*client calls in*

Me: good morning, how can I help you?
Client: my ip is blocked, could you unblock it for me?
Me: certainly! What's your ip address? Then I'll have a look.
Client: I'm not giving you my ip?! That's too privacy sensitive.
Me: 😶
Me: 😶
Me: 😶
Me: sir, I'm very keen on my privacy myself but without that information I can't do much for you 😬
Client: ah so you're refusing to help me?
Me: not like that, it's just very hard to lift an ip block for me when I don't know the ip address.
Client: you just don't want to help, fine.

*click*

😶

Guy called in because he wanted to get an IP white listed on a server. He wasn't authorized so i told him to send an email from an authorized email address.

He didn't like that very much and asked if another engineer was available (he talked to him more often so he thought that engineer would just do it. We need those kind of requests by email.)

Walked over to my colleague and explained what that client asked for.
'let him send an email!'

Told him i ready told the client that but that the client wanted to talk to him instead.

'sure, connect him through and then come back so you can hear him after i ask him to mail us!'

Connected him through. Client explained the situation.

Then he says with the sweetest voice and a 'get rekt' face: 'could you send me an email about that? 😊'

Let's just say that the client sounded everything but happy xD

--- HTTP/3 is coming! And it won't use TCP! ---

A recent announcement reveals that HTTP - the protocol used by browsers to communicate with web servers - will get a major change in version 3!

Before, the HTTP protocols (version 1.0, 1.1 and 2.2) were all layered on top of TCP (Transmission Control Protocol).
TCP provides reliable, ordered, and error-checked delivery of data over an IP network.
It can handle hardware failures, timeouts, etc. and makes sure the data is received in the order it was transmitted in.
Also you can easily detect if any corruption during transmission has occurred.
All these features are necessary for a protocol such as HTTP, but TCP wasn't originally designed for HTTP!
It's a "one-size-fits-all" solution, suitable for *any* application that needs this kind of reliability.
TCP does a lot of round trips between the client and the server to make sure everybody receives their data. Especially if you're using SSL. This results in a high network latency.
So if we had a protocol which is basically designed for HTTP, it could help a lot at fixing all these problems.
This is the idea behind "QUIC", an experimental network protocol, originally created by Google, using UDP.

Now we all know how unreliable UDP is: You don't know if the data you sent was received nor does the receiver know if there is anything missing. Also, data is unordered, so if anything takes longer to send, it will most likely mix up with the other pieces of data. The only good part of UDP is its simplicity.
So why use this crappy thing for such an important protocol as HTTP?
Well, QUIC fixes all these problems UDP has, and provides the reliability of TCP but without introducing lots of round trips and a high latency! (How cool is that?)

The Internet Engineering Task Force (IETF) has been working (or is still working) on a standardized version of QUIC, although it's very different from Google's original proposal.
The IETF also wants to create a version of HTTP that uses QUIC, previously referred to as HTTP-over-QUIC. HTTP-over-QUIC isn't, however, HTTP/2 over QUIC.
It's a new, updated version of HTTP built for QUIC.

Now, the chairman of both the HTTP working group and the QUIC working group for IETF, Mark Nottingham, wanted to rename HTTP-over-QUIC to HTTP/3, and it seems like his proposal got accepted!
So version 3 of HTTP will have QUIC as an essential, integral feature, and we can expect that it no longer uses TCP as its network protocol.

We will see how it turns out in the end, but I'm sure we will have to wait a couple more years for HTTP/3, when it has been thoroughly tested and integrated.

Thank you for reading!

> Customer calls
Her: I have over 5k 404 request to [insertwebsite]/autodiscover/autodiscover.xml
Me: Sound like a missconfigured exchangeserver/client. Let me have a look.
> Takes a look and can confirm the IP and the owner of that IP
Me: It looks like someone/something from xxx.xxx.xxx.xxx is failing to resolve autodiscover.[insertdomain].com
and defaults to @ record on the zone. Do you happend to know to whom that IP belongs?
Her: No, and I dont care, just block it. I do not like the 404 that shows up on the summary.
Me: Alright
> Blocks the IP in the firewall.

>>> Fast forward to next day >>>

> Someone calls, it is the same girl
Her: I cant reach my website! Infact, I cant reach anything! WHYYYYYY!!!
> I remember, blocking that IP yesterday...
Me: Oh, can you please visist "minip.se" (whatismyip.com, swedish version) and tell me what you see?
Her: Yes, it is xxx.xxx.xxx.xxx
Me: Do you remember that IP that you request that I block yesterday?
> I can hear the shame coming from the phone.
> Turn out that her collegues did'nt have any mail delivered to them from the time I blocked their IP
> Her boss is really mad
> Atleast she had a cute voice

A client called today because their email wasn't arriving at the receipants inbox but bouncing back with a 'poor MTA rating' error.

Checked about every blacklist I know and our server was definitely not blacklisted. Must be the receipants host which for some reason was blacklisting his specific email address.

Told the client that it wasn't a problem on our side and that he had to request a whitelist himself (we'd do it but it wasn't a specific server problem so we're not going to spend time on that).

Fair enough, he'd do that.

Calls back. "Well, the other party says that your server definitely has a poor rating, it's on your side!!"

Alright, this is getting annoying. Gave him a few blacklist checking sites links and told him to run his domain AND our server IP through it. Indeed came back completely clean.

"But the other party said it's poor rating on your side so I'd think tha........"

YEAH WHY DON'T YOU SHOVE THAT OTHER PARTY UP YOUR FUCKING ASS. I'VE SHOWN YOU PROOF THAT IT'S DEFINITELY NOT ON OUR FUCKING SIDE, EXPLAINED IT TO YOU AND SO ON. MAYBE, FOR ONE FUCKING SECOND, TAKE INTO CONSIDERATION THAT THE OTHER PARTY IS FUCKING LYING?!?!?

FUCK OFF.

So I own a webshop together with a guy I met at one of my previous contract jobs. He said he had a great idea to sell product X because he can get them very cheap from another European country. Actually it is a great idea so we decided to work together on this: I do everything tech related, he does the non tech stuff.

Now we are more than 1 year in business. I setup a VPS, completely configured it, installed and setup the complete webshop, built 2 custom PrestaShop modules, built many customizations, built a completely new order proces (both front and back end), advertised quite some products, did some link building, ensured everything is in place to do proper SEO, wrote some content pages, did administration and tax declarations, rewrote a part of a PrestaShop component because it was so damn inefficient and horribly slow, and then some more. Much more.

He did customer relation management, supplier management and some ad words campaigns. Promised me many times to write the content for our product pages. This guy has an education in marketing but literally said: I'm not gonna invest in creating some marketing plan. I have no ambition in online marketing.

What?! You have the marketing knowledge and skills but refuse to use it to market our webshop and business? What the fuck is wrong with you?!

Today he says to me: 'Hey man, this is becoming an expensive hobby as we don't sell much and have lots of costs. I don't understand why I should be the one to write these content pages. Everything you did in the past 8 months can be done in less than 20 hours! You are a joke and just made it a big deal by spreading your work over so many months. I know for sure because I currently work at a company where I'm surrounded by front end devs! Are you fucking crazy?! You're a liar.'

He talks like this to me every 2 months or so while he can't even deliver the content for 1 single product in 6 fuckin' months! We even had to refund a few of our customers because Mr. client relations manager didn't respond to their e-mails within 1 fucking week!! So I asked him how could that have happened as you do the client relations and support. Well, he replied to me: 'Why didn't YOU respond to our clients? You don't log on in our back office at least once a day?!'.

Of course I do asshole. But YOU don't. He replied that I was lying just like I was lying about what I did for our business.

So, asshole, let's have a look at PrestaShops logs to see who's logging in daily. Well, you can probably guess who's IP was there in most of the entries. It wasn't his.

So, what the fuck have you been doing then?! You can't even manage to respond quickly to a client?!! We have maybe 50 clients and if we get 1 question a month by email it is already a lot. But you keep bitching, complaining and insulting me instead?!!!

Last time he literally admitted on a WhatsApp conversation that he had and still has the hope that he could just sit back and relax and watch me do ALL the work.

Well, guess what you fucking moron. That's not what we agreed upon. You fuckin' retard think you're so smart but you say EVERYTHING on WhatsApp! Including your promises to me. Thank you you fuckin' piece of dog shit because now I have hard evidence and will hand it over to my lawyer to make you pay every god damn cent for all the hours I've spent working on our business. Oh, and I'll take over the webshop and make it a success on my own because I know damn well how to get relevant traffic and thus customers.

You just go get yourself fucked in the ass without lubricant you fuckin' asshole. I have told you you shouldn't fuck with me because I take business very seriously. I even warned you when you were crossing a line again. Well, if you don't listen... You will pay for the consequences. I will be so damn happy to tell you 'I told you so' with a very very big smile on my face. That momemt WILL come, 'partner'.

Fuck you. You will be fucked. Count on that. Fucking asshole.

Experience that made me feel like a dev badass?

Users requested the ability to 'send' information from one application to another. Couple of our senior devs started out saying it would be impossible (there is no way to pass objects across a machine's memory boundary), then entertained the idea of utilizing the various messaging frameworks such as Microsoft's ServiceBus and RabbitMQ, but came up with a plan to use 2 WebAPI services (one messenger, one receiver) along with a homegrown messaging API (the clients would 'poll' the services looking for message) because ServiceBus, RabbitMQ, etc might not be able to scale to our needs. Their initial estimates were about 6 months development for the two services, hardware requirement for two servers, MSSQL server licenses, and padded an additional 6 months for client modifications. Very...very proud of their detailed planning.

I thought ...hmmm...I've done memory maps and created simple TCP/IP hosts that could send messages back and forth between other apps (non-UI), WPF couldn't be that much different.

In an afternoon, I came up with this (see attached), and showed the boss. Guess which solution we're going with.

The two devs are still kinda pissed at me. One still likes say as I walk in the room "our hero returns"....frack him.

A fanfic based on devRant-chan. The character was created by @caramelCase and a drawing by @ichijou.

This is freestyle. I'll think of an image of a scene and go with the flow. I won't remove my fingers from the keyboard and I won't edit or change anything. That's how I come up with my best ideas.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Notes:

B/N = Boss' name (I was too lazy to think of one.)

Anything in between astericks is in italics.
Ex.) *this is in italics.*

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It was an early January morning when devRant-chan was situated in her desk, typing away on her laptop. She was working on a Python script for her barbaric client when she could've been out with friends. Oddly enough, her Sunday was surged with tranquility.

Normally, Sunday is when her irksome boss barks orders at her on the phone.

"This is wrong!"

"What is this?"

"Change it!"

devRant-chan resented her boss but loved her job. After all, "you can't force yourself to like everyone," was something her elder brother would tell her.

She released a slight chuckle, the one she would only display at the thought of her brother.

Her musings were interrupted when a concerning thought crawled into her mind like an undesirable intruder.

Why hasn't her boss called to complain yet? It's not that she enjoyed his complaining, which she didn't. She simply found it odd, since he's done this every Sunday morning, since she was a junior developer.

Unless he found someone else to complain to? In that case, good riddance!

But still, it wasn't a euphoric feeling to be replaced. She was already accustomed to his Sunday morning calls that it feels almost lonely not to receive them.

She should call him... Just in case some situation—or—problem—has emerged.

She dialed his number, waiting patiently for a reply.

"Hello," said her boss.

"Ah, hello," said devRant-chan. "I called, wondering—"

"You've reached the voicemail of B/N, please leave a message after the beep."

"Damn..." mumbled devRant-chan with a sharp exhale. "I always fall for that."

Why didn't her boss answer the phone? It was odd of him, considering he's always answered her calls.

She was about to dial her coworker when she received an email, which stimulated her attention. The subject of the email read:

*Important. Please read.*

She opened the email. It was her boss. The email read:

*Hello.*

*In case you aren't aware, I had quit my job, due to the stress. I've left the manager in charge. Starting tomorrow, he will be your new boss.*

*-B/N*

Before she could rejoice in excitement, she detected a strange change of voice, emitting from the email. Did her boss really write this?

That's when she spotted something. The word "tomorrow."

Her boss didn't write this.

He would never use words such as "tomorrow," or "today." He would use time instead. If this was her boss, he would say "in 24 hours."

She checked the IP of the email. Oddly enough, it was her boss' IP.

Still, the pieces didn't fit the puzzle. Her boss didn't complain, answer her call, or use his style of speaking in the email.

Something happened to him and she knows it. Whatever it is, has something to do with the manager, and she was determined to figure it out.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This was just a quick random fanfic, and I'm not sure if I'll continue it. As I said, I didn't plan anything, since it's freestyle. I might or might not continue it, so I'll think it over.

Prologue
My dad has an acquaintance - let's call him Tom. Tom is an gynecologist, one of the best in Poznań, where I live. He's a great guy but absolutely can not into tech of any kind besides his iPhone and basic PC usage. For about a year now I've been doing small jobs for him - build a new PC for his office, fix printer, fix wifi, etc. He has made a big mistake few years ago by trusting a guy, let's call him Shitface, with crating him software for work. It's supposed to be pretty simple piece of code in which you can create and modify patient file, create prescription from drugs database and such things. This program is probably one of the worst pierces of code I've ever seen and Shitface should burn for that. Worse, this guy is pretentious asshole lacking even basic IT knowledge. His code is garbage and it's taking him few months to make small changes like text wrapping. But wait, there's more. Everything is hardcoded so every PC using this software must have installed user controls for which he doesn't have license and static IP address on network card.
Part 1
Tom asked me to build him a new PC that will be acting like a server for Shitface's program. He needs it in Kalisz (around 150 km from my place). I Agred (pun intended) and after Tom brought me his old computer I've bought parts and built a new one. I have also copied everything of value and everything took me around three hours.
Part 2
Everything was ready but Shitface's program. I didn't know much about it's configuration so when I've noticed that it's not working even on the old PC I got a bit worried. Nevertheless I started breaking everything I know about it and after next three hours I've got it somewhat working. Seeing that there's still some problems with database connection (from Windows' Event Viewer) I wrote quick SMS to Shitface asking what can be wrong. He replied that he won't be able to help me any way until Monday (day after deadline). I got pissed and very courteously asked him for source code because some of libraries used in this project has license that requires either purchase of commercial license or making code open source. He replied within few minutes that he'll be able to connect remotely within next 10 minutes. He was trying to make it work for the next hour but he succeeded. It was night before deadline so I wrapped everything up and went to bed thinking that it won't take me more than an hour to get this new PC up and running in the office. Boy was I wrong.
Also, curious about his code, I've checked source and he is using beautiful ponglish (mixed Polish and English) with mistakes he couldn't even bother to fix. For people from Poland, here's an example:
TerminarzeController.DeleteTerminarzShematyDlaLekarza
Part 3
So I drove to Kalisz and started working on making everything work. Almost everything was ready so after half an hour I was done. But I wanted to check twice if it's all good because driving so far second time would be a pain. So I started up Shitface's program, logged in, tried to open ANYTHING and... KABUM. UNHANDLED EXCEPTION. WTF. I checked trace and for fuck sake something was missing. Keep in mind that then I didn't know he's using some third party control for Windows Forms that needs to be installed on client PC. After next fifteen minutes of googling I've found a solution. I just had to install this third party software and everything will work. But... It had to be exactly this version and it was old. Very old. So old that producent already removed all traces of its existence from their web page and I couldn't find it anywhere. I tried installing never version and copying files from old PC but it didn't work. After few hours of searching for a solution I called Mr Shitface asking him for this control installation file. He told me that he has it but will be able to send it my way in the evening. Resigned I asked for this new PC to be left turned on and drove home. When he sent me necessary files I remotely installed them and everything started working correctly.
So, to sum it up. Searching for parts and building new PC, installing OS and all necessary software, updating everything and configuring it for Tom taste took me around what, 1/3 of time I spent on installing Mr Shitface's stupid program which Tom is not even happy with. Gotta say it was one of worst experiences I had in recent months. Hope I won't have to see this shit again.
Epilogue
Fortunately everything seems to work correctly. Tom hasn't called me yet with any problems. Mission accomplished. I wanna kill very specific someone. With. A. Spoon.

I starten when I was 12 years old. I got bullied and got interested in computers. One day I crashed my dads computer and he reinstalled it. After that my dad made two accounts. The regular user (my account) and the Administrator user (my dads account). He also changed the language from Dutch to English. Gladly I could still use the computer by looking at the icons :')

Everytime I needed something installed I had to ask my dad first (for games mostly because there was no cable internet at that time). Then I noticed the other user account while looking over my dads shoulders. So I tried to guess the password and found out the password was the same as the label next to the password field "password".

At that point my interest in hacking had grown. So when we finally got cable internet and my own computer (the old one) MSN Messenger came around. I installed lots of stuff like flooders etc. Nobody I knew could do this and people always said; he is a hacker. Although it is not.

I learned about IP-address because we sometimes had trouble with the internet. So when my dad wasn't home he said to me. Click on this (command prompt) and type in; ipcondig /all. If you don't see an IP-address you should type in; ipconfig /renew.

Thats when I learned that every computer has a unique address and I started fooling around with hacking tools I found on internet (like; Subseven).

When I got older I had a new friend and fooled around with the hacking tools on his computer. Untill one day I went by my friend and he said; my neighbor just bought my old computer. The best part was that he didn't reinstall it. So we asked him to give us the "weird code on the website" his IP-Address and Subseven connected. It was awesome :'). (Windows firewall was not around back then and routers weren't as popular or needed)

At home I started looking up more hacking stuff and found a guide. I still remember it was a white page with only black letters like a text file. It said sometime like; To be a hacker you first need to understand programming. The website recommended Visual Basic 6 for beginners. I asked my parents to buy me a book about it and I started reading in the holliday.

It was hard for me but I really wanted to hack MSN accounts. When I got older I just played around and copy -> pasted code. I made my own MSN flooders and I noticed hacking isn't easy.

I kept programming and learned and learned. When I was 16/17 I started an education in programming. We learned C# and OOP (altho I hated OOP at first). I build my own hacking tool like "Subseven" and thats when I understood you need a "server" and "client" for a successful connection.

I quit the hacking because it was getting to difficult and after another education I'm now a fulltime back-end developer in C#.

That's my story in short :)

Ooof.

In a meeting with my client today, about issues with their staging and production environments.

They pull in the lead dev working on the project. He's a 🤡 who freelanced for my previous company where I was CTO.

I fired him for being plain bad.

Today he doesn't recognize me and proceeds to patronize me in server administration...

The same 🤡 that checks production secrets into git, builds projects directly in the production vm.

Buckle up... Deploys *both* staging and production to the *same* vm...

Doesn't even assign a static IP to the VM and is puzzled when its IP has changed after a relaunch...

Stores long term aws credentials instead of using instance roles.

Claims there are "memory leaks", in a js project. (There may be memory misuse by project or its dependencies, an actual memory leak in v8 that somehow only he finds...? Don't think so.)

Didn't even set up pm2 in systemd so his services didn't even relaunch after a reboot...

You know, I'm keeping my mouth shut and make the clown work all weekend to fix his own hubris.

client cto: "SOMEBODY COMPROMISED YOUR KEY!!!! IT SHOWS SOMEBODY LOGGED IN TO DEVOPS GUY'S ACCOUNT USING KALI LINUX!!!!! HERE ARE THE LOGS!!!!"

the logs: *show an ip address*

the ip address: *ip address of the office*

devops guy: *actually uses kali linux*

not really a rant, just found it funny

I have a Windows machine sitting behind the TV, hooked to two controllers, set up as basically a console for the big TV. It doesn't get a lot of use, and mostly just churns out folding@home work units lately. It's connected by ethernet via a wired connection, and it has a local static IP for the sake of simplicity.

In January, Windows Update started throwing a nonspecific error and failing. After a couple weeks I decided to look up the error, and all the recommendations I found online said to make sure several critical services were running. I did, but it appeared to make no difference.

Yesterday, I finally engaged MS support. Priyank remoted into my machine and attempted all the steps I had already tried. I just let him go, so he could get through his checklist and get to the resolution steps. Well, his checklist began and ended with those steps, and he started rather insistently telling me that I had to reinstall, and that he had to do it for me. I told him no thank you, "I know how to reinstall windows, and I'll do it when I'm ready."

In his investigation though, I did notice that he opened MS Edge and tried to load Bing to search for something. But Edge had no connection. No pages would load. I didn't take any special notice of it at the time though, because of the argument I was having with him about reinstalling. And it was no great loss to me that Edge wasn't working, because that was literally the first time it'd ever been launched on that computer.

We got off the phone and I gave him top marks in the CS survey that was sent, as it appeared there was nothing he could do. It wasn't until a couple hours later that I remembered the connectivity problem. I went back and checked again. Edge couldn't load anything. Firefox, the ping command, Steam, Vivaldi, parsec and RDP all worked fine. The Windows Store couldn't connect either. That was when it occurred to me that its was likely that Windows Update was just unable to reach the internet.

As I have no problem whatsoever with MS services being unable to call home, I began trying to set up an on-demand proxy for use when I want to update, and I noticed that when I fill out the proxy details in Internet Options, or in Windows 10's more windows10-ish UI for a system proxy, the "save" button didn't respond to clicks. So I looked that problem up, and saw that it depends on a service called WinHttpAutoProxySvc, which I found itself depends on something called IP Helper, which led me to the root cause of all my issues: IP Helper now depends on the DHCP Client service, which I have explicitly disabled on non-wifi Windows installs since the '90s.

Just to see, I re-enabled DHCP Client, and boom! Everything came back on. Edge, the MS Store, and Windows Update all worked. So I updated, went through a couple reboots-- because that's the name of the game with windows update --and had a fully updated machine.

It occurred to me then that this is probably how MS sends all its spy data too, and since the things I actually use work just fine, I disabled DHCP Client again. I figure that's easier than navigating an intentionally annoying menu tree of privacy options that changes and resets with every major update.

But holy shit, microsoft! How can you hinge the entire system's OS connectivity on something that not everybody uses?

Worst one I’ve seen so far is when I was working for my previous community another developer joined to help me, without the permission of me or the other lead developer he pushed a client-side update. We didn’t think it was a big deal, but once we began reviewing the code it became a big deal... he had placed our SQL credentials into that file that every client downloads. All the person had to do was open the file and could connect to our SQL which contained 50k+ players info, primarily all in-game stuff except IPs which we want to protect at all costs.

Issue becomes, what he was trying to do required the games local database on the client-side, but instead he tried connecting to it as an external database so he decided to copy server-side code and used on the client.

Anyways, the database had a firewall that blocked all connections except the server and the other lead dev and myself. We managed to change the credentials and pull the file away before any harm was done to it, about 300 people had downloaded the file within an hours period, but nothing happened luckily. IP to the DB, username, password, etc, were all changed just to keep it protected.

So far this is the worst, hopefully it doesn’t get worse than this :/

Fucked!

I have got my cyber security exam tomorrow morning and i just got a call from a client to make some urgent changes to his site.

To add to it, i already wasted around half an hour becoz GoDaddy Plex somehow decided to block my own IP in the firewall.

And now I am on devRant.

Crap. I am fucked!

Me : Can I have your Server Access to deploy project.

Client : I don't have server. I will run it on my laptop.

Me : Okay, Are you sure? And do you have static IP?

Client : what's that?
😂

You build a system to integrate into an API to save the client hours of data-entry per day and reducing the number of fields needed to be filled manually by 75% and querying for the rest of the data and filling in the blanks. It took weeks of building and researching and bug fixing and when you're finally done the client looks at you unimpressed.

The same client gets a small piece of js that gets users location(by ip address) and uses it to customize a hello message on the home page and they think 'yer a wizard, Harry!' and jump for joy over the "cool factor" of this simple hack.

New contract termination clause to be included in all future project contracts: "Contracting client agrees that uttering the phrase 'Your job is whatever I say it is,' or any semanticaly equivalent variant thereof is grounds for immediate contract termination. All work product and IP rights will transfer and assign to contracting client ONLY upon payment in full of contracted payment amount prorated to contract termination date."

So one of my clients had a different company do a penetrationtest on one of my older projects.

So before hand I checked the old project and upgraded a few things on the server. And I thought to myself lets leave something open and see if they will find it.

So I left jquery 1.11.3 in it with a known xss vulnerability in it. Even chrome gives a warning about this issue if you open the audit tab.

Well first round they found that the site was not using a csrf token. And yeah when I build it 8 years ago to my knowledge that was not really a thing yet.

And who is going to make a fake version of this questionair with 200 questions about their farm and then send it to our server again. That's not going to help any hacker because everything that is entered gets checked on the farm again by an inspector. But well csrf is indeed considered the norm so I took an hour out of my day to build one. Because all the ones I found where to complicated for my taste. And added a little extra love by banning any ip that fails the csrf check.

Submitted the new version and asked if I could get a report on what they checked on. Now today few weeks later after hearing nothing yet. I send my client an email asking for the status.

I get a reaction. Everything is perfect now, good job!

In Dutch they said "goed gedaan" but that's like what I say to my puppy when he pisses outside and not in the house. But that might just be me. Not knowing what to do with remarks like that. I'm doing what I'm getting paid for. Saying, good job, your so great, keep up the good work. Are not things I need to hear. It's my job to do it right. I think it feels a bit like somebody clapping for you because you can walk. I'm getting off topic xD

But the xss vulnerability is still there unnoticed, and I still have no report on what they checked. So I have like zero trust in this penetration test.

And after the first round I already mentioned to the security guy in my clients company and my daily contact that they missed things. But they do not seem to care.

Another thing to check of their to do list and reducing their workload. Who cares if it's done well it's no longer their responsibility.

2018 disclaimer: if you can't walk not trying to offend you and I would applaud for you if you could suddenly walk again.

A guy rants a client of mine "anonymously" via his website contact form. How stupid is that. Even worst. He used his static IP connection. Busted! IP forwarded to my client. Turns out he is one of my client's client and has unpaid bills to him :>

I hate IT managers, how on earth some become ant form of manager is beyond myself.

I have a server with a hardware firewall. A client, based in the UK, with French offices is saying the server blocking their new French IP. I white-listed their IP address, still no luck.

That was a week ago.

After 4 international phone calls and nearly 30 emails I resolved the "issue".

Their so called "IT Manager" sent over the wrong IP. Instead of it starting with 46.* he sent over an IP starting 42.*, which was in fact being correctly blocked.

Suffice to say I charged the client a lot of money for the wasted time and international rate calls.

For the last 20 years, there's one thing I've not been able to do reliably:

Share a folder on a windows computer.

Why the fuck can I write /etc/smb.conf from scratch with a blindfold on and make it securely work from all client devices including auth & acl, but when I rightclick and share on windows it's either playing hide and seek on the network (is it hiding behind //hostname/share? No? Maybe in the bushes behind the IP addresses?), or it's protected by mysterious logins requiring you to sacrifice two kittens a day.

Yes, finally it works! One windows update later... aaaand it's gone.

JUST GIVE ME A FUCKING CONF AND A MAN PAGE, MICROSOFT. I DON'T CARE THAT YOU'RE ORALLY PLEASING ALL THESE MALWARE RIDDEN GUISLUTS ON THE SIDE, JUST GIVE ME A FUCKING TEXT FILE TO STORE AND EDIT.

Client contacts our company that his site is down, we do some investigating and the only way we can access the site is on a mobile phone. From the office computers the site never loads and times out. Since we don't host the site and I've never logged into it before I don't have a lot of details so I suggest they contact whoever hosts their site. This is where things get weird.

Client tells me that the site is hosted on someone's home server. I tell him that this is quite strange in 2018 and rather unlikely and ask if he was ever given access to the site to log in or if he has access to his domain registration, GoDaddy.

He says he doesn't understand any of this and would rather I just contact his current developer and figure it out with him. We agree that he needs to get access to his site so we are going to migrate it once I get access to it.

I email his current developer letting him know the client has put me in contact with him to troubleshoot the issues with the site. I ask him some standard questions like: where is the site hosted? Can you access it from a computer? Do you have some security measures in place to block certain IP ranges? Can you give me from access to get the files? Will you send me a backup of the site for me to load up on my server?

*2days pass*

Other dev: Tell me the account number and I'll transfer the domain.

Me: I'll have to get back to you on that once I talk to the client and set up his GoDaddy account since we believe the business owner should own their domain, not their developers. In the meantime you didn't answer any of the questions I asked. Transferring the domain won't get the site on my server so I still need the files.

*3 days pass*

OD: You are trying the wrong domain. The correct domain is [redacted].com I'll have my daughter send you the files when she gets in town. We will transfer the domain to you, the client will forget to pay and the site will go down and it'll be your fault.

Me: I appreciate your advice, but the client will own their domain. I'm trying to get the site online and you have no answered any of my questions. It's been a week now and you have not transferred the domain, you have not provided a copy of the site, you have not told me where the site is hosted. The client and I are both getting impatient at this point when will we receive a backup of the site and the transfer of the domain?

OD: Go fuck yourself, tell the client they can sue me.

If the client is that terrible, wouldn't you want to hand them off to anyone willing to take them? I have never understood why developers and agencies try to hold clients hostage by keeping their domain or website and refusing access. From what I can tell this is a freelance developer without a real company so a legal battle likely isn't going to go well since the domain is worthless to him as the copyright to the name is owned by the client. This isn't the first time we've had to help clients through this sort of thing.

Programmer: "Places : instead of ;"

Javascript: "What the fuck did you just fucking post about me, you absolute beginner? I'll have you know I worked for ten of the biggest silicon-valley industry companies, and I've been involved in over two hundred top secret projects including NodeJS. I am trained in refactoring the most fucked up code, and I'm the top C++er in the entire fucking internet-connected universe. You are nothing to me, but just another IP. I will fucking revoke your commits from your gitlab account with absolute dedication using only one Rasperry Pi client. Mark my fucking words. You think you can get away with posting that shit on one of my numerous very personal blogs? Your devices are fucking bricked, kid. My attack software can be anywhere, anytime, and it is tasked to remove your entire git contributions from planet earth. Not only am I extensively trained in remote cross-firewall device-hacking, but I have access to over 100 of the United States CIA and NSA git repositories. If only you could have known what doom-bringing C-one-liner you have raised from my fucking hands, maybe you would have held your fingers. But you could not. You did not. And now you're paying the price, noob. I will hail havoc upon your puny online-presence and you will drown in your own badly designed software. You're fucking offline, kiddo."

Client: my website is down

Support: can you just google my ip and let me know your IP

Client : OMG google is down!!! Oops router was'nt plugged.

**Client is on call just incase you wonder :p

telco sysadmin: hey maybe we should secure our SMTP server with SSL and password verification so our clients can e-mail safely!
senior exec be like: nah just filter incoming connections for our own IP-range, that'll do.

result: I can impersonate any client of the telco and send e-mail in their name (from any home network connected to that provider), but I can't send e-mail over cellular network.

> attempt to change password on laptop
> try sudoing to test if it changed
> it hasn't
> assume i was ssh'd into my server
> try the password, along with like 10 other permutations of it
> get ip-banned from ssh to my server :/
> try an online ssh client
> use old password
> it works!
> so what did i change?

I guess the time has come finally. 🤔

I'm now thinking of how to trace a Facebook user's current location. At first I thought of touching Facebook.

But then I thought that I can just write a webpage which will trace the visitor IP. And send the url to the user.

Oh it's not for me. One of my friends who is also a partner and a client of mine is being harassed by his former business partner. He has sued him but the guy is in hiding but still posting bad news on his Facebook profile.

So my friend came to me for help. :3

Client : i need to filter login by ip adresse

Me: ok its done put ip in CIDR block in admin panel and voila

Client: URGENT URGENT email ... Noting work on your shit ..=_=

Me (head) : what a fucking jerk i dont know how work CIDR IP block ...ans i demands it ...

Today a co-worker (I am going to call him 'boss') ask to another co-worker (I am goin to call it 'useless piece of shit' or 'ups') to explain to me a new task, becaus boss was to bussy with a new release for a client.

Idk how but ups managed to explain all wrong, like terribly wrong.

Ups: "Dev, all you have to do is fix some queries from local files"

Dev: "Ok, seems legit"

Try the local files, nothing happend

Dev: "weird... ups why this is happening?"

Ups: "I know the same as you, ask boss."

Dev: "boss this."

Boss: "what the actual what? ... this is all wrong. The config file is in mongo, in this IP, we don't use local files anymore. I tell ups to explain this to you so I can atay focused on this other task, but now I lost the double amount of time"

Dev: "oh... sorry, I will fix the remote queries"

I hate ups, every fucking time soneone need something from him this happend or worst...

*Dev is non-native english speaker

Dev: we need the VPN ip.
Me: the server ip or the connected device ip.
Dev: the server.
Me: gets the ip.
Dev: this doesn't work, is this the VPN ip ?
Me: Gives the device ip. Works.
Dev: OK. Works now.

Could have just asked for the client IP in the first place but s/he didn't know how to.

I have been trying to freelance for people who don't speak english as a first language and getting the Requirements is the hardest part of the job. 😫 .

P.S. Suggestions needed from remote freelancers. What's your workflow like.

Today I wrote a python messenger bot which listens to only one command;
get ip
It then replies with its public IP address. I figured this would be the easiest hotfix until I fix my dynamic DNS client.

Now thinking of it I could also make an "update domain" command for doing the API call, and then link the two with a loop and minute delay. Marvelous.

Trying to setup a ltsp server for fun. Neve done server things before.

The server and the thin client are in VMs. So I start, install openssh, and them when I try to ssh... WHY CAN’T I FUCKING CONNECT, I CHECKED THE IP WITH IFCONFIG, oh shit, forgot to configure the vm network... so ssh works! Then I setup dhcp (I really don’t know what I’m doing, just following the tutorial), the ltsp configs thing, build the client image and then, I HAVE NO FUCKING INTERNET CONNECTION. Continues, boot up the thin client... WHY CAN’T YPU FUCKING FIND THE SERVER!! Then I realise the vm is not an ubuntu one, so delete it and make a new one... WHY DOES IT STILL DOESN’T WORK!!!!!! Oh wait forgot to connect to the network! Goes to put the network adaptor, and: wait! I don’t need NAT! So I replace the NAT by the correct network, and: Wait it lets me choose the weird thingy intel/pce thingy, oh I remember now! It said we needed the “...III FAST...”! Activate it and... IT WORKS ! !!!! CONNECTS TO THE SERVER!!! GOT THE DHCP!!! WAIT!!!!! What is THAT 🤬 TFTP LOADING THING!!!:

TFTP open timeout

🤬 YOU!!!!!!!!>>

So a client came today to me saying his domain that I setup some time ago isn't working on a specific russian internet provider, checked everything and then came across a blogpost stating cloudflare IPs are blocked. Researched further and it came out that those fucking retards from the "Federal Tax Service of the Russian" blocked a ton of cloudflare IPs because russian online casinos used them like a year ago.

Then checked another domain he had a problem with and the godaddy IPs were also banned - even more extreme they were banned for like 14 incidents, what the fuck, had to create a new account to get a new ip/nameservers assigned from cloudflare, jesus fucking christ.

I have just slept for a minimum of 5 hours. It is 7:47 PM atm.
Why?
We have had a damn stressful day today.
We have had a programming test, but it really was rather an exam.
Normally, you get 30 minutes for a test and 45 minutes for an exam.

In this "test" we have had to explain what 'extends' does and name a few advantages of why one should use it.
Check.
Read 3 separate texts and write the program code on paper. It was about 1 super class and 1 sub class with a test class in Java.
Check.
Task 3: Create the UML diagram of the code from above. *internally: From above? He probably means my code since there is no other code there. *Checks time*. I have about 3 minutes left. Fuck my life.*
Draws the boxes. Put the class names in each of them. A private attribute for the super class.
Teacher: Last minute!
Draw the arrow starting starting from the sub class to the super class.
Put my name on each written paper. And mentally done for the day. Couldn't finish the last task. Task 3.
During this "test", I heard the frustrations of my classmates. Seemed like everyone was pretty much pissed.
After a short discussion with the teacher who also happens to be the physics professor of a university nearby.
[If you are reading this, I hope that something bad happens to you]
The next course was about computer systems. Remember my recent rant about DNS, dhcp, ftp, web server and samba on ubuntu?
We have had the task to do the screenshots of the consoles where you proof that you have dhcp activated on win7 machine etc. Seemed ok to me. I would have been done in 10 minutes, if I would be doing this relaxed. Now the teacher tells us to change the domain names to <surnameOfEachStudent>.edu.
I was like: That's fine.
Create a new user for the samba server. Read and write directories. Change the config.
Me: That should be easy.
Create new DNS entries in the configs.
Change the IPv6 address area to 192.168.x.100-200/24 only for the dhcp server.
Change the web server's default page. Write your own text into it.
You will have 1 hour and 30 minutes of time for it.
Dumbo -ANGRY-CLIENT-: Aye. Let us first start screenshotting the default page. Oh, it says that we should access it with the domain name. I don't have that much time. Let us be creative and fake it, legally.
Changes the title element so that it looks like it has been accessed via domain name. Deletes the url and writes the domain name without pressing Enter. Screenshot. Done. Ok, let us move to the next target.
Dhcp: Change lease time. Change IP address area. Subnet mask. Router. DNS. Broadcast. Optional domain name. Save.
Switches to win7.
ipconfig /release
ipconfig /renew
Holy shit it does not work!
After changing the configs on ubuntu for a legit 30 minutes: Maybe I should change the ip of the ubuntu virtual machine itself. *me asking my old self: why did not you do that in the first place, ass hole?!*
Same previous commands on win7 console. Does not work. Hmmm...
Where could be the problem?
Check the IP of the ubuntu server once again. Fml. Ubuntu did not save when I clicked on the save button the first time I have changed it. Click on save button 10 times to make sure it really is saved now lol.
Same old procedure on win7.
Alright. Dhcp works. Screenshot.
Checks time. 40 minutes left.
DNS:It is your turn. Checks bind9 configs. sudo nano db.reverse.edu.
sudo nano db.<mysurname>.edu.
Alright. All set. It should work now.
Ping win7 from ubuntu and vice versa. Works. Ping domain name on windows 7 vm. Does not work.
Oh, I forgot to restart the bind9 server on ubuntu.
sudo service bind stop
" " " start
Check DNS server IP on win7. It looks fine.
It still doesn't work. Fuck it. I have only 20 minutes left. Samba. Let us do this!
10 minutes in. No result. I don't remember why. I already forgot why I have done for it. It was a very stressful day.
Let us try DNS again.
Oh shit. I forgot the resolver!
sudo nano /etc/resolv.conf
The previous edits are gone. Dumb me. It says it in the comments. Why did not I care about it. Fuck it.6 minutes left. Open a yt video real quick. Changes the config file. Saves it. Restarts DNS and dhcp. Closes the terminal and opens a new one. The changes do not affect them until you reopen them. That's why.
Change to win7.
Ping works. How about nsloopup.
Does not work.
Teacher: 2 minutes left!
Fuck it.
Saves the word document with the images in it. Export as pdf. Tries to access the directories of the school samba server. Does not work. It was not my fault tho. Our school server is in general very slow. It feels like they are not maintained and left alone like this in the dust from the 90s.
Friend gets the permission to put his document on a USB and give the USB to the teacher.
Sneaky me: Hey xyz, can you give me your USB real quick?
Him: sure.
Gets bombed with "do you want to format the USB?" pop-ups 10 times. Fml. Skips in a fast way.
Transfers the pdf. Plug it out. Give it back.
After this we have had to give a presentation in politics. I am done.

Tomorrow our small company moves to another small office. I don't believe that Internet connection or our ip addresses works correctly. it should work and I need those ips for connection to client servers.

Networking Viva

External: how you specify the clients ip address to the server.

Me: Sir, we provide servers address to the client.

External: Where are clients IP addresses in server file

Me: Sir client goes to the server....

External: u know nthg...
😂😂😂

!rant

Is there any alternative to socket.io that doesn't need to expose a server ip directly to any client, needing to set up a full nginx anti ddos/auth config and more?

There is the live-ajax way that requests progress, but it feels more like a hack each time. (especially if the site should be able to handle multiple tabs with different progress)

I thought maybe some framework has live requests inbuilt to update content from a server worker model. (without exposing the server ip)

How fucking sucking difficult is it too setup a static ip in AWS on a loadbalancer??? I spend the whole day figuring out how to use the nat gateway or other means and it still doesn't work. Debugging is almost impossible because they give you zero logs.

And all of this because a client wants to work with a whitelist for their shitty system on location.

So I've spent all day chasing around this issue for a coworker who was trying to help a client with a new report they were deploying to their system.

Now I learned a couple of things today because of this. Due to moving buildings, our new network completely broke our report server because the DNS can't resolve it's name. Since we're rewriting this system from the ground up, I haven't been majorly concerned about getting this fixed, but with this coming up, being persistent, I'm glad I figured it out. IT did give us a static IP for this VM, but they never bothered to add a DNS entry for it, so for the past couple of months, this hasn't worked for some reason, and now that's why.

So the root cause of my issue can been seen from 2 directions, the dev of the report, and the dev of the UI that reads it. The dev who wrote this code originally is checking very specifically for 'asc' and 'desc', meanwhile my mans who wrote the report has his order by with 'ASC' where he needs it.
(MAN, THE PREVIOUS DEV WAS GREAT)

I'm glad I was able to help him, but god damn, that took all day, AND TO FIND IT WAS A CAPTIALIZATION ISSUE, AAAAAAAAA FUCK ME

Since day 0, I have been fond of computers. One of my first plush was called "DataDog" and looked like a CRT screen with dog ears around. According to my mum I was "addicted" to it.

At year 2, my dad was arranging some music on some software while I was watching him on his lap. Quick jump to the present: nowadays and since 10 years I run my own home studio with three guitars, two keyboards, one bass, three monitors, a microphone, an amp and a cabinet... coincidence? I think not!

Fast forward 5 years later (so I'm 6-7 years old), and I was playing with the legendary pinball game on Win95, as well as Flight Simulator. Then I was hogging mum's laptop to play settlers II (<3 that game), I eventually got my computer, and got into Quake III Arena being aged 10 (and had to tell my mum that game was safe for my age haha - I eventually removed the blood effects).

The Quake 3 Arena chapter is interesting: it got me into router configuration as I wanted to open a port through the router to host my own dedicated games with friends, it got me into DNS configuration (I was running a no-DNS client that allowed friends to join me through a DNS while having a dynamic IP) and eventually... to modifying .cfg files to tune my server as I wanted it. No programming here but a nice intro into :)

Then I hated the fact everybody would point their finger at me and say "geek" - I was only 13, fragile, sensitive, and I wanted everything but a bad image on me.

Meanwhile I continued on getting interested in hardware and configure my own computers, and investing myself into music production.

Then, university. "What do you want to study?" I thought of everything but IT, fleeing the image of a "geek". Turns out it was a waste of time, and at 21 yo I got into web development (well, just html and css), then learned a bit of PHP, finally got a specialized 2-year training and now here I am!

I was bound to be in IT either way since day 0, and funny fact, I've used every windows edition since Win95.

AHHHHHHHHHHGGGH

I HATE VPN SETUP

- Trying OpenSwan
Installing open swan on a Debian machine.. setting up the config.
Restarting openswan. Syntax error. No syntax error to be found.
Different tutorial.. it starts! Try to connect.. I can’t connect. Look at the logs. No errors.
Tcpdump. My traffic is coming through.. all fine.. try to connect again.. it works! (Nothing changed!)
Try to ping somewhere else.. no connectivity.
Try to ping an IP in the same network.. works fine. So I have connectivity, just no internet.
Spend an hour finding out about traffic directions of which no one seems to know what they really mean.
Boss tells me to stop using openswan because it’s deprecated and replaced by strong swan..

- Strongswan
Reinstall Debian machine, install strongswan. Copy openswan config. Oh, they’re incompatible? Look up strong swan config, and the service starts.
Connect to the VPN.. it works! Again, no internet, just connectivity in the same network. Spend 2h debugging the config, disable firewalls everywhere, find an ancient bug in the Debian package related to my issues.. ok, let’s try compiling from source.. you know what, let’s not. I’ll throw this Debian machine away and try something completely different.

- pfSense
Ok, this looks easy enough! Let’s just click through the initial setup, change some firewall rules, create an L2TP VPN with a simple wizard.
Try to connect to VPN. First, it times out. Maybe a firewall issue? Turn off firewall.. ah, something happens now. I get an error message right after trying to connect to the VPN. Hmm, the port doesn’t even get opened when I enable the firewall.. this implementation seems a bit buggy.. let’s try their OpenVPN module.

Configure OpenVPN. Documentation isn’t that clear.. apparently a client isn’t actually a client but a user is a client.. ok, there’s a hidden checkbox somewhere.
Now where do I download my certificate? Oh, I need a plug-in for that.. ok, interesting. Able to download the certificate, import it, connect and.. YES!!! I can ping! But, I have no DNS..
Apparently, ICMP isn’t getting filtered but all outbound ports are.. yet the firewall is completely disabled. Maybe I need outbound NAT? Oh. There’s no clear documentation on where to configure it. Find some ancient doc, set it up, still no outbound connectivity.

AHAHAHAHHHHHHHHHHG

Then I tried VyOS. I had a great L2TP VPN working in less than 15 mins. Thank you VyOS for actually providing proper docs and proper software.

I love docker swarm, but ffs can we finally get get real clients IP address inside? I am sick of the single point of failure fuck up, docker team!!!

Hi everyone, I have a question about VPN and hosting.

I have rpi which runs ubuntu where I have several things running like nextcloud, transmission, minidlna, samba etc.

I want to use a VPN due to torrenting via transmission on the pi. I had used private internet access(PIA) before and I'm thinking to go back to them as I had issue only once with them.

Question is if I had installed their client and connected to VPN, would I still be able to access to my services over the internet? As per my understanding only the outgoing and incoming generated from outgoing should follow the VPN tunnel, therefore interacting with my pi with it's public IP should still be possible, am I right?

I'm a newb when it comes to web stuff so any help is appreciated, also you can recommend other VPN providers if you think PIA sucks for any reason.

This is a question and a rant

I have to get temperature readings from an andriod app written in ionic angular to a webpage written apache wicket... No, I don't have any control over either stack.

The kicker is the wicket app isn't even run properly attached to a domain, it's just run from a box at the client and then the client machines connect through <server ip>:8080/appname

Which means I can't solve my problem by simply having the website and app on the same domain and then use local storage...

I have tried

Ionic
window.postMessage({ type: 'temperatureData', data: tempFormatted }, '*');

Test it from this page
<!-- index.html (web page) -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Web Page</title>
</head>
<body>

<h1>Temperature Data</h1>
<p id="temperatureData">Loading...</p>

<script>
// Listen for messages from the Ionic app
window.addEventListener('message', (event) => {
if (event.data.type === 'temperatureData') {
// Update the temperature data on the page
document.getElementById('temperatureData').textContent = event.data.data;
}
});
</script>

</body>
</html>

Which does not work, the page fails to pick the data.

So my rant is the situation. M question is does anyone have any ideas?

I am working on an embedded system, a microcontroller-based design. The system has an Ethernet port. I am using NetX framework in the microcontroller firmware.
The DHCP Client is executed properly, an IP address is assigned correctly when connected to a router. I connect a laptop to the router using a LAN cable. Then TCP sockets behave the way they should, UDP broadcast behave the way they should. The only issue is, when I connect a Laptop over wireless to the same router UDP broadcast are received on application on Laptop, but data sent is not received on the embedded device.
Any idea why?

Platform:
Laptop is Windows
Embedded Device: Renesas S7G2, NetX framework.

Question about linux iptables. I am currently blocking all access and whitelisting only when my users launch my software. When software is launched a socket client is also launched, it connects to socket server, identifies itself with a password and disconnects. If given password by socket client is correct, then socket server whitelists the users IP by executing the following command: " iptables -I INPUT -s userIP -j ACCEPT".

My problem is that now I have lots of duplicates of IP's whitelisted and as far as I've heard I should not go over 25k iptable rules.

So my question is how to check if ip is already whitelisted, in order to avoid duplicate iptable rules for for same IP?

Obvious solution would be to store whitelist somewhere (mysql/txt) and double check before whitelisting ip, but maybe there is an easier way to do this?

Need advice about protecting ddos via iptables and whitelisting. Currently I launched my gameserver and am fighting against a massive attack of botnets. Problem was solved by closing all ports on my gameserver linux machine and shipping game.exe with injected c++ socket client. So basically only gamers who launch my game exe are being added to firewall iptables via the socket client that is provided in the game exe. If some ddosers still manage to get inside and ddos then my protection is good enough to handle attacks from whitelisted ips from inside. Now I have another problem. Lots of players have problems and for some reason shipped c++ client fails to connect to my socketserver. Currently my solution was to provide support in all contact channels (facebook,skype,email) and add those peoples ips to whitelist manually. My best solution would be to make a button in website which you can click and your ip is whitelisted auromatically. However if it will be so easy then botnets can whitelist themselves as well. Can you advice me how I could handle whitelisting my players through web or some other exe in a way that it cant be replicated by botnets?