{"id":751,"date":"2012-09-28T19:32:38","date_gmt":"2012-09-28T23:32:38","guid":{"rendered":"http:\/\/peroty.com\/blog\/?p=751"},"modified":"2013-12-26T14:06:34","modified_gmt":"2013-12-26T19:06:34","slug":"critical-friday","status":"publish","type":"post","link":"https:\/\/peroty.com\/blog\/wrote-about\/critical-friday\/","title":{"rendered":"Critical Friday"},"content":{"rendered":"

All week long I am bombarded. I am bombarded with people needing me. They need my attention. They need my help. They need my time. They need me<\/strong>.<\/p>\n

All day my attention is pulled in a million different directions. Just this morning, I was working on a critical ticket. The computer was failing to boot into Windows.<\/p>\n

\"\"<\/p>\n

It wasn’t a blue screen, but there was a single line of text across the screen before the Windows logo appeared. When I arrived at the computer I saw it had the letters DDR in it so I figured it was either the video card or memory.<\/p>\n

I removed the external video card and tried booting again. No dice. I then removed each piece of memory one at a time. Same error.<\/p>\n

Then I looked up the error message and it seemed to indicate the video card was at fault. Since I couldn’t get it to boot, nor could I access the BIOS or any diagnostic settings, I decided to unhook it and take it with me to my desk.<\/p>\n

As I was crawling under the desk to unplug the various cables, I received a call on my work phone. It is never a good sign when someone calls instead of emailing.<\/p>\n

It was another critical ticket<\/em>. In another building I support. Someone’s account had been compromised, and as a security measure, the account had been disabled.<\/p>\n

I had a real life interview question on my hands. When you have a dead computer and a compromised account at the same time, what do you do?<\/em><\/p>\n

This is how my Friday started.<\/strong><\/p>\n

\"\"<\/a><\/p>\n

When I got the computer back to my desk, I opened it up and tried some other memory to no avail. A co-worker then noticed the light on the motherboard was amber instead of its normal green hue. This meant the motherboard was bad.<\/p>\n

Easy enough I thought. I will go to Dell’s website, verify the warranty and get a new board ordered.<\/p>\n

So I did.<\/p>\n

Only, the machine was over a year out of warranty. This meant no new part. This meant I had a computer I could no longer repair. I went to see the user and give him the bad news only to find out he had left for the day. So I get to have that conversation Monday. Happy Monday!<\/p>\n

On I went to my other building to go see my user with the disabled account.<\/p>\n

When I arrived, his account had not yet been disabled, so I thought there was a false positive or a misdirected ticket. As I verified the ticket information and as I sat at his computer I started to run an antivirus scan just to be safe.<\/p>\n

Sure enough, the scan turned up three infections. Great, this is going to be the beginning of a long process. As the scan completed, there were only three infections, none of which appeared to be serious. I ran a rootkit scan and thankfully none were found. I then set about patching the multiple vulnerabilities with the computer using my Tech Support Triumvirate<\/a>.<\/p>\n

So I sent the logs of my scans to the security team to analyze and advise me how to proceed. I then called and had the user’s account reactivated and logged into webmail and investigated his Outlook account.<\/p>\n

I found an email rule to send incoming messages to a suspicious looking email address. Similarly, I found a signature added to webmail with the same suspicious information.<\/p>\n

I removed the email rule and deleted the suspicious signature and sent a couple of test messages through the system to assure nothing further suspicious was happening.<\/p>\n

This is just a day in the life of a desktop support technician. Did I get anything else done the rest of the day? Not really. I sent a couple emails to schedule meetings with people for next week. I called and emailed the network and security teams to coordinate my restore and recovery efforts with the compromised account.<\/p>\n

Before I knew it, the day had come to an end and it was time to head home. When I got to work this morning, my day was looking very different. I was hoping to followup with a half-dozen people and verify their issues were resolved.<\/p>\n

Then I was planning to go see another dozen people and work to resolve the issues they were having. All until 10:30 when my day got hijacked by more important things.<\/p>\n

I never know what each day has in store for me. I can plan and scheme and make lists of what I will accomplish. And it can all evaporate in the blink of an eye. All the planning is for naught.<\/p>\n","protected":false},"excerpt":{"rendered":"

All week long I am bombarded. I am bombarded with people needing me. They need my attention. They need my help. They need my time. They need me. All day my attention is pulled in a million different directions. Just this morning, I was working on a critical ticket. The computer was failing to boot […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1],"tags":[401,37],"class_list":["post-751","post","type-post","status-publish","format-standard","hentry","category-wrote-about","tag-day-in-the-life","tag-tech-support"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/posts\/751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/comments?post=751"}],"version-history":[{"count":7,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/posts\/751\/revisions"}],"predecessor-version":[{"id":1488,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/posts\/751\/revisions\/1488"}],"wp:attachment":[{"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/media?parent=751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/categories?post=751"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/peroty.com\/blog\/wp-json\/wp\/v2\/tags?post=751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}