If you're going to exploit work's infrastructure to torrent, you better damn well know how to hide it
Thank $DEITY for VPNs and, er, Service Pack 3... yeah, that's it. Service Pack 3!
Who, Me? Welcome to Who, Me?, your Monday morning palate-cleansing confessional after a weekend of not worrying about the antics of users. Pop on the kettle, grab a digestive and… maybe check your bandwidth?
Today's story comes from "Bob", a freshly minted IT professional, enjoying his first role in the industry back in the early 2000s.
Like all too many, Bob indulged in the odd bit of torrenting and found himself in need of credit because his particular torrent site of choice throttled downloads based on how much a user had shared.
"Being rather concerned about sharing from my IP whilst gaming, it's something I never did (share) so really needed the boost [as] I was a top-tier leacher."
I'm not Boeing anywhere near that: Coder whizz heads off jumbo-sized maintenance snafuREAD MORE
However, Bob was a newly installed system administrator and was due to do some routine work on a few client servers. Those servers were located in a data centre with a great line to the outside world. And since everything was scheduled to be down for the weekend... well, it would be a shame not to make the most of the opportunity, right?
"So I left it sharing a popular BBC documentary thinking that's not going to get flagged up, it's free BBC content anyway..."
We're not entirely sure Auntie would agree, but knock yourself out.
As it turned out, Bob's wheeze was almost successful. The item hadn't been flagged up and having shared gigabyte upon gigabyte of content, his account with the torrent site was well in credit.
Except he couldn't log in to actually stop the file-sharing. In fact, he couldn't connect to anything in the DC.
Confused, Bob called up the DC (at 11pm on Sunday) and was told that the allocated bandwidth for the month had been used up (oops). Oh, and it was only day three of the billing month.
"It's fair to say," said Bob, "I had a grip on the seat of my chair like never before, everything was clenched, what could I do to fix this?"
Bluff about backups perhaps? Something about data recovery? He didn't want to tell his superiors a porky that might come back to haunt to him. But the DC wanted £500 to turn the pipe back on, which he didn't have, so what to do?
Obviously, sticking another line in wasn't an option and being remote, Bob wasn't able to fiddle with the wires.
However, the company did have another rack lurking in the DC and "after much fretting and a few chunks of hair pulled out, I realised that if I could get onto the other rack I may just may be able to get into the router through its WAN port over their LAN by using the same WAN IP, just from within their network."
Success! As midnight passed, Bob was able to get in, kill the upload and destroy the evidence. Problem number one solved!
"Now I just had to figure out how I would explain the data usage in the morning."
Bob took to his bed for a night of restless sleep.
"I still to this day don't know if I dreamed this solution," he told us, but clearly the good IT fairies had paid him a visit overnight (unlike the bad code fairies that insist on filling our repos with shonk) and provided a way of keeping his job.
"Why don't I create a site-to-site VPN between the two Sonicwalls, then re-point the DNS entries to work around the issue?" Things would carry on working and nobody would be any the wiser, right?
Alas, Bob's 4am Hail Mary did not do the trick. Some of the critical servers were on the same ports. And naturally, Bob also had to ensure that whatever he did, Client A didn't end up seeing Client B's shares after his shenanigans.
Resigning himself to a launch from the redundocannon in the morning, Bob was about to retire to his bed once more when the IT fairy waved a wand once more.
"Do they have multiple IPs available to them? I know they only use one, but we often get five external IPs with the DC provider, a quick call to the DC confirmed yes they do have four unused IPs, YAY!!!"
And so it was, at 5am, Bob found himself frantically repointing the DNS, mapping the external IP to the server over the VPN and... it looked OK. Of course, the DNS change still needed to propagate so he couldn't test things. And the client was expecting things to be running when they started at 8am.
The fairies smiled once more, and everything did indeed run smoothly. All Bob had to do was remember to undo his hack in 28 days time, when the billing month rolled around.
Alas, while Bob's memory was top-notch when it came to the technicals, dates? Not so good. And, of course, he didn't dare put anything into a company calendar. So, naturally, he forgot all about it.
It was another three months before the inevitable happened, and his boss asked: "Why the hell is there a VPN from this client to that?!"
Thinking on his feet, Bob quickly made an excuse about router problems taking down one of the sites out of hours, and wasn't his solution clever? He went on to show how nobody was able to access stuff that they shouldn't, earning himself some entirely unjustified kudos for his smarts.
Reverting the DNS change and killing off the VPN sent everything back to normal.
Of course, the story didn't quite end there. About a month later, Bob took a support call and found himself talking to Client B, who "wanted to know why their bandwidth report from the DC was so much higher than usual..."
Fortunately, Bob's antics had not blown through the limits and incurred any charges. His explanation?
"XP Service Pack 3! That was a large bugger if you recall, it had just come out, all their office PCs had just been updated to it!"
Naturally, he promised to tweak things so there'd be no chance of naughty Microsoft gobbling their bandwidth again.
While Bob had indeed "gotten away with it", he did not emerge entirely unscathed: "It was this instance which resulted in the end of my torrent days anyway as I decided it wasn't worth the effort.
"I think I finished with my account massively in credit too..."
Ever worked through the night just to undo your own nefarious activities? And then got "Employee of the Month" for your troubles? You know you have, and the sympathetic vultures at the Who, Me? desk are waiting for your email.
Where were you 20 years ago? Were you frantically cutting COBOL or adding a crucial extra byte or two to a date field? Or a bodge that might last to, oh, 2050 before it explodes? Who, Me? and On Call would also like to hear your sordid Y2K tales for a festive feast of near-failures and dodged bullets. ®