Anyone here work for IT? Whats the most retarded thing you have ever heard from a ticket or situation? ill go first:>manager reports 100+ users report that they no longer have access to a banking software>OHFUCK>scramble to see whats going on, get engineering involved, call vendors etc>jump the gun super hard because managing directors and VPs want answers due to monetary exposure>panicking due to scope of impact>"hey anon did you check thier login status yet?">i checked they're provisioned for it yes>"no i mean if they're password locked">mfw those 100+ people had not logged into that application in 14 days>turns out their managers never check in on thier people>solve with a password reset
>>106559035It's hard to pick one... I'll try with this>work as an IT manager for a gamedev company, just chilling>do some odd IT jobs on the side for people I know from previous business and people to whom I got recommended>one such business is a mid-sized logistics company, friend from previous work just became a CTO there>"anon come check this place out, I need to evaluate the IT here">arrive, the shit I saw would take a week to describe in detail>50yo IT fatty sits there, been running the place for 15 years>passwords written in a large notebook in his office>their ISP 1Gbit uplink leads to 100Mbit switch - from there, 1 link leads to a Kerio firewall of the company, another link leads to a Cisco firewall of another company and has a desktop behind it>"what the fuck is that?!">"yeah anon, thats a router and a PC of a business partner - they needed an FTP where we would upload them documents, so you see, its got two NICs, one goes to the Cisco, another to one of internal switches of our company">speechless, ask him about VLANs>"yeah we got two subnets">"you what?">as he said, no VLANs, only two /24 subnets on the 192.168.x.x range>he started with one, ran out of IPs so he created another one, but since the devices didnt see each other (he couldnt figure out the routing), every device had two IPs assigned, one from each subnet>rogue DHCPs out the wazoo>NVRs I wouldnt use for a pig pen>APs he had no access to because some supplier configured them>no backups of anything>DNATs directly into servers (RDP, SSH) with zero filtration because "the developer doesnt like to use a VPN" >motherfucker spent 90% of his time playing browser games for boomers>I've seen enough, tell my friend the IT is fucked, needs complete overhaul, the old fatty needs to go, investment will be massive>"fuck, thats bad anon... well, thanks, the company currently doesnt have enough money, but I will let you know"Part 1
>>106559388>months go by, fatty gets the boot, I appear a few times to upgrade minor things but the infra is still utterly fucked, keep telling my friend, he says there isnt enough money to do any major upgrades>"good luck with this fucking time bomb then, at least close the DNATs and get some firewall rules and backups">a bit more time goes on, guy fresh outta high school is hired there but mostly just to install PCs>one shitty morning at 6AM a phone call from my friend>"anon, we're fucked, we got ransomwared, the entire company, I need your help""well its too fucking late now, but sure, I will get there">arrive, fallofrome.jpg>do the usual stuff, disconnect everything, shut down everything, start assessing damage and looking for source>remember the DNATs they kept open because the developer (some 65yo faggot) couldnt be bothered with VPN? not only his login to the RDP got brute-forced because he had some toddler password - this bastard had a domain admin on that account because historically he couldnt see some share, so they gave him domain admin (sure, why not) >long story short, most data was fucked, but something was salvaged. As an outcome, the cheap cunts at least bought a Fortigate and agreed to a gradual rework of the infrastructure>that was still fucking awful, they constantly cut back the IT budget, all switches (about 60 of them) were Mikrotik - nothing more expensive would fit the budget>actually worked there full time for about 9 months before I couldnt bear it anymore>one day, faggot CFO essentially decided that from now on, no more mid-range Latitudes - "we'll be buying $500 Acers" >"yeah, I'm good, get someone else to deploy those"The fuckery I witnessed there was otherworldly
>>106559560>>106559388not all companies are google anonsmall companies dgaf about security and nor should theywhy should you invest tons of money in it for no benefit?you can just restore from backup and keep going if shit gets fucked
>>106559035>coworker thought her keyboard was broken when window lost focus
Sadly I'm a service tech so I'm constantly dealing with Indian support.Had a 20 minute ticket turn into 5 hours because I couldn't get a straight answer about moving some AP connections, turns out the APs werent receiving enough power as the switches were only on one PSU.Eventually I told the fucks job wasn't going to get done despite the fact I could have replaced some patch cables to reach some other cabinets or reach the switches even lower down in the current cabinet but they did match the current cable color and I was reaching my 12th hour of working on tickets and driving across States.
