT guy set up a pair of servers with ESXi. One hosting the live servers, one hosting the backup server for each of the live servers. Failover meant him running over from his 9 - 5 job at Ford as soon as he could, pulling the virtual Ethernet connection on the live server, and then connecting the virtual Ethernet connection on the redundant server and powering it up. And of course hoping that it connected to the .vmdk file correctly on the datastore. If this is the best that you're capable of setting up, I guess I get that. But what I don't get is why a company of 6 people needed 8 live servers and the corresponding 8 backup servers set up. There was a SAMBA server running an NT style domain, an LDAP server in addition to that doing the actual authentication, A file server, the Peachtree server, an engineering server (which I think was pretty much just another file server) and a couple others I don't recall now.