Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
So...
I'm penetrationtesting a network and the servers on said network
The network administrator and IT security officer knows this, because they hired me..
TL;DR a scan caused the network to crash.
Today I received a very angry email going "Stop scanning NOW!" from one of the IT departments.
Apparently I crashed their login server and thus their entire network...
It happened d the first time I scanned the network from the outside and they had spend an entire day figuring out how and repairing the service they thought was the problem, but then it crashed again, when I scanned from within the network.
Now they want to send me a list of IP's that I'm not allowed to scan and want to know exactly what and when I'm scanning...
How crap can they be at their job, if they weren't able to spot a scan... The only reason they found out it was me was because the NA had whitelistet my IP, so that I could scan in peace...5 -
The solution for this one isn't nearly as amusing as the journey.
I was working for one of the largest retailers in NA as an architect. Said retailer had over a thousand big box stores, IT maintenance budget of $200M/year. The kind of place that just reeks of waste and mismanagement at every level.
They had installed a system to distribute training and instructional videos to every store, as well as recorded daily broadcasts to all store employees as a way of reducing management time spend with employees in the morning. This system had cost a cool 400M USD, not including labor and upgrades for round 1. Round 2 was another 100M to add a storage buffer to each store because they'd failed to account for the fact that their internet connections at the store and the outbound pipe from the DC wasn't capable of running the public facing e-commerce and streaming all the video data to every store in realtime. Typical massive enterprise clusterfuck.
Then security gets involved. Each device at stores had a different address on a private megawan. The stores didn't generally phone home, home phoned them as an access control measure; stores calling the DC was verboten. This presented an obvious problem for the video system because it needed to pull updates.
The brilliant Infosys resources had a bright idea to solve this problem:
- Treat each device IP as an access key for that device (avg 15 per store per store).
- Verify the request ip, then issue a redirect with ANOTHER ip unique to that device that the firewall would ingress only to the video subnet
- Do it all with the F5
A few months later, the networking team comes back and announces that after months of work and 10s of people years they can't implement the solution because iRules have a size limit and they would need more than 60,000 lines or 15,000 rules to implement it. Sad trombones all around.
Then, a wild DBA appears, steps up to the plate and says he can solve the problem with the power of ORACLE! Few months later he comes back with some absolutely batshit solution that stored the individual octets of an IPV4, multiple nested queries to the same table to emulate subnet masking through some temp table spanning voodoo. Time to complete: 2-4 minutes per request. He too eventually gives up the fight, sort of, in that backhanded way DBAs tend to do everything. I wish I would have paid more attention to that abortion because the rationale and its mechanics were just staggeringly rube goldberg and should have been documented for posterity.
So I catch wind of this sitting in a CAB meeting. I hear them talking about how there's "no way to solve this problem, it's too complex, we're going to need a lot more databases to handle this." I tune in and gather all it really needs to do, since the ingress firewall is handling the origin IP checks, is convert the request IP to video ingress IP, 302 and call it a day.
While they're all grandstanding and pontificating, I fire up visual studio and:
- write a method that encodes the incoming request IP into a single uint32
- write an http module that keeps an in-memory dictionary of uint32,string for the request, response, converts the request ip and 302s the call with blackhole support
- convert all the mappings in the spreadsheet attached to the meetings into a csv, dump to disk
- write a wpf application to allow for easily managing the IP database in the short term
- deploy the solution one of our stage boxes
- add a TODO to eventually move this to a database
All this took about 5 minutes. I interrupt their conversation to ask them to retarget their test to the port I exposed on the stage box. Then watch them stare in stunned silence as the crow grows cold.
According to a friend who still works there, that code is still running in production on a single node to this day. And still running on the same static file database.
#TheValueOfEngineers2 -
Time to go to bed.
Why not trying this lib ? it's not that late, let's give it a try for an hour and then --> sleep.
Woaw what, two hours passed already ? I was just still beginning to have fun ! so frustrating. Na, I could not sleep if I'm frustrated, let's dig deeper for 30min and then, go !
shit it's been an hour already, man, go to sleep now ! ...Actually it's too late already, better not sleeping and keep digging !
In the morning : can't wake up, tonight I promise, I go sleep at nine.
In the evening : oh new angular ! could worth a quick try before sleep !1 -
So... remember my first rants about my network at my last ship?
https://devrant.com/rants/2076759/...
https://devrant.com/rants/2076890/...
https://devrant.com/rants/2077084/...
Well... I had to visit them for an unrelated matter and found out that they are to pass general inspection the next week. Among the inspectors is a member of the cyber defence team. I took a quick look at the network, finding the things I'd expect:
- No updates passed to the server or installed since I left
- No antivirus updates since I left
- All certificates were expired
- Most services were shut down or unused
- All security policies were shut down
- Passwords (without expiration now) were written on post-it and stuck on screens
- ... and more!
I told the XO (the same idiot that complained about them CONSTANTLY) and he just shrugged me off and told me to """fix""" it. In one fucking afternoon.
I. SHIT. YOU. NOT.
The new admin there is a low ranking person who hasn't the faintest idea of how this works, and isn't willing to learn, either. They just dumped the duty on him, and he seems not to care. The cyber security inspector is going to have a field day. Or get grey hairs.
I told the XO that I needed at least a week to get them into working order (I have to re-set up my virtual Windows 2012 R2 server, download 2 years' worth of updates, repair 2 years of neglect etc.). The answer was what I expected:
"You know computers, you can do your magic and get it done in an afternoon."
Thank god I got transferred and don't have to answer to that idiot any more. Now, popcorn time, as I watch the fireworks.
Yes, I am a vengeful guy. I have told them, twice now, of what would happen. They didn't listen. At least now, with an official report on their heads, they just might.3 -
naiive idealism to the max:
medior+senior to junior: "hey, buddy, we need you to do this, here's the codebase, here's the button, here's what needs to happen when that button is clicked, here's the relevant files and classes, make it happen."
medior to senior: "so what you just said about how we should redo the whole order processing pipeline, na-ah, not possible. i've been in those parts of the code many times, and based on what i've seen, you either leave that thing mostly alone or nuke it from orbit and build a completely new module in its place, but these "medium adjustments" you're proposing... not feasible...
senior to medior: "okay, i've seen how slow your progress was on even the most basic-sounding bugs in those systems... looks like what you're saying makes sense."
senior to *EO: not possible to just do these changes with this budget and deadline, that wouldn't even cover the "unexpected bugs" overhead, either you let us do it properly as a new greenfield project, almost, or you're stuck with what we've got.
*EO: mmmkay, so that's 20 times more time and budget that is in the proposal?
senior: yup, something around those numbers.
*EO (with a pained but understanding expression) : go for it, imma explain to the rest of the EOs at the end-weeks's meeting.4 -
When i see a NullPointerException i look into my monitor with tears in my eyes and sing -
Tu hi yeh mujhko bata de,
Chahu mai ya na,
Apni exception ka pata de,
Chahu mai ya na
11 -
!dev
I feel like I never lived/live my age. I feel like I have wasted childhood (who the fuck wastes their childhood?!), teenage years, university years, most of my 20's. And now, I'm in this state where I'm stuck thinking about what I should be doing to not repeat the same mistakes and how to make up for them (which is in itself repeating the same mistake again, lol). I should go to bed.3 -
When I was on my first internship, I started developing an Android app, while my friend developed a C# program that read a .txt with info and references from a mail service (in my country it's CTT).
The damn .txt files got really really big, na she had to display all of the data in a listbox (it was a PoC) and when he pressed the item, it had to fill some fields at the left of the listbox.
Needless to say, he didn't learn of multi-threading yet, and I had, so I taught him how to multithread so the app wouldn't lock up while loading the massive .txt file.
The listbox filling made a cool animation (like CMD executing commands from a bat file) and we even implemented a progressbar.
I felt like a badass Dev after that. -
LORD AM I PRON TO THESE KIND OF PEOPLE AS A DEV!!!?
[09:21, 22/04/2020] +263 78 454 5470: Bro
[10:24, 22/04/2020] Softaz: Wasap
[10:25, 22/04/2020] +263 78 454 5470: Im good fam hwu
[10:37, 22/04/2020] Softaz: Um good bro how is it?
[10:43, 22/04/2020] +263 78 454 5470: All good.. i need help fam... i want to creat application form but dnt knw how to fo th out look appearance
[10:48, 22/04/2020] Softaz: Ummm haven't used out look
[10:51, 22/04/2020] +263 78 454 5470: Nooo I mean appearance of the app. .. not outlook windows no
[10:55, 22/04/2020] Softaz: 🤔
Wat you up to
Want to create a form using outlook or you want to create an application? ??
[GUY SENDS VOICE NOTE]
[11:21, 22/04/2020] Softaz: Is it web app or desktop app
[11:22, 22/04/2020] +263 78 454 5470: I thnk its wise to hv it a web app
[11:24, 22/04/2020] Softaz: Ok so is this a thing chitone market or?
[11:24, 22/04/2020] Softaz: And outline all it's functionality
[11:25, 22/04/2020] Softaz: And the price😋🤑
[11:26, 22/04/2020] +263 78 454 5470: Na. Its just fr records n logs ... for reference
[11:26, 22/04/2020] +263 78 454 5470: 👀U want to thug me now
[11:27, 22/04/2020] +263 78 454 5470: Nigaaa👀wait
[11:42, 22/04/2020] Softaz: 😂 its yo idea
I can't make something I have no idear what information it should take in
What format to generate soft copy
Etc5 -
The development team I lead. They don’t find it as funny when I comment “Now watch me Na Na” after their “wip’s”
-
everything is going as planned! :)
Learned Rust Lang. i loved it (that doesn't mean i am done learning na? No! never stop)
new language i could do game memory hacking in without worrying about C++ memory leaks or issues. it also compiles to assembly! another of my favorite languages!
(i use rust for game development and other stuff)
i am not leaving C / C++ though that would be harsh!,
i abandoned javascript for react and typescript.
to be honest the developer just made javascript and left us with a [object Object]
finished learning the android java api so im basically set anything i want to make i can just go on my pc, listen to music and write it out in a couple of days.
well phazor what are you going to do now?!
i will code till i am old.
i will leave my mark like a shid that made its skid in the bowl :)5 -
Vou fazer o post em br na esperança de encontrar algum br aqui... Então se tu mora no Brasil, gosta de programar e tá lendo isso, comenta aí, vamo prosear...11
-
Hello DevRanters,
I am looking for a 20-week internship starting in march 2020 in software engineering in NA or the EU. So if you guys know companies that take interns in these locations, GIME GIME GIME ! Tell me companies I should avoid too ^^
Thank you ! :)3 -
Runup Multiediensten: Specialist in Vloeren en Tapijt Verwijderen in Amsterdam
Bij Runup Multiediensten begrijpen we hoe belangrijk het is om vloeren snel en efficiënt te verwijderen tijdens een renovatie of verbouwing. Of het nu gaat om houten vloeren verwijderen, parket verwijderen met een machine, of het verwijderen van tapijtlijm, wij bieden professionele oplossingen voor al uw vloer- en tapijtreinigingsbehoeften. In dit artikel leggen we uit hoe wij u kunnen helpen met het verwijderen van vloerbedekking en andere vloergerelateerde diensten in Amsterdam.
Houten Vloer Laten Verwijderen
Het verwijderen van houten vloeren kan een tijdrovende en zware taak zijn, vooral als de vloer goed is vastgelijmd of genageld. Bij Runup Multiediensten bieden we een snelle en efficiënte service voor het laten verwijderen van houten vloeren. Wij zorgen ervoor dat de vloer zonder schade aan de ondervloer wordt verwijderd, zodat uw ruimte klaar is voor een nieuwe afwerking. We werken zorgvuldig en professioneel om ervoor te zorgen dat uw renovatieproject soepel verloopt.
Parket Verwijderen met Machine
Het verwijderen van parketvloeren is een klus die vaak veel moeite kost, vooral als het parket goed is bevestigd. Bij Runup Multiediensten gebruiken we geavanceerde machines om parket snel en effectief te verwijderen. Dit maakt het proces gemakkelijker en bespaart u veel tijd en energie. Of het nu gaat om gelijmd parket of zwevend parket, wij hebben de juiste tools en ervaring om het werk snel en zonder schade aan de ondervloer uit te voeren. Het gebruik van onze machines zorgt ervoor dat uw parketvloer efficiënt wordt verwijderd, zodat u snel verder kunt met de renovatie.
Houten Vloer Verwijderen
Naast het verwijderen van parket kunnen we ook andere soorten houten vloeren verwijderen. Dit kan variëren van massief houten vloeren tot laminaat of fineer. Ons team is goed uitgerust om verschillende soorten houten vloeren zonder problemen te verwijderen. Wij zorgen ervoor dat de klus snel en zonder gedoe wordt geklaard, zodat u zich kunt concentreren op de volgende stap in uw renovatie.
Tapijtlijm Verwijderen
Na het verwijderen van tapijt of andere vloerbedekking kunnen er vaak tapijtlijmresten achterblijven op de ondervloer. Dit kan het lastig maken om een nieuwe vloer te installeren. Bij Runup Multiediensten zijn we gespecialiseerd in het verwijderen van tapijtlijm en andere hardnekkige lijmresten. We gebruiken professionele apparatuur en technieken om de lijm effectief te verwijderen, zodat uw ondervloer schoon en klaar is voor een nieuwe afwerking.
Vloerbedekking Verwijderen
Of u nu een tapijt, PVC vloer, laminaat of tegels heeft, Runup Multiediensten biedt uitgebreide diensten voor het verwijderen van vloerbedekking. Het verwijderen van vloerbedekking kan een moeilijke taak zijn, maar met onze ervaring en de juiste tools maken we het proces snel en eenvoudig. Of de vloer nu vastgelijmd, genageld of op een andere manier bevestigd is, wij hebben de kennis en middelen om de vloerbedekking veilig en effectief te verwijderen.
Gelijmde Vloerbedekking Verwijderen
Het verwijderen van gelijmde vloerbedekking kan een van de lastigste klussen zijn, vooral als de lijm hardnekkig is. Bij Runup Multiediensten hebben we ervaring met het verwijderen van gelijmde vloerbedekking, of het nu gaat om tapijt, PVC of een andere vloerbedekking die stevig vastzit. We gebruiken speciale apparatuur en technieken om de vloerbedekking zonder schade aan de ondervloer te verwijderen. Na het verwijderen van de vloerbedekking zorgen we ervoor dat de ondervloer schoon en klaar is voor de volgende stap.
Siergrindvloer Verwijderen
Een siergrindvloer kan een mooie uitstraling hebben, maar het kan moeilijk zijn om het te verwijderen wanneer het tijd is voor een renovatie. Bij Runup Multiediensten bieden we een professionele service voor het verwijderen van siergrindvloeren. Dit type vloer vereist vaak specifieke technieken en gereedschappen om de grind en de ondergrond zonder schade te verwijderen. Ons team heeft de ervaring en de juiste apparatuur om uw siergrindvloer snel en efficiënt te verwijderen, zodat u verder kunt met uw renovatie.
1 -
C2 Construtora - Casas Planejadas para sua Família: Excelência na Construção de Casas Novas e Imóveis de Alto Padrão em Indaiatuba
A C2 Construtora é uma empresa consolidada no mercado de casas novas em Indaiatuba, oferecendo soluções de qualidade para quem busca morar em um imóvel planejado, confortável e sofisticado. Localizada na Torre Corporate, em Jardim Pompeia, Indaiatuba, a C2 Construtora tem se destacado por sua atuação no segmento de casas financiadas em Indaiatuba, oferecendo aos seus clientes as melhores condições para a realização do sonho da casa própria.
Casas Novas em Indaiatuba: O Imóvel Perfeito para sua Família
Se você busca casas novas em Indaiatuba, a C2 Construtora é a escolha certa. Com um portfólio diversificado, nossas construções são projetadas para oferecer todo o conforto e modernidade que sua família merece. As casas novas que oferecemos são pensadas para quem valoriza qualidade, bom gosto e um ambiente acolhedor. Ao escolher uma casa com a C2 Construtora, você está investindo em um lar que alia beleza, funcionalidade e segurança.
Casas Financiadas em Indaiatuba: Realize o Sonho da Casa Própria
Adquirir uma casa própria é um dos maiores desejos de muitas famílias, e a C2 Construtora facilita esse processo com opções de casas financiadas em Indaiatuba. Trabalhamos com diversas opções de financiamento, para que você possa conquistar o seu lar com condições acessíveis e dentro do seu orçamento. Se você está em busca de casas financiadas em Indaiatuba, nossa equipe está pronta para orientar e ajudar em cada etapa do processo, garantindo que a compra da sua casa seja simples e sem complicações.
Terrenos à Venda em Indaiatuba: O Primeiro Passo para a Casa dos Seus Sonhos
Além de casas novas em Indaiatuba, a C2 Construtora também disponibiliza terrenos à venda em Indaiatuba para quem deseja construir seu imóvel do zero. Se você tem o sonho de construir uma casa personalizada, temos opções de terrenos em localizações privilegiadas, que oferecem a infraestrutura necessária para a sua construção. Com a C2 Construtora, você tem a possibilidade de escolher o terreno ideal para o seu projeto de vida.
Casas com Piscina em Indaiatuba: Conforto e Lazer para Toda a Família
Para quem busca um estilo de vida mais luxuoso e completo, temos casas com piscina em Indaiatuba. As opções de imóveis com piscina oferecidas pela C2 Construtora são perfeitas para quem deseja ter momentos de lazer em casa, aproveitando a piscina com a família e amigos. Seja para relaxar no verão ou aproveitar o espaço para eventos, nossas casas com piscina são o refúgio perfeito para quem busca qualidade de vida e conforto.
Casas de Alto Padrão em Indaiatuba: Elegância e Sofisticação
A C2 Construtora é especializada na construção de casas de alto padrão em Indaiatuba, oferecendo imóveis que combinam design contemporâneo, acabamentos de qualidade e funcionalidade. Nossos projetos de casas de alto padrão são cuidadosamente planejados para atender aos clientes que buscam luxo, sofisticação e conforto, sem abrir mão da praticidade do dia a dia. Se você deseja viver em uma casa que reflete seu estilo e elegância, a C2 Construtora tem a casa ideal para você.
Por Que Escolher a C2 Construtora?
A C2 Construtora é sinônimo de qualidade e confiança no mercado imobiliário de Indaiatuba. Com um portfólio diversificado, oferecemos desde casas novas em Indaiatuba até casas de alto padrão e terrenos à venda, sempre com o compromisso de entregar um produto final que atenda às expectativas de nossos clientes. Nossa equipe altamente qualificada trabalha com dedicação para realizar o sonho da casa própria, seja por meio de imóveis financiados em Indaiatuba ou casas com piscina em Indaiatuba, sempre com foco na excelência.
Entre em Contato
Se você está interessado em adquirir uma casa nova em Indaiatuba ou deseja saber mais sobre terrenos à venda em Indaiatuba e casas de alto padrão, entre em contato com a C2 Construtora. Estamos à disposição para apresentar as melhores opções de imóveis e ajudar você a tomar a melhor decisão para sua família.
Endereço: Torre Corporate - R. das Orquídeas, 737 - Sala 207 - Jardim Pompeia, Indaiatuba - SP, 13345-040, Brasil
Telefone: +55 19 99221-9404
Não perca a chance de viver com qualidade e segurança em uma das melhores cidades do interior paulista. C2 Construtora – Casas planejadas para sua família, com todo o conforto e a qualidade que você merece.
1 -
One side effect of learning React Native for Android is JavaScript and Java start to look the same...
The only way to tell at a glance is the Java annotations...
https://facebook.github.io/react-na...
https://facebook.github.io/react-na...
Top Tags
Weekly Rant
View