Reply
 
Thread Tools Search this Thread Display Modes
 
Old 02-15-2004, 07:30 PM   #1
Confused & Wandering
 
Theo's Avatar
 
1993 34' Excella
Right here, , where ever I wake up
Join Date: Jan 2004
Posts: 205
Images: 23
Send a message via AIM to Theo
Exclamation a computer warning..

I have had a traumatic week, with regard to computers.

first thing, my brand new lap top, all of 4 months old, got hacked and damaged, whilst downloading an update for windows XP.. It destroyed the network connection, changed the bios, and lost half the FAT.. making the computer completely inoperative. It was a logged attack, that came in a packet, with the upgrades, from microsoft.. My firewall logged it, but because I stupidly told it to trust microsoft, it let it by. All of the actions the package did when it got to my computer have also been logged, so I know what did it, and how.

The problem was not that the computer was damaged, but because it came from within microsoft package.. The machine would not restore, so rather than send it to dell, who generally suck unless they are selling you something, or take it to a windows capable tech, I decided to depart from the cranky and ever so unstable platform provided by microsoft, and load Fedora Linux on the beast.. I need to write a couple of drivers, for the DVD/CDR burner, but other than that, the laptop functions well. I just need to repair, or replace the fried ethernet connection. Unfortunately it is on the board... not in a slot.

That was unfortunate, but not so much as the other computer on my network - It was running 98 SE, and got fried by a second attack, again from the microsoft web site, again in a microsoft package I had not ordered. So, after frying the laptop, a fresh attack came, and fried my desktop, leaving me with nothing to connect to the internet with. (the lap top has a broken ethernet, remember)

Panic did not immediately grab me by the throat, as I felt so annoyed with microsoft, I took it as an omen to rid myself of the beast completely.. So I bought a version of Enterprise Linux, for the vast sum of $89.95, complete with 12 months support.. I loaded this, the workstation of linux, and just have to write drivers for the dvd/cdr drive on this one too.. Shame Linux doesn't come with the ability to do it itself.

So, my friends, take note..... Yet again, the microsoft web site is hosting malicious attacks on networks.. It may also interfer with a single computer connection, I do not know..

Remove microsoft from your trusted sites, and be careful..

Theo
__________________

__________________
'05 Cargo hauler gooseneck, carrying an '05 Jeep TJ, all hauled by an '05 C4500 Kodiak Truck
Theo is offline   Reply With Quote
Old 02-15-2004, 07:56 PM   #2
4 Rivet Member
 
Join Date: Nov 2003
Posts: 366
Now that is disturbing.
__________________

__________________
Navigator is offline   Reply With Quote
Old 02-15-2004, 08:00 PM   #3
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Sorry hear about your problems Theo, but you're no the right track. Linux or OSX for Mac are great alternates.

Folks are getting tired of all the bs that is attached to having a wintel box lately. It's just one thing after another, day after day, after day.

We've spent far too many manhours dealing with the Microsoft issues in the past 6 months at work and it's only for about a dozen XP boxes. We also have about 600 Macs running OS 10.2.6 and it's been great.

Best of luck with your Linux workstation.
__________________
Silvertwinkie is offline   Reply With Quote
Old 02-23-2004, 08:40 AM   #4
Confused & Wandering
 
Theo's Avatar
 
1993 34' Excella
Right here, , where ever I wake up
Join Date: Jan 2004
Posts: 205
Images: 23
Send a message via AIM to Theo
Update on the linux systems.. Still going strong - no problems, though I have not had the time to get the dvd/cd burners working... I will address that as the skill levels increase

Theo
__________________
'05 Cargo hauler gooseneck, carrying an '05 Jeep TJ, all hauled by an '05 C4500 Kodiak Truck
Theo is offline   Reply With Quote
Old 02-23-2004, 08:51 AM   #5
3 Rivet Member
 
idahosafari's Avatar
 
Join Date: Oct 2003
Posts: 122
Thanks for letting me know.

Our IBM/Windows XP machine has been running flawlessly for the past few months. No crashes. Why do anything that could possibly change that?

Since we don't get our e-mail on the IBM (we get it on our Mac notebook computer instead) or download programs, I think I'll just ignore those Microsoft recommendations to let it update the system.

Thanks again.

- Charlie
__________________
2004.5 Dodge 4X4 Quad Cab w/Cummins Turbo Diesel
idahosafari is offline   Reply With Quote
Old 02-23-2004, 09:10 AM   #6
Rivet Master
Commercial Member
 
bredlo's Avatar
 
1954 22' Safari
Deerfield , Illinois
Join Date: May 2003
Posts: 1,419
Images: 23
Send a message via AIM to bredlo
Re: a computer warning..

Quote:
Originally posted by Theo
It destroyed the network connection, changed the bios, and lost half the FAT..
I've been trying to lose half the fat for a long time. I would say congratulations, but I know you're not talking weight loss here.

Major bummer - Good luck getting back up to speed!
__________________
bredlo is offline   Reply With Quote
Old 02-23-2004, 09:18 AM   #7
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Quote:
Originally posted by idahosafari
Thanks for letting me know.

Our IBM/Windows XP machine has been running flawlessly for the past few months. No crashes. Why do anything that could possibly change that?

Since we don't get our e-mail on the IBM (we get it on our Mac notebook computer instead) or download programs, I think I'll just ignore those Microsoft recommendations to let it update the system.

Thanks again.

- Charlie
I agree, the Mac is far less prone to the carnage that the PCs take....one thing though, if your XP boxes are on a network to the net, you still should consider updating the "critical" updates as the machines can still get hacked and beat up due to the flaws in the OS.

Now if the XP box is not connected to the network/Internet/other PCs, then you should be fine.

I'll give you an example. There is a PC in one of our buildings. Not used for Internet, email, downloads, etc. Just there as a network monitoring station. Well, one of the PCs in the township took a hit and then started hunting for others to beat on. Sure enough we had caught it.

Bottom line, if you want to be safe, take it off the network or update the machine. It might not happen today, maybe not tomorrow, but it will happen if it has a physical connection to a network.

Eric
__________________
Silvertwinkie is offline   Reply With Quote
Old 02-23-2004, 09:29 AM   #8
Patriotic
 
Chuck's Avatar

 
1973 23' Safari
North of Boston , Massachusetts
Join Date: May 2002
Posts: 4,533
Images: 260
Quote:
first thing, my brand new lap top, all of 4 months old, got hacked and damaged, whilst downloading an update for windows XP.. It destroyed the network connection, changed the bios, and lost half the FAT.. making the computer completely inoperative. It was a logged attack, that came in a packet, with the upgrades, from microsoft.. My firewall logged it, but because I stupidly told it to trust microsoft, it let it by. All of the actions the package did when it got to my computer have also been logged, so I know what did it, and how.
can you explain this a bit more? I just don't understand how downloading a patch from microsoft can do that, particularly from behind a firewall.

and I'm a network administrator, so feel free to use big words.

I would agree, though...don't use an MS firewall, that's for sure. But with a Novell infrastructure, NO ms exchange, and regular virus updates...we just don't have these problems. ever.
__________________
Chuck is offline   Reply With Quote
Old 02-23-2004, 10:04 AM   #9
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Quote:
Originally posted by chuck


and I'm a network administrator, so feel free to use big words.

OMG!!! LOL!!!!

It's rare to find others that know what the hell ARPs, RIP, tunnel, TFTP server, terminal window, chown, chmod, etc are and those aren't even big words.

__________________
Silvertwinkie is offline   Reply With Quote
Old 02-23-2004, 10:06 AM   #10
Rivet Master
 
RoadKingMoe's Avatar
 
2001 34' Limited
The State of , Ohio
Join Date: Sep 2002
Posts: 1,605
Images: 23
We have a few hundred XP workstations, fed by 7 2000 and 1 2003 server, and don't see these problems. We run Microsoft's Software Update Services on the servers. One goes to Microsoft's site and checks for critical updates. When it finds one or more, it downloads them, propogates them to the other SUS servers on various subnets, and the workstations pick them up from there. To date, MS has had the patch out and we've had it propogated before any worm hit us. We also run Norton AV Enterprise on the servers as well as on the Exchange server, and it takes care of the viruses and worms.

There WAS an email going around that looked very officially Microsoft. It instructed you to click on a link to get a critical update. When you did, it went to a bogus update site that looked very official. It even exploited a bug in IE to spoof the appropriate name in the address bar. Was this the problem?
__________________
Maurice
RoadKingMoe is offline   Reply With Quote
Old 02-23-2004, 11:09 AM   #11
Confused & Wandering
 
Theo's Avatar
 
1993 34' Excella
Right here, , where ever I wake up
Join Date: Jan 2004
Posts: 205
Images: 23
Send a message via AIM to Theo
Not being a network guru, or any kind of computer genius, I can only relate what the admin guru told me..

A malicious packet was downloaded along with the update, from the microsoft website. This packet was logged by the two firewalls, both of which were programmed to trust downloads from microsoft. When the packet arrived, it caused damage to the system, using protocols I know nothing whatsoever about. I am familiar with them though - my line of work gets hacked at regularly, so I experience malicious packets that do amazing things from time to time. By far the most spectacular malicious packet did something most computer geeks think impossible - it set fire to the computer. For those who want to know more, there will be things on the web concerning that, though I am unsure of where. For someone who has had their network targeted four times, and had many computers fried by hackers, I really should learn more about this stuff, so at least I can understand how it can happen.

Theo
__________________
'05 Cargo hauler gooseneck, carrying an '05 Jeep TJ, all hauled by an '05 C4500 Kodiak Truck
Theo is offline   Reply With Quote
Old 02-23-2004, 02:55 PM   #12
1 Rivet Member
 
2008 19' Safari
Toronto , Ontario
Join Date: Sep 2003
Posts: 19
Theo:

Are you sure you didn't download one of those "e-mails" allegedly from Microsoft that was actually a virus masquerading as a Microsoft update?

Was your download actually accessed from the "Microsoft Update" tab on your Start menu or from the Internet Explorer "Tools" tab or from the Microsoft.com website?
__________________
oscarb57 is offline   Reply With Quote
Old 02-23-2004, 03:04 PM   #13
Site Team
 
, Minnesota
Join Date: Aug 2003
Posts: 6,940
Images: 59
Computer warning

I've noticed that the ratio of Windows users to Mac users on THIS forum has been dropping lately. Used to be 10.00 Windows to 1.00 Mac. Now its down to about 9.95 Windows to 1.00 Macs.

Maybe the Windows users are being burned up.
__________________
markdoane is offline   Reply With Quote
Old 02-23-2004, 03:15 PM   #14
Aluminut
 
Silvertwinkie's Avatar
 
2004 25' Safari
. , Illinois
Join Date: Feb 2003
Posts: 10,334
Re: Computer warning

Quote:
Originally posted by markdoane
I've noticed that the ratio of Windows users to Mac users on THIS forum has been dropping lately. Used to be 10.00 Windows to 1.00 Mac. Now its down to about 9.95 Windows to 1.00 Macs.

Maybe the Windows users are being burned up.
I think it's more that more Macs are getting into places they haven't been....still a long way to go, but we take 'em one at a time....
__________________

__________________
Silvertwinkie is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



Virginia Campgrounds

Reviews provided by




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -6. The time now is 10:26 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.

Airstream is a registered trademark of Airstream Inc. All rights reserved. Airstream trademark used under license to Social Knowledge LLC.