That's a terrific lever having the fixes and the alternatives available. You're right about the number of boxes that are not updated. How do you get the updates without having to install them? I'm tired of spending days on a dialup connection just to do updates. It makes me cranky. The thumbdrive thing also worx for AOL customers that have to reload and don't have a CD.
Frank
----- Original Message -----
From: "JD Austin" <
jd@twingeckos.com>
To: <
plug-discuss@lists.plug.phoenix.az.us>
Sent: Tuesday, May 11, 2004 11:27 AM
Subject: Re: restore
> Quoting fhdavenport <fhdavenport@cox.net>:
>
> > Hi,
> >
> > I had a similar experience with the sasser worm and a friend's machine
> > running Windows XP. I went to the Symantec site and pulled the sasser fix in
> > an executable file. This costs nothing and is a fairly quick download 'cause
> > the files are small. You just have to have the bad guy identified as the
> > files are specific to the virus/worm. Then before you run the fix, turn off
> > the Restore feature. That got it.
> >
> > If the folks in trouble cannot access the web, I pull the fix and put it on a
> > thumbdrive or a floppy, (if they have no USB).
> >
> > Frank
> >
>
> That's what I've been doing for our clients.
> Our web hosting clients call us with virus/worm problems and as a courtesy I
> started adding windows updates to our 'client CD'. They just have them pick up
> a new one. I have standard directions typed up to give them for how to use
> 'shutdown -a' to prevent their machine from rebooting/etc. I also include
> mozilla and a bunch of other open source tools on the cd and gently *nudge*
> them to use them. Nothing like a virus hit to convince someone to run mozilla
> as their default browser/email client ;)
>
> Having a CD with windows updates on them also makes loading new machines easier
> since I don't have that 24 hour downloading session for windows updates.
>
> It's amazing how many people DON'T do normal windows maintenance. When I went
> to a client's business last week they hadn't defragged in 455 days and hadn't
> ran scandisk in 90 days. Though other than keeping up with updates on Linux
> you don't have to do either of those things :)
>
> People that say windows is easier than linux have never had to talk a
> grandmother through fixing her mouse problems without using a mouse. There are
> keyboard shortcuts (tab, ctrl-esc, shift F10, etc) but getting that across over
> the phone is frustrating.
>
> "Hit ctrl-esc, arrow down to My Computer, shift-f10,
> select properties, use the tab key to select the tabs at the top,
> use the arrow keys to select hardware, tab down to device manager, press enter.
> Use the arrow keys to get down to Mice and other pointing devices,
> hit the right arrow to expand the menu, down arrow to your mouse.
> Tab until you've select the tabs at the top.
> Arrow over to the driver tab. Tab down to Uninstall and press
> enter, tab to select enter on the windows that popped up...."
>
> After 15 minutes to explain control - escape, 5 minutes to explain that I mean
> the tab key and not the letters t-a-b, I have only one thing to say: AAARGGGH!
> The costs to administer windows in large organizations must be huge.
> Give me a *nix box with SSH any day.
>
> JD
>
> > ----- Original Message -----
> > From: "Jeremy C. Reed" <reed@reedmedia.net>
> > To: <plug-discuss@lists.plug.phoenix.az.us>
> > Sent: Monday, May 10, 2004 5:54 PM
> > Subject: Re: restore
> >
> >
> > > On Mon, 10 May 2004, Craig White wrote:
> > >
> > > > I don't recall seeing anything like that in the distro's that I've
> > > > worked with. This is mostly unnecessary since the the two reasons for
> > > > this feature are to overcome virus damage or installation damage where
> > > > an older dll overwrites a newer dll. Even Windows has implemented a
> > > > method to keep the overwrites from occurring now.
> > >
> > > I rarely touch Windows, but in-laws (who used NetBSD and then Linux for a
> > > year before buying a new computer) needed my help.
> > >
> > > They had the sasser worm. I followed the instructions (so I thought) at
> > > the Microsoft.org website. I did a Windows Update and chose yes to update.
> > > Then it suggested I needed to restart the system.
> > >
> > > So I did.
> > >
> > > The system failed to come back up and was missing a DLL. My mouse moved on
> > > a blank screen but nothing else was shown. Booting to safe mode didn't
> > > help. Then my Windows friend suggested that I boot using "last known
> > > configuration" and it worked.
> > >
> > > I still had the sasser. Many processes starting faster than I could stop
> > > them. Anyways, I manually removed the binaries, removed some registry
> > > startups with regedit, and turned on the Xp firewall. All is well now, I
> > > guess.
> > >
> > > For Linux, this couold probably be easily done a couple ways:
> > >
> > > - backup all configs in a tarball (that is dated)
> > >
> > > - backup all system commands and libraries
> > > or alternatively:
> > > - have a list of installed packages with exact version numbers and
> > > packages readily available
> > >
> > > Then to recover to last known configuration have a script that backups
> > > broken configuration and overwrites with new.
> > >
> > > > I suppose that if you had a corrupted 'package' on Linux, you could do
> > > > something like 'apt-get -f install package' to put the original binaries
> > > > back in place.
> > >
> > > dpkg can output a list of packages installed and can use same list to
> > > install. (But --get-selections doesn't seem to have package versions.)
> > >
> > >
> > > Jeremy C. Reed
> > >
> > > BSD News, BSD tutorials, BSD links
> > > http://www.bsdnewsletter.com/
> > >
> > > ---------------------------------------------------
> > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change you mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change you mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
>
> --
> JD Austin
> Twin Geckos Technology Services LLC
> email: jd@twingeckos.com
> http://www.twingeckos.com
> phone/fax: 480.344.2640
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)