Nachi Virus

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Just got in from work. What a day (11 hours!!)

First we knew about it was when the mail server crashed. Then our firewall crashed due to the amount of traffic trying to get through. One of the IT technitions suddenly got this virus and then the whole network started to fall down. Quick someone pull the plug.

The network manager pulled the connections on all of the subnets and left just one on line. Fortunatly the servers were OK. Cleaned a machine and within 5 mins. it had got invected again. So, all of the machines on that particular subnet had to be removed from the network, disinfected and have the relivant M$ patch installed.

Now the pc's in the rest of the school (about 300) have to have the same done so that we can re-start the network and mail server.

Moral of the story, ensure your anti-virus is up to date (it was as it happens - Sophos), keep up with the M$ patches and make sure that all of your machines are running the same service patch.

Gotta go in Tomorrow to finish off (bummer ). Can't wait till Monday when the school reopens and all of the teachers and kids bring in their laptops and connect to the network. Virus chasing all over again (do you think it could become a new Olympic Sport).

Antone know how to set up a RADIUS server so that we can keep a track of pc's attaching to the network via MAC addresses or any other way of doing this.

Time for a beer and a sit down.

TTFN

 

Cheers Jak,

Forgot it was in there. I'll check that out in the morning. Just to take this perhaps one step further can this be done in, dare I say it, Linnux??

Andrew

 

Well our whole IT team was in today to try and get as many PC's ready for the kids on Monday. Done most of them but still most of the computer rooms left (Doors locked, network cables removed until we've cleaned them).

Told the senior Tech that after this, shall we inventory the machines and make sure that they all have the current service patch and fixes on them so that this whole thing doesn't start again.

Still Monday will be fun???

TTFN

Andrew

 

I'll let you all know how it goes.

If anyone know how to stop unauthorised machines onto the network then please let me know. This is now beyond a joke

TTFN

Andrew

 

Well we've finally got rid of the little bugger. Tomorrow will be spent cleaning and patching the pupils laptops (O what fun).

Has anyone got any experiance of M$ SMS server? What it does and how it works? My network Manager is getting quotes and examples of this type of application.

Well as always the trial goes on

Andrew