Monday, June 2, 2008

pfSense - where's ftp?

You'd not expect open source software to get as many bashings as the store bought fecal matter, especially from an advocate of free software. So, let me explain why pfSense is good, before I explain why it is bad.

It's free, it's stable, it performs well, it's full featured, and most importantly, it lets me have as many interfaces on a homemade router as I want. I really thought it was more than good, I thought it was GREAT.

So anyway, basically you can't use FTP with this thing unless you're just nigh a developer yourself.
There are workarounds and such, it's pretty easy to make an FTP client on your lan connect to a server on the net, with conditions if you are lucky enough to meet them, and with some ability to garner knowledge or at least read instructions. What about a piece of software that unfortunately uses the FTP protocol on a non-standard port? Apparently it's no dice with pfSense.

Holy stinkin cow! How can a router project reach the level that this one has and HAVE NO FLAWLESS FTP FORWARDING!?

Sure, I understand these guys do this stuff for free more often than not, but my god... it's FTP. Who doesn't need that except the more simple home users who won't be using this anyway?

I imagine that I would NEVER need another firewall/router solution if pfSense FTP was flawless, incoming and outgoing, and configurable for multiple WANs. But without it, it's a borderline throwback.

Friday, May 23, 2008

CERME 7.0 from McKesson - Sloppy and annoying

"Care Enhance Review Manager Enterprise" or "CERME". Every time I update this software I am required to enter a user ID and a Product Key. The product key is different every single time. The problem is that I am never given the product key with the installation media, nor over the phone. I always have to call them and wait about half an hour for the key to arrive. Why do companies insist on this "atm" licensing key scenario? Is it to protect the product from being illegally copied or used ? Especially, why would you send the media to a paying customer, then worry about them trying to steal your product? Just send me the GD key with the CD... oh wait now I get it. It would cost more to print it out and manually insert it in every single CD package. Sorry you can't afford to do that. Maybe your revenue is down because:

Your tech support is sloppy and incomplete.
We required a CERME tech guy to log in to our SQL server and fix a problem a while back. Can't remember what the problem was, but I do remember it took about a half a day too long to fix. During this debacle, the tech guy informed me that the database name "Care_Enhance_Review_Manager" was unacceptable. (It's a frickin database name. It's frickin acceptable) How do I know it's frickin acceptable? Because it was THEIR previous tech person who frickin named it that and it worked for years that way. So anyway, this guy insists on creating a new database with the proper name "cerme". Hmm... why not just rename the old one? BECAUSE HE DIDN'T KNOW HOW TO FIX IT. He took the easy way out. Ok, so I do that too whenever I can, but it's always nice to know I COULD have fixed something and knew what he problem was and just didn't see the benefit of wasting the time to do it the "right" way. But this guy tried and just couldn't find the problem in the first place. So, in the meantime, he also leaves us with all the tables being owned by an integrated login instead of a sql specific login, so they'll be connecting any minute now to fix that, because the current update to 7.0 choked on it. How about some SQL handling here guys? No need for your update script to choke on this. As a matter of fact, it could detect and fix it if you wanted it too. Maybe that same tech guy is the programmer for your flaky java powered install app. Pff.

Wednesday, May 21, 2008

Sophos Antivirus False Positive, Licensing, Customer Service

This blog entry has been modified from it's previous version, to include the most recent and heinous fail-ness of Sophos.

First off, let me concede that conficker and many other viruses would be a pain in the ass to deal with for ANY virus company. At some point, the vulnerability in Windows ceases to be a factor in getting the virus because it will log keystrokes and attempt to use administrator credentials to access other computers via the c$ share and just drop itself straight onto the target PC. Anti-virus might have a problem dealing with this kind of infection method because it's not anti-virus's job to be a firewall, and destroying the bad files is fruitless because the reinfection attempts continue indefinately. To get rid of conficker, you need to have ALL computers patched up, and clean them all within a pretty narrow time frame. You have to clean conficker from your network moreso than from your computer.

Anyway, having said that, Sophos Enterprise has failed us because the program that runs in the background protecting your computer... does squat. When a virus is detected, the software just tells you via email that the computer is infected and then it pretty much stops there. I'm not going to elaborate on this one except to say in the case of a virus that behaves like conficker, there needs to be at least some next level of attempted protection other than just telling the administrator that computers are infected. The software could for example, at least make housecleaning easier by deleting the bogus Task entries created by the virus. It could also close down the process that is running with the virus, and delete the randomly named file that sources the virus. And here's a novel idea, when on-access scanning detects a virus-infected file on the PC, let's go ahead and let it scan memory for the virus too and shut that down, ok?

What are these anti-virus companies going to do when somebody decides "no more mr. nice hacker" and writes a truly DESTRUCTIVE virus like the ones we enjoyed in the early 90's? Well for one, they are going to FAIL to protect dozens or hundreds of computers on your network. Better have a clean rollback plan or a quick re-up plan because someday, ALL your computers are physically going DOWN with broken OS or deleted hard drive data. And I'll tell you exactly what the anti-virus companies will do...

See, this draught of destructive viruses has softened the standard. "Nasty" viruses now include things like conficker. When a globally destructive one hits in the future, this means that AV companies will get to play the "OMG this virus is SO bad, there was no way to be prepared for it! We ALL got pwnd but we'll be prepared next time with new version x.x.x which only costs $y" The reality is that they should have been sitting on the edge of their seats for such a virus for the last 10 years but have been taking the easy money from you instead of protecting you. Don't believe it? Just wait and see.

Unrelated and previous to the failure to deal with conficker:

Sophos Antivirus threw a false positive on a dll file that is part of our primary health information software, Meditech. Basically, within the span of an hour, our health information was rendered inaccessible due to it being shutdown by Sophos. Ok, so this might be understandable, false positives do happen. Also, Sophos was fairly quick about taking a sample of the file and re-issuing the virus definitions. I'll give them that, and the fact that they really are the best anti-virus company on the market. Best does not mean completely good however...

When I asked them to provide me with some tech details on what exactly was found in this dll that made it appear viral (I want exact binary snipets) they refuse as if that was "classified information". I'd like to have this so that Meditech can be made aware of exactly what parts of their code were being mistaken for viral code. Hell, do they think their virus definition can't be reversed to find out what this code is? Nah, they know that, they just must get giggles knowing that someone will have to work or pay for the information that they could give us freely.

Also, I feel like we were recently "pinged" by Sophos on a licensing issue, when the subject of "user" vs. "workstation" licensing came up. We were under the impression that after adding a certain number of computers to our network, we'd need to check our licensing with Sophos. We were informed for the first time ever that they license "per user" and then proceeded to ask about our user count for the first time ever. Fine, we have fewer users than we do computers, that should save us about 100 licenses when it comes to our servers alone. I personally don't see the logic in protecting a user with an antivirus license as opposed to a computer, because as a co-worker put it, at the end of the day, that user goes home and doesn't have a virus. The computer is still sitting here with it. So Sophos, logic please?
Heck it might not even matter, because it seems like even their own people don't really know how the licensing works either.

Thursday, May 15, 2008

Precis-Hospital Software to Metriq

Well this company has changed the name of their software for some reason. Probably to make it more appealing because the name "Precis" sounds a little to spacey-french in my opinion. Wait, so does "Metriq". Oh well. I will perform this update later today, but for the moment, as I read over the update notes I notice that the instructions say that you should "print copies of all the follow-up letters and labels that you have created" and that you should also "make a print screen of any follow-up templates that you have created. They will need to be re-created after the upgrade."

How frickin lazy is that!? Their software can't find and retain this information within itself!? Holy cow this is lazy programming. ( but par for the course! ) And the way for us to "back it up" is to PRINT it and make SCREENSHOTS? Oh my goodness.

A little bit of an update since this is my first blog entry after years of putting up with bad software. Precis-Hospital is a company that duped a poor unsuspecting lady (customer) in our organization into thinking that being "chosen" a "beta-tester" had some elite connotation to it. She doesn't even realize that she was a free guinea pig for their company for years while they "fixed" problems in their software. It continues to be problematic and she has been duped into thinking that these ongoing problems are all part of the game of paying big bucks for "really good software that does what she needs." *sigh*

We have some form of problem every single time we've updated, and several in between. Mostly they have to do with how the software appears to misuse borrowed libraries for drawing button and text controls on the screen. Who knows if thats the problem or what they do to fix it, but that's how it comes across.