Vintage Mustang Forums banner

1 - 13 of 13 Posts

·
Registered
Joined
·
1,390 Posts
Discussion Starter #1
He's pulling out his hair with the latest virus. This will be the 3rd night of the last 4 with nearly no sleep, if any at all for this evening.

For those of you who understand, DCOM is under attack. It's blocking access to TCPIP ports and generally bogging things down to the point where there is no network traffic.

This evening we've had a router go down in Fort Worth, a redundant switch cut to backup in Fort Worth and over 400 PC workstations pulled off the network with almost 200 of them infected in Utah. All need to be repaired manually taking up to one hour each. Even if the tech can do 5 at a time... you do the math, I'm too tired.

Keep me in your prayers!
 

·
Registered
Joined
·
5,205 Posts
I know the feeling, but look forward to the paycheck. It always helps me....
 

·
Gone but never forgetten
Joined
·
25,239 Posts
We've been fortunate, in that our firewall has worked well so far, and we're predominantly a unix shop. To my knowledge we haven't had a single infection yet (knock on wood) out of 130+ stores and about 10,000 PC's.

I feel for you, though. One of the companies we share our office building with has had NOTHING but problems.

My turn is comming, though. I just heard yesterday, that NCR is no longer going to be supporting their cash register software on unix, so we are headed straight at the oncomming train of having to run Microsh*t severs.
 

·
Premium Member
Joined
·
3,825 Posts
Yeah our IT guys have spent the past several days keeping the worm from entering through our firewall... :( We cannot afford to be attacked and have our servers go down. ::
 

·
Registered
Joined
·
622 Posts
Why in the world, with the increase of market share open source and unix is gaining, would a company go away from unix support? Did Bill Gates buy NCR?
 

·
Registered
Joined
·
1,390 Posts
Discussion Starter #7
I am so in agreement at 7:15 AM CDT. I think it should all be ported to LINUX server, put all the users on LINUX workstations.
 

·
Registered
Joined
·
1,937 Posts
Look into getting a McAfee E500 webshield for your network, it scans at the gateway to your network. I installed one at our main office and since then it's stoppped all incoming virus's, it can scan HTTP, POP3, SMTP and FTP. I've had it for a year now and it's working great. It's expensive ($11,000) but it saves me and my IT staff a ton of time by keeping the virus's out of the network.
 

·
Registered
Joined
·
1,390 Posts
Discussion Starter #10
Did that, the higher ups have to test packages before release. That being said, we're always a DAT update behind.

We run McAfee 7.0 along with EPO. We got caught with our pants down, No Win 2k SP3, No latest DAT files. Nothing like the smell of ionized air in the morning!

It's now 8:09 AM CDT and your's truly is still at work!
 

·
Registered
Joined
·
2,596 Posts
I feel for you guys. Our network systems guys have been working round the clock, too. So far, our servers have not cratered, but it is only because these guys have been working their butts off to stay one step ahead.

It's very true that MS servers are the ones that are repeatedly being targeted.In a conversation with one of our network guys recently, though, Unix/Linux turn in the barrel may be coming.

He explained that the reason MS software keeps getting hit is because it is so popular, it always creates dramatic and headline-grabbing news when it is attacked. As soon as some of the other O/Ss become popular enough to attract the attention of the little Shjtheads that are cooking up these bugs, they too will become attractive targets.

Microsoft is getting hammered because they are far and away the biggest. Hitting Linux machines would hardly rate attention from the press, but when you exploit holes in MS software, you get exactly the kind of attention and notoriety these punks are looking for.
 

·
Registered
Joined
·
483 Posts
It's very true that MS servers are the ones that are repeatedly being targeted.In a conversation with one of our network guys recently, though, Unix/Linux turn in the barrel may be coming.
As a Unix Admin I may be biassed, but it's not as simple/straightforward as "Windows is more popular"... To some extent that it the case, but it's also the way the software is written.

Windows wasn't designed to be a multi-user system, it was designed to be a single user (at a time) system. All of the security features that have been added on to allow one user to control their own files and programs are just that... added on. They don't allow for the same level of security as multi-user systems that were designed from the ground up to be like that.

I know that Microsoft have made significant improvements... It's been a long time since a single program crashing would take out the entire system (although it still happens) but with alternatives that kind of partitioning has been there since the beginning. OS/'2 for example always had that. VMS, Unix, TOPS-20, all have better security models than Windows.

Most people running Unix systems don't just run everything as Root (and those that do should be shot)... But if you're running Windows chances are that you are running as an administrator, if there is one on your machine.

I'm not saying that Unix/VMS/... are immune from Worms or viruses (the RTM Worm ran on Unix) just that they are harder to implement, and usually easier to stop. Yes, I'd expect to see more of them, I just don't expect them to ever be as much of a problem as they are under MS... Partly because MS programs for convenience... Unix isn't convenient... :)

Z.
 

·
Registered
Joined
·
278 Posts
Well, I'm the Sr. Network Engineer at my company (although I just took another position, so I'll be leaving in 2 weeks), and I was sleeping. :)

We got nailed the first go around (Blaster), and we're all patched up for Nachia, so there wasn't anything to do. Fortunately, I was on vacation during Blaster, so my coworkers had to work really hard! :)

joe
 
1 - 13 of 13 Posts
Top