Thursday, March 06, 2008

Viruses again

I wound up working until like 1:00 am Tuesday night because of another virus issue on one of our production servers. Its a long story that no one would care about, but basically what happens is some of our production line computers go out to this server to verify what version of a certain software they're running when they boot up (via an .exe file). These computers have a share on that server mapped as a local drive, so one unpatched computer caught w32/madangel.b which basically tears up every exe file on your machine by adding 5 bytes to the binary. It then sniffs for open network shares wherever it can find them and tries to spread. So a guy from Austin called and said that some of our machines were port scanning his servers. So we cleaned them up, but since they have that share mapped as a local drive, one of the infected machines then infected the entire share of the server (all the exe's) so whenever another machine went out to the server to verify its software, bam, re-infected. So I wound up finding a solution to the server part which stopped the outbreak, but we're still playing clean up with the rest of them. What a pain in the ass. So on that note:


5 comments:

Eric said...

I hold you personally responsible for Swayze's cancer

pw said...

Double bad day for Fox. Swayze's cancer and computer problems. Next somebody will kick his dog. Bad things come in 3's, and the mother board episode was too long ago.

Justin Fox said...

I know. Swayze needs to pull through this one or I'm in trouble.

Brian said...

In Soviet Russia, you get diesel engine, $5.

Justin Fox said...

In Soviet Russia, for $5, diesel engine GETS YOU!