Sections
ITS Home Button
Students Button
Faculty & Staff Button
Help & FAQ button
Merlin Button
Webmail Button
Online Course Resources Button
Policies & Procedures Button
NCC Homepage Button
About ITS Button
Comments Button

Google

 

  

Friday, June 05, 2009 : :

ITS UPDATE: One Small Computer, One Large Problem

One Small Computer, One Large Problem
There are 950 PC stories every day in ITS land. Today, one small computer caused one major problem.  The network went ballistic for a little over two hours.  CPU usage on the catalyst (network traffic cop) was near 100% capacity----and screaming loudly don't make me do any more, I'm exhausted.
 
The ITS forensic team was called into action.  Was the problem caused by external or internal sources?  Time counting down, ITS staff tense.  Walla, a break through! The problem was internal.  Now what?  Where? How? We knew the when.  Slowly eliminating every server, then every building from the possible cause of the problem.  Time ticking away, people tense.  The source of the problem was the vaunted Carnegie Building.  Again, what, where, how?
 
The team was now running on emotional adrenalin.  Every set of offices and labs were now going to be inspected.  No, it did not come from an office---ITS staff breathe a sigh or relief.  ITS staff and CSC faculty PCs cleared of any suspicion.  Okay so which lab?  210---eliminated.  200 eliminated. 211 eliminated.  111---the graphics lab now appeared to be the source of the problem.
 
Now which PC or PCs?  One by one they were eliminated until there was one left and it was the bad guy.  We swooped down and saw that the PC was locked down and that a student last logged on at 2 am last night.  The PC was immediately quarantined.
 
How could one little ole computer cause this major problem?  We are still investigating but here are the facts as we know them now--and just the facts.  Malware, software designed to infiltrate or damage a computer system without permission, was running on the computer.  Probably brought in by a student on their flash drive.  The malware was using keylogging and trying to connect to Russian owned Web sites. Thousands of attempts per second.  We need to take the network down and further examine what that PC and its keylogger was doing, but we are not going to do that now.  That story is for another day.  We will prevail! We will find out how! Hopefully can prevent it from happening in the future.
 
 
 
 
 
ITS Home | Students | Faculty & Staff | Help & FAQ's | Merlin | Webmail | Course Resources | Policies & Standards| About ITS | NCC Homepage | Contact Us

Comments about this Web site should be sent to: kawilder@noctrl.edu
This file was last updated: Friday, 26-Jun-2009 11:40:06 CDT