My customers keep getting infected?

Discussion in 'Computer Security' started by Paul H, Feb 10, 2005.

  1. Paul H

    Jim Watt Guest

    We tendered to supply a large local client with computers and lost
    because we were not cheapest. The people who got the contract
    supplied around 70 copies of MS Office which looked dodgy to me.

    I obtained one and sent it to MS who confirmed it was indeed so,
    but were not particularly interested. At the time they had one guy
    dealing with piracy for the United Kingdom.

    Making a fuss did us no good and the client won't buy from us at all
    now, but we still don't sell chinese copies.

    However, the best one was the guy living in Spain selling computers
    into Gibraltar which were stolen in the UK and preloaded with
    everything you wanted and advertised as 'second hand' to avoid
    the need for an import licence.

    Personally I would not buy one like that ... but ...

    c'est la vie.
     
    Jim Watt, Feb 17, 2005
    #41
    1. Advertisements

  2. I work on home PCs as well. One client had basically come to a halt:

    1. 256 adware programs running
    2. 7 simultaneous websearch programs running
    3. 80% of the hard drive taken up by mp3s
    4. A 16 year old that used the computer as well

    I learned a lot about Kazaa - it doesn't really uninstall itself. You have
    to pick through the registry to get it all.

    Took me about 4 hours to clean this one up, had the parents set up as
    password protected administrators - the kid got his own account but could
    only use installed apps. He has since gone to his buddy's houses to get his
    Kazaa music! Put in a firewall, AV, and intrusion detection - no problems
    since.

    IMO - you have a user problem. This doesn't happen!
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #42
    1. Advertisements

  3. Disagree with Jim. The last line of defense is the user. I ran a network
    with about 3,000 users when the "I LOve You" virus came out. It was an
    e-mail message with that as the subject line. Only 2 people. both new,
    opened those e-mails and we were able to snuff them out and keep operating.

    A colleague of mine had several hundred of these opened and was down for
    three days.

    User training and indoctrination, even on home PCs, is necessary. The
    hardware and software cannot totally protect idiots.

    "Stupidity is invincible"
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #43
  4. Way to go Jim! I totally secured a business -- was running fine. Some
    application was giving them trouble and a guru suggested it was a firewall
    problem. The business disabled the firewall -- didn't solve the problem --
    didn't re-enable the firewall -- and I had a big job 5 days later!
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #44
  5. Johns is exactly right. What I have found is that they will scrap the
    computer and go buy a new Dell for $650 with XP and a clean install all
    ready to go instead of investing a few hundred to get the old one right.
    Then, 6 months later, deterioration sets in due to lack of FW, AV, intrusion
    detection and the like and the cycle starts over.Computer and SW
    manufacturers love these people!.
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #45
  6. If you have a 16 year old loose on the machine (not locked down to minimum
    user) you need ghost to undo all the damage.

    I had a customer and I locked the kid down - like Jim & others have
    suggested. Kid wasn't happy, nagged the parents, wanted more permissions
    and they gave in. So the kid got his permissions.

    I got a panic call three weeks later and the computer was at all stop.

    I suggested they give the computer to the kid, get a new one and I'll lock
    it down for parents use only. That solved the problem and the kid is
    learning how to properly operate his machine (albeit slowly)!
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #46
  7. What he means is that he has a base of 1,000 PCs - I had 3,000. We do the
    same thing but do it differently. When one goes out it gets ghosted and put
    back within the hour. Users store data on the servers.

    Home PCs are sometimes sooooo bad there is no alternative except to
    reinstall it all. All too often they don't even have their original
    software CDs .... and on and on and on ..
     
    ROBERT S AMP BA Drake, Feb 21, 2005
    #47
  8. Paul H

    Leythos Guest

    We generally ghost images also, and all clients store data on servers, but
    the way he made it sound, it came across as FUD.
     
    Leythos, Feb 21, 2005
    #48
  9. Paul H

    Leythos Guest

    Now that's actually funny - disable the protection method, forget to
    enable it.... If they were using an appliance they would not have been
    able to disable it without a lot of network changes also.
     
    Leythos, Feb 21, 2005
    #49
  10. Paul H

    lee Guest

    Yes, children and other non-security minded users (including some we
    mistakenly call parents) need limited user accounts. That and
    eliminating active scripting from default browser configurations.
     
    lee, Feb 21, 2005
    #50
  11. Paul H

    Jim Watt Guest

    The trouble is you are comparing a structured environment to
    home users. New home users spring up every day, and although
    in a business environment you can lay down ground rules and
    provide education, thats not the case with home users.

    Its up to their schools to educate them about safe computing
    and kids will do whatever kids do best, experiment with things
    and screw them up. After all its THEIR equipment and data.
     
    Jim Watt, Feb 21, 2005
    #51
  12. Paul H

    Jim Watt Guest

    Thats the way we do the schools machines ... However there
    returning them to the known good state is adequate.
     
    Jim Watt, Feb 21, 2005
    #52
  13. Paul H

    Bill Unruh Guest

    That is great that they experiment. That is how they learn. But it also means you may have to
    lock some things down for protection ( you do not leave guns lying around
    to be played with) and learn how to undo their mistakes (for physical
    damage taking them to hospital is far more intrusive of your life than is
    reinstalling a machine. )

    Note it is NOT up to the school to teach them. Do you leave it to them to
    teach your kids how to cross a road or talk to strangers?
     
    Bill Unruh, Feb 22, 2005
    #53
  14. Paul H

    Jim Watt Guest

    No and no

    Firstly we are not talking about my or your kids, most of the parents
    haven't a clue about how a computer works.

    Kids go to school to learn things, like how to use computers, where
    they are taught by professionals. They also learn MSword and
    excel so they get something useful apart from a knowledge of games.

    Guns? this ain't America. Cars stop so you can cross the road
    and kids can talk to people without being abducted etc.
     
    Jim Watt, Feb 22, 2005
    #54
  15. Paul H

    winged Guest

    So do I, I have found several cheap computers this way..LoL
    Winged
     
    winged, Feb 22, 2005
    #55
  16. Agreed. Technically, I suppose I /could/ say that I indirectly look after
    125,000 machines at one particular customer, and 350,000 users (don't know
    how many machines) at another.

    But /service/ all of these PCs daily..? Nope. No way.

    Who knows, maybe we've just witnessed the first step of a successful career
    in politics? ;o)

    H1K
     
    Hairy One Kenobi, Feb 22, 2005
    #56
  17. Paul H

    Gladys Pump Guest

    Please trim your posts. No need to include all that poop just to add a
    one line reply. That's somewhat uncommonly known as a 'me too'.

    Given your overall helpfulness and info-nuggetry I guess I will take some
    heat for it. So be it.

    Gladys.
     
    Gladys Pump, Feb 23, 2005
    #57
  18. Paul H

    winged Guest

    No issue, I think it is a good point! I will try to remember...

    Winged
     
    winged, Feb 24, 2005
    #58
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.