Clusterheadaches.com Message Board (http://www.clusterheadaches.com/cgi-bin/yabb/YaBB.cgi)
New Message Board Archives >> 2003 Posts >> Laptop Weirdness - don't skip to end
(Message started by: Miklos on Aug 20th, 2003, 2:39pm)

Title: Laptop Weirdness - don't skip to end
Post by Miklos on Aug 20th, 2003, 2:39pm
I should have written this before. Thanks to one and all that responded. The laptop has been properly restored.

Backup? What is backup? I am not allowed to be on the office network so I had not taken the proper steps to secure my files. Under duress, the IT manager has agreed to give me space on one of her servers to make a disk image.

Although, with one exception (Michaels Stores), this is my customer tool, but it is never attached to any company's network. I can't imagine any network administer allowing a rogue laptop to be casually attached, and I would never ask to do. I only use the crossover cable to manage specific production printers.

Again, thanks for all your suggestions.



Title: Re: Laptop Wierdness
Post by TomM on Aug 20th, 2003, 2:46pm

on 08/20/03 at 14:39:29, Miklos wrote:
Anybody from one of the edge routers have any suggestions for something I might want to look for?

Seems to me you've done everything. My guess is they used it to play DVD's until the battery died. Most people do not know how to hook up an ethernet connection to gain access to the I-Net. I think you are ready to roll.
TomM
PS--Delete all Temp directories.

Title: Re: Laptop Wierdness
Post by BruceD on Aug 20th, 2003, 2:54pm
Man, that sounds too wierd to have it returned so quickly and it being found on the curb. If it were me I wouldn't trust it unless I was running a software firewall (like ZoneAlarm) or had a packet sniffer running on my network to make sure that it wasn't compromised. Most virus protection software will pick up the common things like Sub7 but there's always other ways for someone to make your life miserable if they've hacked it. (BTW system logs are way too easy to change if anyone really wants to)

Do you have a full system backup from before it was stolen? If it were me (& I had a backup) I'd be wiping the drive & restoring my "safe" system.  I may sound paranoid but dealing with hackers is a major pain & a drain of energy.

Take care
BruceD

Title: Re: Laptop Weirdness
Post by jminmilwaukee on Aug 20th, 2003, 2:58pm
I'd have to agree with bruce. I must assume that since your customer data is worth 5 times the laptop that you have a known good backup of recent vintage. If that is the case, a format and rebuild is the only way to go. The chance is slim that you have been hacked but you can never be too safe. There are a bucket loads of tools that could have been installed that you would never know about, unlsess you do know how to use a sniffer.

Dude, cut your losses and rebuild!!!!

Title: Re: Laptop Weirdness
Post by TomM on Aug 20th, 2003, 3:07pm
By any chance do you have an image of this server? If so wipe it clean and re-image.
Otherwise, as mentioned by Jim and Bruce, wipe it clean and start rebuilding.
TomM

Title: Re: Laptop Weirdness
Post by jonny on Aug 20th, 2003, 6:50pm
Ok, jonnys input

If the company owns it throw it away and make them buy you another one.

Hey!, im on the computer for six years and I still type with two fingers.....WTF do I know ;D

.....................................jonny :D

Title: Re: Laptop Weirdness
Post by fubar on Aug 20th, 2003, 7:05pm
Miklos,

You have a simple decision... the reality is that someone could have placed sniffing or keystroke capture software on your system and there is no way you'll find it.  Does it matter?  That's the real question.  If all they are going to see is kids surfing the net, then it doesn't matter.  If they would see you bidding on deals or they would have access to other sensitive data, you have to rebuild it to be sure.  Seems simple to me.  Remember, if it seems too goos to be true, it is.  You may have gotten it back precisely because someone wants to see what you are doing/seeing.

-Shawn

Title: Re: Laptop Weirdness
Post by Mark C on Aug 20th, 2003, 8:07pm
Yep....just because you are paranid does not mean they are not out to get you. Re-format & re-install.

Title: Re: Laptop Weirdness
Post by Patrick_A on Aug 21st, 2003, 4:01am
Look to see if there are any downloaded Rappers on it...lmao!
Sorry, all i got!

Patrick

Title: Re: Laptop Weirdness
Post by TomM on Aug 21st, 2003, 9:34am

on 08/20/03 at 18:50:50, jonny wrote:
If the company owns it throw it away and make them buy you another one.

Jonny: I do not think the issue is paying for it, moreover, the time invested in configuring the software. Setting up a server aint rocket science but it aint tiddly winks either. Especially when you have client specific software that you've spent countless weekend hours tweaking to make it work 'just so'.  This is where an image of the OS after the tweaking is done comes in handy.
This is my take/humble opinion, and I've been there.
TomM

Title: Re: Laptop Weirdness
Post by brad267 on Aug 21st, 2003, 1:50pm
I'd say...

Make a backup of it right now, as-is, ASAP.  Then continue to use it, like it never happened.  Odds are it was a unplanned "swipe" and they didn't do anything to it, except watch a DVD and run down the battery...

If something bad happens then you can restore from backup and immediately remove the bad programs, etc...

I find it unbelievably strange that you even got it back!  Guess there are honest people on the street.

-Brad

Title: Re: Laptop Weirdness - don't skip to end
Post by Miklos on Aug 26th, 2003, 9:38am
NT



Clusterheadaches.com Message Board » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.