Feb 25, 2010

Support Stories

The Daily WTF often has some great stories. Here is one that I can really relate to. Back in the day, I fixed PCs and I remember actually fixing a down machine before discovering I was at the wrong location.

Here are 3 great stories of tech support nightmares.

Problematic Problem (from Ben)
Way back when, I was responsible for doing on-site support for a fairly complex ERP solution that our company sold. My support radius was 100 miles, which meant I was on the road a lot and traveled to places I wasn't all that familiar with. My trusty navigation aide was a compass and a Rand McNally map book. Fancy, online mapping services weren't around yet, let alone super-fancy GPS units.
One day, I was assigned to visit a customer on the far end of my region (99.9999999 miles), first thing in the morning. It meant that, not only would I need to battle rush-hour traffic through the city, but then drive another 60 miles once that cleared. I was not a fan of early mornings, and getting that client on that wintry day meant a 5:30A departure with a 2.5 hour commute.
That morning, traffic was even worse than I anticipated. And to make matters worse, I had a terrible time finding the place. Fortunately, a kind fellow at the gas station pointed me in the right direction, and I was able to ring the client from the nearest pay phone to let them know I was running behind.
When I arrived, everything seemed to be downhill from there. I went to the receptionist, tacked on my visitor badge, headed over to the server room, set my briefcase down, and got to work. Before I could even try logging in, someone walked up to me and said, "hey, I know this isn't really your thing, but I'm desperate, and reeeeaaaallly need some help getting this report for our PM meeting."
It certainly wasn't my thing, but given that I was 30 minutes late, a little goodwill towards helping a company executive could only help. So I followed her to her office and helped troubleshoot the problem. An hour-and-a-half later, we had the report running, no problem. She was thrilled, and I headed back to the server room.
For some reason, I couldn't log-in to the server console, but the generous IT guy helped me past that hurdle by logging in with his credentials. But then I had another problem: I couldn't access any of the servers listed on my sheet. In fact, I couldn't even find a server that looked anything like ours.
I called the IT guy over again and asked him where our ERP server was. He shot a confused look to me, and said that he's pretty sure they don't have an ERP server. I assured him that they did, so he went back and looked into things on his end. Thirty minutes later, he assured me that they absolutely, positively, definitely don't have an ERP server.
We were both utterly confused. And then something dawned on me, and I silently prayed it wasn't true. I pulled out my sheet, showed it to the IT guy, and pointed towards the customer address heading. "That's you guys, right?"
As it turned out, not so much. Our actual customer was down the street, in another un-marked office building.

Problem supply (from Brendan)
Working as a coder for a small company that operates worldwide, I was on the team that deployed a project to China. Now I realize that my English is far from perfect, but dealing with Chinese customers in English has been quite the experience. One day, four months after going live with the new system, I received this mail from our Chinese client:
From: Louis Chang
To: Brendan ******
Subject: Problem supply
_____________________________________________________

Hi Brendan,

Sorry disturbing you. There is a problem with supply programme on the
button. Please advice?

Regards,

Lou Chang
Ah, the lingo of the busisness... I can imagine that you'd have the faintest idea what he was talking about... but don't worry, neither did I. So I replied to him, hoping to get a better description of his issue:
From: Louis Chang
To: Brendan ******
Subject: RE: Problem supply
_____________________________________________________

Hi Lou,

Could you please state your problem more clearly?

Thanks,
Brendan
I didn't have to wait long for his clarification, as his problem seemed to be really urgent.
From: Louis Chang
To: Brendan ******
Subject: RE: Problem supply
_____________________________________________________

There is a problem
with supply
programme on
the button.
Please advice?
Yup. Much better. Thanks.

A Text-Destroying Problem (from Esko Tanakka)
Back in 1999, I was just beginning my career and worked at a small store that built and configured computers for the public. Occasionally, I'd have to answer customer calls and help people with general computing problems.
One day, a man called in and immediately started complaining about how we sell utter crap, that we should take responsibility for our problems, and that he was owed money back because of the problems we caused.
I begged him to calm down and explain specifically what was wrong. He told me that our computer is destroying his text, and that something had to be done. At first, I thought his files were disappearing, but after more investigation, I discovered what his actual problem was: typing text in Microsoft Word overwrote previous text.
I told him that he simply had the INSERT key on, but he insisted that he never pressed that key, and that pressing the key did nothing. Running out of phone-support options, I told him he’d need to bring in his computer. But first, I needed his warranty information.
Well, it turned out that he bought the computer seven years earlier, then had another company install Windows 95 and the Corel Office Suite. After hearing that, I told him that I obviously couldn't take the machine in. That just made him more angry, and he accused me of working for "Satan and his minions", and threw all sorts of other ridiculous insults at me. But then all of a sudden, he calmed down. Apparently, he actually tried pressing the INSERT key (as I asked him to do before), and his computer stopped destroying his text.

Feb 2, 2010

Using Route Tables on Windows

I refer back to back to this article quite often so I thought it would be nice to post it here. It is written so that just about anyone can understand route tables.

Using Route Tables on Windows NT, 2000, and XP

Have you ever had a computer that didn't need to, or more over shouldn't talk to any other computer off campus? Well route rules are a way to accomplish this. Route rules are a common way of only allowing a computer to talk to certain known other hosts. Technically, route rules are a way of controlling your computers ability to talk to other computers outside of it's subnet (we'll get into that more later).

About Route Rules:

The internet is a big place. Most users of the internet (at least in work settings) do not access the. entire internet (say a site in Iceland or Botswana). This holds particularly true for servers, application workstation, and purpose built computers. These types of computers may access only campus, only your department, or only a few users. More importantly, there are no valid reasons that someone from outside the userbase should access them. These are the perfect systems for route rules. There are 4,294,967,296 IP addresses (and thus other possible computers) in the world, and if you only have 10 people that need to access your server you may as well keep the rest out.

For the purpose of this article we will address route rules as they pertain to Windows NT, Windows 2000, and Windows XP (Many other OS's support these in various forms). We will also assume that you have some understanding of how IP addresses, subnets and gateways work.

Route rules are often used for the following reasons 
  • They are fairly simple to use if you understand how IP addresses work
  • They are quickly configurable and take effect immediately
  • They can allow you finer control over what other computers can access yours
  • They are commonly used in a "defense in depth" model as a final way of saying "none shall pass other than..."
  • They are similar to those used on Unix and Linux boxes so are pretty well understood and familiar to some
This can be a bit complicated as one needs to understand the basics of how IP addresses work. The basic principle is that you define each computer, or group of computers that you want your computer to be able to communicate with. Always keep in mind when using route rules that your computer will not be able to talk to anything that you haven't made a route rule for. So be sure to remember to add a route rule for things like the Microsoft Update Server or you won't be able to get patches.

In order to make "Static" route rules on your computer (i.e. ones that you set), you must first remove the "default gateway" from your network configuration tab. Remember what your gateway is for you will need it later when you add routes. The default gateway on a computer is used to allow it to talk to other computers off it's subnet. By default a windows computer has a route to every host in the world, which is great if you want to browse the web, and terrible if you want to keep out hackers and worms. Simply open your TCP/IP settings windows and remove everything from the gateway box.

Once you have removed your gateway (also known as the "default route") you will not be able to access anything that isn't on your subnet. Your subnet is the computers with an IP in the same range as yours. For example, 129.237.100.1 and 129.237.100.24 share the same IP Octets all the way down to their last octect (everything after the last dot), thus they are very likely on the same subnetwork.

This is important to know in that even once you have removed the default route (in this case your gateway from the TCP/IP settings menu), your computer will still be able to talk to everyone on your subnet. This is becase of a network technology called ARP.. which is a bit more than we'll cover here. Just know that you do not need a gateway to talk to those computers "near you" on the network (for instance those in your building or on the same floor as you) and thus route rules can't add or deny them access to your computer, they are simple talk (with or without a route)

Now that you have removed your gateway you can begin to add back routes to other computers (or groups of computers as you'll soon see). You do this by using the "route add" command.

route add -p 129.237.37.60 MASK 255.255.255.255 129.237.100.254

Lets pick appart the command above. The first part "route add" tells the route command that you want to add a route. The "-p" option tells route that you want it to be persistant. Persistant routes are written to the registry and thus will remain in place after a reboot (or anything else that turns off your network card). This is important because non-persistant routes will be removed at reboot. The next part of the command "129.237.37.60" is the IP address you would like to be able your computer to be able to talk to. In this case it is the IP address of the Windows Update Server we have here on campus (got to have those patches). The next part is a bit tricky, it is the MASK. A MASK is used, along with the IP address you specified in the first part, to make the rule. This is because a route rule can be used to add MANY computers, or just one. Basically, by saying "MASK 255.255.255.255" we have specified that we only want our computer to be able to talk to this one host. The final part of the rule is the gateway. This should be the same number that we removed from the TCP/IP menu. The gateway is the IP address of a device on the network that your computer talks to in order to find it's way to other computers. Think of it as the old style Telephone Operator sitting at a switchboard, without it, you can't talk to anyone too far away.

So in summary, we have told our computer that we want to add a persistant route, to 129.237.37.60 only and we told it to use the gateway in order to get there. Another rule that many people use is to group computers together and add them all at once.

route add -p 129.237.35.0 MASK 255.255.255.0 129.237.100.254

This rule is much like the first, except you'll notice that the IP address and MASK end in zeros. We have told our computer that we would like to add ALL computers in 129.237.35.x to our route list (and thus allowing communication with our computer). This is very handy and why the MASK portion of the command is so important. It says..

129.237.35.0

255.255.255.0

Only.Only.Only.Any

In other words, only allow computers that are in 129, AND only allow computers that are also in .237 AND only allow computers that are in .35, and allow ANY computer that meets all those criteria

Arguments & Examples:

route PRINT

Used to display a list of current routes. This is handy if you would like to debug a rule or to print out rules for documentation (used with a common pipe)  

route ADD 129.237.0.0 MASK 255.255.0.0 129.237.100.254 destination^ ^mask ^gateway

Adds a route, this is where the real power comes in. For instance, this rule allows only hosts on campus to see or talk to your computer (you computer also can't see anything off the campus network)

route PRINT 129.237.*

Only prints out the rules that match argument (in this case all on campus routes)

route CHANGE 129.237.39.200 MASK 255.255.255.255 129.237.100.254

Used to change an existing route rule

route DELETE 129.237.39.200

Removes the route defined to this host