I had some trouble with a vendor this morning and thought I would share my "interesting" experience.
I received a call this morning from our mechanic informing me that the update that he needs to run for one of his diagnostics tools is not working. I went to investigate.
After just a little poking around it looked to me like our firewall was blocking communications. Reading the documentation for the software, it recommends disabling all firewall and anti-virus software when running. Well that's not happening...., so I called the vendor.
I explained the error, and the technician confirmed that it was a firewall issue. I politely asked which port the software was using so I could create a firewall exception. I was taken aback by his response: "I cannot give out that information". It took me a second to respond, as I was a little confused. I explained to him that in order to allow the program through the firewall, I needed to know which ports were being used, and he explained that "our policy is not to give out that information". Ok..... so what is his recommendation? To disable the firewall. Well sir, "my company policy is to not disable the firewall". After I realized that he was not going to be helpful, I asked for a supervisor. He was not able to find me his supervisor, but connected me to another technician. I explained the problem to him, and he also agreed that it was likely a firewall issue. What was his recommendation? "Disable the firewall". When I asked him which ports were being used, he instructed me to go into device manager to see which USB port the device was plugged into *face palm*.
After deciding that the vendor was not going to be helpful at all, I decided to take measures into my own hands. I booted up Wireshark and started sniffing the traffic being generated by the application. Lo and behold, what were the super secret ports this vendor was using?....... 20\21, FTP! Wow....
So I guess the purpose of me writing this is 1) to vent, and 2) to discuss how security flawed vendors that aren't IT related are. Does anybody have similar stories?
Thanks for reading!