aww sweetie bub just told me i was nominated for most unique layout contest at her site. *blush* ok so shameless plug: ! *meow* is my layout unique =P which layout are they talking about anywayz.. i got like a ton 🙂

OMG sunnyday just made me a new carebear button. i’m totally in love with it!

conversation
me: sunnyday, that one star is mean, is that your inner self LOL
sunnyday: gee dodo, i thought that was a perfect representation of YOU! xP
me: haha ok.. i’m mean *evil grin*

our computer lab has been HIT!

email from our ITC COORDINATOR

I thought I would provide some additional information on the goings on since Friday afternoon when we requested that all facilities be shut down because of virus issues.

On late Thursday afternoon, our network engineers noticed that a couple of ITC machines had been compromised and subsequentially these machines were taken off the network to prevent them from harming other stations. At the time these incidents seemed isolated in nature, and appeared to originate internally.

Friday morning around 9:00 am, we received a battery of questions from the Education and Library ITCs asking if we were “working on the server,” “pushing out fixes” or something else along those lines. As we try to be quite careful regarding these events, we were confident no ITS intervention was causing problems in the ITCs. The questions of whether or not we were working on the ITC infrastructure stemmed from events on ITC machines where users were receiving messages saying “This computer will reboot in 30 seconds.” After that time period the machine would shut down and restart, in some cases presenting a virus warning upon the subsequent reboot.

This problem corresponded with a nationally known exploit that Microsoft had just advised on some couple of days earlier. The reboot was being caused by a Denial of Services attack on individual machines in the ITCs who did not have a DCOM RPC patch installed to prevent such buffer overruns. The long and short of this was that someone or some script was deluging ITCs, and the campus network as a whole with DOS attacks and installing a virus along with the attack. Because of this exploit and subsequent attack, we shut the ITCs down at 11am, hoping to be online at 2pm. During this time we prepped a new image with some patches pointed at resolving the DCOM RPC vulnerability. At the same time our Networking team was busy implementing a boundary-level firewall block on the ports that this exploit would use to attack campus machines. Unfortunately our best case scenario fell through, and it wasn’t until 5pm that we opened Weeg as the first facility with both PCs and Macs available for use.

Friday evening and Saturday morning were spent pushing this new patched image out to ITC facilities that were to open today according to the master ITC schedule. On Sunday we began remotely installing patched images to non-critical facilities. As of today, Monday August 4th probably 75% of the ITC fleet has been reimaged. The remaining machines will receive a new image in the next couple of days as was scheduled to occur with the new fall image deployment.

We apologize for any inconvenience that Friday’s outage has caused you or your customers. We felt it was in the best interest of our student and staff users to prevent ITC access to minimize exposure to this threat. If you have any questions or comments about the ITC outage feel free to call me or Les at 5-5651 or 5-5479 and we’d be happy to discuss the matter further. If you feel that your personal non-ITC workstation was compromised, please call the helpdesk at 4-HELP for advice on remediation.

because of above. i’m working at a newer lab today. these computers have P4 866mgh optical mice and flat screen monitors (altho only 15″) still cool 🙂

hmm scam?!