Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

   Home   Help Search  
Pages: Prev 1 [2] 3 Next   Go Down
  Print  
Author Topic: Hijackers  (Read 7417 times)
W8JX
Member

Posts: 5678




Ignore
« Reply #15 on: February 15, 2012, 06:38:21 AM »

IT professionals wipe and reload an infected machine because in a work environment its the fastest, safest and easiest way to fix the problem.  Not because "we don't know how to fix it otherwise".

In such a setting a lot of times the clients are all the same and dependent on a server as well and they have images to use for generic restores.

Its fine for a home user to play computer whiz and spend 5 days removing a virus (while completely missing the rootkit it left behind) but in an enterprise environment there's no time for that.

The key is removing the hard drive and scanning it from another booted system. Never try to boot from a infected drive to repair it if you are really a "IT" repair guy.

With disc images and good user practices of not storing files on the local disc a good IT guy can have a user back to work in an hour.

A good IT guy can fix it quicker and also help prevent it from happening in a corporate setting.

If you've been backing up your files just wiping the system is no big deal.  Most computers need it anyways.

Very very few computers ever need wiping. I have never had to wipe any of may computers or ones I supported in past.
Logged

--------------------------------------
All posted wireless using Win 8.1 RT, a Android tablet using 4G/LTE/WiFi or Sprint Note 3.
KB1NXE
Member

Posts: 309




Ignore
« Reply #16 on: February 16, 2012, 11:33:46 AM »

All your statements are true.  Except when it comes down to a day one infection. 

In a corporate environment, many users have roaming profiles that as long as they do the right things have a copy of their files stored safely on a protected server.  I can ghost a drive from a gold image MUCH faster than I can get the drive out of the system, haul it over to another system, and then try and fix whatever virus or rootkit has taken over the drive and then return it to the original machine.

Besides, I like making people learn from their mistakes.  Lost data is a great teacher!
Logged
K2CMH
Member

Posts: 275




Ignore
« Reply #17 on: February 16, 2012, 12:51:00 PM »

>Besides, I like making people learn from their mistakes.  Lost data is a great teacher!

I didn't realize that the IT job description had grown to include 'teaching people a lesson'

I think that attitude is one of the reasons so many 'users' despise 'IT people'.

And btw, I'm in IT, I'm not one of the lowly 'users'

Logged
W8JX
Member

Posts: 5678




Ignore
« Reply #18 on: February 16, 2012, 01:56:27 PM »

>Besides, I like making people learn from their mistakes.  Lost data is a great teacher!

I didn't realize that the IT job description had grown to include 'teaching people a lesson'

I think that attitude is one of the reasons so many 'users' despise 'IT people'.

And btw, I'm in IT, I'm not one of the lowly 'users'


Well I agree, a IT is "supposed" to make life easier, not harder, for the "users".  Unfortunately this is not always the case. I have been places as a visitor or guest that I would have fired their IT person if they were working for me. Some act like they are doing you a favor even talking to you.
Logged

--------------------------------------
All posted wireless using Win 8.1 RT, a Android tablet using 4G/LTE/WiFi or Sprint Note 3.
K2CMH
Member

Posts: 275




Ignore
« Reply #19 on: February 16, 2012, 02:51:07 PM »

I would fire most of the one's that I have met, or at least demand they remove the 'professional' part from their "IT Professional" title.
Logged
KB1NXE
Member

Posts: 309




Ignore
« Reply #20 on: February 16, 2012, 05:41:08 PM »

You must understand, like I said in my first post, I moved onto networks and left the desktops and servers behind.

Now, I deal with App developers all day who are IT professionals and are completely unable to understand how an app works in the first place.  Like "Does it have to be running in order to answer calls to it's port?"  Nahh, it just does it magically, knowing exactly what you think it needs to do.  Over and over again from the same people.  I'm not talking average users.  These people are supposed to be able to answer questions like "What port is it listening on?"  But don't even know what a port is!

FWIW, I left desktop support 10 years ago after doing it since 1988.  Best move I made.  I was more than a little burned out by users and their typically self made probelms.  I realized it the day I said "Well, who do you think taught me?" to a user who wanted the Puppy instead of the Paper Clip...
Logged
W2RWJ
Member

Posts: 181




Ignore
« Reply #21 on: February 18, 2012, 04:36:32 AM »

Recommending a reformat and reload to fix a problem is a classic "cover" for not really knowing what you are doing. Most not knowing any better accept it as SOP.

I would strongly disagree on this.  Assuming the infected computer is one of our corporate units, I can format and restore from a PING image in less then an hour in most cases.  For me to spend several hours addressing multiple issue is not productive of time.

As far as AV suites, take a look at Sophos.

Logged
W8JX
Member

Posts: 5678




Ignore
« Reply #22 on: February 18, 2012, 07:48:47 AM »

Recommending a reformat and reload to fix a problem is a classic "cover" for not really knowing what you are doing. Most not knowing any better accept it as SOP.

I would strongly disagree on this.  Assuming the infected computer is one of our corporate units, I can format and restore from a PING image in less then an hour in most cases.  For me to spend several hours addressing multiple issue is not productive of time.

As far as AV suites, take a look at Sophos.

Not really because if you fix it you can better understand threat and know what to watch for in future.
Logged

--------------------------------------
All posted wireless using Win 8.1 RT, a Android tablet using 4G/LTE/WiFi or Sprint Note 3.
W2RWJ
Member

Posts: 181




Ignore
« Reply #23 on: February 18, 2012, 04:37:14 PM »

Recommending a reformat and reload to fix a problem is a classic "cover" for not really knowing what you are doing. Most not knowing any better accept it as SOP.

I would strongly disagree on this.  Assuming the infected computer is one of our corporate units, I can format and restore from a PING image in less then an hour in most cases.  For me to spend several hours addressing multiple issue is not productive of time.

As far as AV suites, take a look at Sophos.

Not really because if you fix it you can better understand threat and know what to watch for in future.

We are going to disagree on this.   I am completely capable of locking down a PC and network to prevent exploits.  I am also fully capable of manually cleaning out a system.

However, If I am instructed to get them back on line as expeditiously as possible, it going to be nuke and re-load.  Time is money.

Martin Flynn



.
Logged
W8JX
Member

Posts: 5678




Ignore
« Reply #24 on: February 18, 2012, 04:45:18 PM »

Recommending a reformat and reload to fix a problem is a classic "cover" for not really knowing what you are doing. Most not knowing any better accept it as SOP.

I would strongly disagree on this.  Assuming the infected computer is one of our corporate units, I can format and restore from a PING image in less then an hour in most cases.  For me to spend several hours addressing multiple issue is not productive of time.

As far as AV suites, take a look at Sophos.

Not really because if you fix it you can better understand threat and know what to watch for in future.

We are going to disagree on this.   I am completely capable of locking down a PC and network to prevent exploits.  I am also fully capable of manually cleaning out a system.

However, If I am instructed to get them back on line as expeditiously as possible, it going to be nuke and re-load.  Time is money.

Martin Flynn



Well when I see a bad one "I" want to know what it was. it you are equipped to remove HD and mount and scan it with another system to repair it, it does not that that long to fix 99% of time.
Logged

--------------------------------------
All posted wireless using Win 8.1 RT, a Android tablet using 4G/LTE/WiFi or Sprint Note 3.
K1CJS
Member

Posts: 6012




Ignore
« Reply #25 on: February 19, 2012, 09:59:44 AM »

Quite a few of the larger broadband ISPs offer free virus and malware software.  Comcast offers Norton--and if you don't take advantage of it, you're wasting the money you're paying for that ISP service.  I'm not foolish enough to say that it stops all attacks cold, but if you're careful, it does stop most of the worse ones.
Logged
W8JX
Member

Posts: 5678




Ignore
« Reply #26 on: February 20, 2012, 04:34:19 PM »

Actually you biggest threat  is from malware more than viruses themselves. My wife was nailed twice last year with website malware and required for serious repairing. The first time I can kinda understand but she had to go back to same site and do it again on a different computer! Both times was using IE too. Now she no longer uses IE and so far knock on wood no problems. (I kinda forbade her to us IE)
Logged

--------------------------------------
All posted wireless using Win 8.1 RT, a Android tablet using 4G/LTE/WiFi or Sprint Note 3.
WA9SVD
Member

Posts: 2201




Ignore
« Reply #27 on: February 22, 2012, 02:44:45 PM »

All your statements are true.  Except when it comes down to a day one infection. 

In a corporate environment, many users have roaming profiles that as long as they do the right things have a copy of their files stored safely on a protected server.  I can ghost a drive from a gold image MUCH faster than I can get the drive out of the system, haul it over to another system, and then try and fix whatever virus or rootkit has taken over the drive and then return it to the original machine.

Besides, I like making people learn from their mistakes.  Lost data is a great teacher!

    But lost data may also be a loss to the company if the user has important data. There are other, better ways to "teach a lesson."  Lost data isn't always just personal to the individual (or individuals) that use the particular computer. 
    I find that strategy very user (and quite often employer) antagonistic and abusive, and some supervisors might think insubordinate.  Unless you're the ultimate "boss," I'd reconsider such a policy very carefully.
Logged
W7ETA
Member

Posts: 2528




Ignore
« Reply #28 on: February 23, 2012, 11:39:55 PM »

If you are just doing simple things with your computer try Ubuntu.  I've used FireFox for many years now; IE is very sloooooow.

You can set up Ubuntu with Win and then choose which one you want to use.  I understand that if you want to you can set up a Win emulator while running Ubuntu.

73
Bob
Logged
K1CJS
Member

Posts: 6012




Ignore
« Reply #29 on: February 24, 2012, 04:01:57 AM »

....It was not from my email, it was from a truck tech site I use a lot. The hd light popped on and the hour glass icon on the came up on the pointer, and I just clicked onto the site!...

If you're running Win7 or Vista, that is why it's a good idea to leave the User Account Control settings active.  That way, before any changes are made to the machine, the computer stops and asks permission for the changes to happen.

I had that turned off--until I got infected just like you indicated.  Now, its on--and the slight inconvenience that that 'permission' pop-up causes is well worth it.
Logged
Pages: Prev 1 [2] 3 Next   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!