+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 40

Thread: Brace yourself

  1. #1
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46

    Brace yourself

     
    It surprises me that people still dont patch their boxes, even with legit copies

    Beware Conficker worm come April 1 : Christopher Null : Yahoo! Tech

  2. #2
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    I bet you wouldn't believe that at our tech school, pretty much all the computers I've tested have a backdoor trojan installed that gets transferred around via usb key.

    All of the computers in the networking tech lab I am in are all infected and have deepfreeze installed on.

    Luckly I've been using Vista on my laptop, so I could stop it before it would try to do anything when I would plug the usb drive back into my machine. But I didn't notice it until I tried plugging the USB drive into another machine with an anti-virus installed (happened to be some other systems in the school that had mcafee installed).
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  3. #3
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    I have worked for three different school divisions trust me I know all to well

    The biggest problem and this goes for any environment with software loads, you don't know how those new updates will effect all your software. The man power alone to test how the update will affect installed (espically when ms was releasing them every other week) would be virtually impossible.

  4. #4
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    Well, luckily pretty much all the hardware setups here are identical, so one should be able to setup a single install and clone it to all the machines.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  5. #5
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    Yes but after you clone those machines you need to deploy the updates, and trust me even if they are all the same those updates can act screwy (not loading properly, network issues, etc) and cause some issues with the machine operation/software.

    And just because all the machines are identical, they might not have all the same software. Some school district only install math software in math class rooms.

    So its a very complicated animal, you cant just have wsus running and think everything will update perfectly fine.

  6. #6
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    It's definitely something I'd like to try some day.

    Although I may get the opportunity at some point in doing that with the computer lab we have in our classroom. I suppose I could give it a try with a bunch of VM's sometime, but doing that is no fun.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  7. #7
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    Why not? Vms are pretty much next to the best thing and you can do it all on one machine!

    I do everything in vms

  8. #8
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    Eh, I don't know, I just don't like doing all that in VM's.

    Although I suppose it would be nicer on my desktop, I've only been trying that stuff on my laptop, which isn't as nice to work with (especially with the 5400 RPM hard drive).
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  9. #9
    Ultimate Member Coolzer's Avatar
    Join Date
    Mar 2005
    Location
    Australia
    Posts
    1,112
    Quote Originally Posted by EXreaction View Post
    I bet you wouldn't believe that at our tech school, pretty much all the computers I've tested have a backdoor trojan installed that gets transferred around via usb key.
    Hey Ex just out of interest, how did you remove the Trojan?

  10. #10
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46

  11. #11
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    I didn't try removing them from the desktops, but on my laptop I could just show the protected OS files and they were listed on the flash drive and could just be deleted.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  12. #12
    Ultimate Member Coolzer's Avatar
    Join Date
    Mar 2005
    Location
    Australia
    Posts
    1,112
    yeah mine sometimes makes copies of the folders and disguise them as an .exe. so if you don't have extensions enabled you get hit with the virus. If you right click the drive you get like strange gibberish...eg:i^jkh

  13. #13
    I Void Warranties KarmaKiller's Avatar
    Join Date
    Feb 2007
    Location
    Springfield
    Posts
    13,484
    Blog Entries
    5
    Security experts have made a breakthrough in their five-month battle against the Conficker worm, with the discovery that the malware leaves a fingerprint on infected machines that is easy to detect using a variety of off-the-shelf network scanners.

    The finding means that, for the first time, administrators around the world have easy-to-use tools to positively identify machines on their networks that are contaminated by the worm. As of mid-Monday, signatures will be available for at least half a dozen network scanning programs, including the open-source Nmap, McAfee's Foundstone Enterprise and Nessus, made by Tenable Network Security.
    Busted! Conficker's tell-tale heart uncovered • The Register
    Q6600@4Ghz | i7 920@4.4Ghz |E6320@3.5Ghz
    FAQ's ~ Team Stats
    My PC

    TechIMO Folding@home Team #111 - Crunching for the cure!

  14. #14
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    Excellent thanks for the update!

  15. #15
    I Void Warranties KarmaKiller's Avatar
    Join Date
    Feb 2007
    Location
    Springfield
    Posts
    13,484
    Blog Entries
    5
    I figured it would help someone.
    Q6600@4Ghz | i7 920@4.4Ghz |E6320@3.5Ghz
    FAQ's ~ Team Stats
    My PC

    TechIMO Folding@home Team #111 - Crunching for the cure!

  16. #16
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    I don't get what their battle was against the worm. I mean, wasn't this worm targeting something that was already patched over a year ago now? I can see the problem with zero day exploits, but when you've got machines that have not been patched for months it may be time to start rethinking your system policies.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  17. #17
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    Quote Originally Posted by GroundZero3 View Post
    I have worked for three different school divisions trust me I know all to well

    The biggest problem and this goes for any environment with software loads, you don't know how those new updates will effect all your software. The man power alone to test how the update will affect installed (espically when ms was releasing them every other week) would be virtually impossible.
    Please reread above, on top of a lot of people having warez copy of windows and not being able to update (last time I checked). Deploying updates to a large scale network isn't as easy as it sounds. Yes WSUS does work but it can cause some problems and some network admins are lazy.

  18. #18
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    Yes, but still, 6 months should be enough time to patch a critical security vulnerability.

    Those running illegal copies who can not update will just have to deal with it themselves.

    It's a hell of a lot more work to fix a security issue after you've been attacked than it is to install a patch to prevent it.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  19. #19
    Goverment property now GroundZero3's Avatar
    Join Date
    Oct 2001
    Location
    NOVA
    Posts
    33,803
    Blog Entries
    46
    Let me give you an example

    We have several images made for different models, each image can have up 25+ different type of software installed. So if we have 6 different models of images with different software you do the math. The time it takes to test out each image with all the software to see how it reacts to an update is no easy task. The man power alone is staggering, you just don't go out there and install updates and when something breaks you don't go "oopsie my bad"

  20. #20
    Banned
    Join Date
    Feb 2009
    Location
    KFNL FS2004
    Posts
    11,886
    Blog Entries
    1
    Check out Opendns.com

    OpenDNS Blog » Worried about Conficker on April 1? Setting up OpenDNS can protect your network.

    You know, those malware statistics are unbelievable! I have not gotten a single virus in a looong time. Cross fingers. I feel sorry for the TPB pirates though... NAAA

    I use some decent malware protection, my brain...
    Last edited by Taxmancometh; March 31st, 2009 at 12:48 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Recommended Sites: ResellerRatings Store Reviews