lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 7 Dec 2006 07:41:09 +1100
From: "Greg" <full-disclosure3@...andyman.com.au>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: Nmap Online



> -----Original Message-----
> From: Christian "Khark" Lauf [mailto:full-disclosure@...rkerlake.net] 
> Sent: Thursday, 7 December 2006 5:22 AM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Nmap Online
> 
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> 
> Greg wrote:
> 
> > I don't wish to upset anyone but that answer has to be the craziest 
> > FIRST "port of call" approach I have seen used. I get 
> plenty of those 
> > sorts of calls. I take about 30 seconds time on the phone 
> for almost 
> > all of them. I say "Pull the power plug out of the router. Wait 10 
> > seconds, plug it back in and wait another 10 seconds. OK, 
> try now" and 
> > almost all of them report it works well.
> 
> What about the people whose router configuration (which was 
> done by a friend months/years ago) you just resetted? Better 
> prepare for some house visits to restore SOHO router 
> configurations :-)

I am fairly certain that the NV in NV-ram doesn't mean "New Victim" but "Non
Volatile". Eg, even if nothing else works so you pull the plug and put it
back in, the settings you have changed remain intact. So, in most cases, no
you do not need to worry when pulling the plug.

> 
> And I think that the more you know about a certain topic, the 
> more you are able to find nice & half-decent solutions. 
> Resetting the whole device just because of what is a maybe 
> temporarly problem doesn't seem clever to me.
> 

That wasn't what I said of course. The whole point was that if the user is
complaining about not getting email from their ISP via whatever method they
decide to use and/or cannot get onto the web, then pulling the power plug is
a viable answer that is normally correct in most situations. Sure, there are
some where it isn't the answer but if you find out it is still as bad as it
ever was after pulling the plug and putting it back in, then you need to go
there, physically, in any case.

> But I understand your point.. At some point in time first 
> level support gets boring.
> 

It wasn't even that which I said. My point was always that there are better
ways of doing things. You could drive 30 miles just to pull the plug
yourself leaving the current job unfinished or unable to get to that next
problem in a suitable response time or you could just tell the person on the
phone to do that while you wait and see the result. In most cases, it has
been the answer. It has never ALWAYS been the case. In the cases where it
works, it is just a more efficient way for YOU to work. No "online" answer
is going to fix a router that just lost its cool and is locked up unless you
have installed a remote power down and power up (yeah, they exist but I
haven't used one and cant remember the name). The end result of working this
way is a happy customer who is now able to work, a contact who feels
superior because they worked with you to fix the problem and is more likely
to help you out in future when you want something done that they are capable
of doing and you can get to your next appointment on time.

Call me crazy but I reckon trying it first is always the best approach.

Greg.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists