@ricedg
Forum Replies Created
-
AuthorPosts
-
The last big outbreak I was involved in, indeed the only one I’ve known to bring an organisation to a stop, was Sasser back in 2004.
The patch had been issued but large scale patching tools weren’t in general use so patching was non existent. It took 3 days to clear that up and all that was required was to run the patch on each PC. All sites were isolated from each other until the network boys had blocked port 445 on the switches, but that was in the days of local server hardware so only email was really shutdown.
There was no data compromised in that one and the patch took 2 minutes to run. This one is going to be a doozy. The PCs will have to be rebuilt and I know how long it takes to do sites of 150+ PCs when we’ve done mass o/s upgrades and how many extra hands were needed. Then all the servers and data stores could be compromised too, will be where PCs had direct access through a mapped drive. Even if the data is clean it takes a long time to do a full restore of big data stores.
Might be keeping my eyes out for some short term contract work.
Yes, it’s getting thrown out of all proportion by the rolling news bods. Some of the “experts” they had on in the first hour were cringworthy and some clearly didn’t know it was ransomware but kept on about selling the data that had been stolen.
Another suggested switching to back up servers. What? Spinning up some new hardware is a piece of pi$$ now with virtualization. It’s the data stupid.
Unfortunately the XP issue is not a false claim. Just have a look at the screens you see when next visiting, I always do. I’ve seen a smattering of 7 machines but most are XP. The NSA vulnerability was patched and I would expect even the most slothful to have deployed it by now, except of course that XP machines were not included. Also from experience (patching the estate was one of my jobs) the success rate is not 100%, either because the patch fails or a PC is turned off and doesn’t catch up as fast as the phishing email gets delivered when it is.
Even when you are aware a major incident could be taking place it takes time to shut things down. There is no magic red button on a console somewhere ala James bond movie.
As Duke says, gmail is different and I have had exactly the same experience. Strange at first but ultimately the best way to work and search is at the heart of it.
I use my work Outlook client in the same way now. Indeed for the Android Outlook client having folders is a right PITA as you don’t see them unless you specifically go out of your way to manually download their contents. But the search works the same as the desktop client.
I love the fact that it gets rid of all the spam like nothing else and sorts out my emails into Primary, Social and Promotions with uncanny accuracy.
Yes, just got back from Tescos and the NSA malware was mentioned. It looks like the NHS has been caught in a new campaign rather than targeted.
The staff I know of are all competent, the troops on the ground usually are, it’s the decision makers at the top that are the issue, especially the bean counters.
Educating the staff does work. As many of you know my last permanent job was AV administrator in the defence industry and we could tell when it had taken place at sites as the calls went up reporting suspicious activity. There were also deliberate internal phishing campaigns that took you to a site saying “you’ve been had” and offering advice.
Expect an immediate injection of (not enough) money for staff awareness and some nebulous beefed up security promise. No heads will roll, of that you can be sure.
Just been talking with my ex RMG colleague who’s now in one of the local Trusts. As soon as they heard they “pulled the plug” to isolate themselves.
Looks like some big organisations on the Continent have been hit today too. Telefonica got mentioned.
It’s been waiting to happen. A lot of their systems are still on XP. Under investment and lack of knowledge at the top of the Trusts and Dept of Health.
It’s ransomware so I hope their data backups are robust. All the PCs will probably need to be rebuilt. I expect this will take ages to recover from.
Not intending to get too blasted as I’m paying for the training course, travel, etc. out of my own pocket ?
Back in the day as a Corporate drone on expenses… I well remember falling asleep in one meeting when someone was explaining the intricacies of the ATM protocol (that’s Asynchronous Transfer Mode not Automated Teller Machine) after the night before.
Well it has public transport we’d kill for here in Bristol, so I guess it’s easy to get somewhere out of the centre if necessary.
Hi Dan, I’m staying on the night of the 3rd, travelling back on the 4th, but I don’t get in to Picadilly until 4:30 ish (if it’s on time).
Steve, I gave up rough hotels years ago. Staying at the ibis in Portland Street, an easy stroll from the station and on the tram line to Old Trafford. Hotels weren’t much cheaper out there.
Sorry to hear that Les.
I agree, just get a gmail account. Google etc. already know everything about you that interests them and many things that don’t.
I have a custom email address for my business bought from a cheap hoster. I had to move the email from their free server as anything sent from it to a Virgin email address was classed as spam by Virgin and my incoming mail from my 2 major suppliers was being marked as spam by my hoster. I had no control over either.
I have an Office 365 for business account so get Microsoft to do the mail server service as part of that (you point the MX and a few other settings to them). Any email coming from the Microsoft server is trusted by third parties and Outlook gives me control over incoming spam. Outlook for Android on my phone keeps me in contact when out.
There’s no need to shout. It wasn’t aimed at Drezha but the person who put the effort into Upside-Down-Ternet.
“My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun.”
I think that tells us all we need to know. Clever dick, probably can’t be trusted to come in out of the rain. I’ll bet they nick other people’s milk from the work fridge too.
I don’t understand the premise. If neighbours are stealing your internet access then surely you need to see to your security not spend effort on turning web page content upside down?
Can’t wait.
Most people are the same. When I install a Ubiquiti system for home users no-one has ever asked me to change the SSID from the one I made up.
My T420 came from RefurbThat and I’ve bought loads of PCs from Micro Dream.
Micro Dream have some of the beautiful aluminium / magnesium HP EliteBook 8470p. Grade A Core i5-3320M 8GB 128GB SSD WebCam USB 3.0 Windows 10 Professional 64-bit £319 They have a similar spec T430 for the same price.
Of the home users, only 2 other people besides me have changed the default SSID of their router so it’s easy to see the split of ISPs.
BT = 12, TT – 10, Sky = 5, Vodaphone = 1, Plusnet = 1
All of the businesses use Cisco with the exception of the Nuffield Health gym which is TP-Link.
Well I find it interesting :wacko:
Imagine how much of this sort of info Google has collected. You can sort of see why some Governments take a dim view of Google street view collection.
I find it’s very slow to charge using the cigarette lighter.
Don’t worry about the specs too much John, but the greater the amperage the quicker it will charge and phone chargers are the same as tablet chargers. If it takes a micro USB cable that’s all you need to know.
Have a look at the Duracell 2.4A Micro USB Mains Charger for £9.99 inc postage from Amazon, it ticks all the boxes.
If you want one that can charge two at once, Anker USB Charger £8.99 + Triple pack of Braided Cables £6.89
Personally I think AV on an Android phone is a waste of time.
The charity I look after is currently using Norton. A decision had to be made quickly this time last year when we moved from Linux to W10 and they could get 20 seats for £26 via tt-exchange. It’s currently “out if stock” at tt-exchange but in the cloud console I can see nowhere to put a product code anyway. The only option is to hit the renew button at £114 (no charity discount). I see Norton have discontinued some of their licencing schemes, like the academic one, so I wonder if out of stock means no more.
I have hit the contact button on software4students who claim to do charity pricing too. I would love to get Kaspersky Endpoint Cloud for them, but it’d need a 90% discount. Not heard from them so it’ll probably a trip to Amazon for two 10 packs of Kaspersky IS.
-
AuthorPosts