Welcome to the Colorado AR-15 Shooters Club Discussion Forums.
Yep, rumors are that we will need to go back to the pre-SAP “Green Sheets” for a little while,Originally Posted by Eric P
Wonder how February’s payroll is going to be handled ? And the OT that is due this month... And of course the OT that I have racked up this month..... And the fiasco of the bi-monthly pay implimtation that is coming soon.
Last edited by SideShow Bob; 02-24-2018 at 11:35.
My T.P. wheeling and dealing feedback is here.
Opinions are like assholes, everybody has one, and it stinks more than mine.
Yo Homie, That my chainsaw ?
Pati, improbe et vince
They are wiping infected computers now. But still have just started at HQ. I'm guessing at least a month before all is fixed.
Wow. A month? They could really use some automation.
Were the users given least privileged accounts or was everyone a local Admin? Hopefully there weren't any users connected to a network file share with permissions to modify the files.
Liberals never met a slippery slope they didn't grease.
-Me
I wish technology solved people issues. It seems to just reveal them.
-Also Me
CDOT has 2000+ employee computers?
Not sure exactly what you are asking. But we can not install software without IT connecting to and installing it. Exception is advertised software on the servers.
The virus was pushed to user pcs from the server. Not all systems were affected.
I'm guessing on the time based on how many pcs need cleaning and how long it took to roll out the new pcs.
And yes there are over 2000 computers at CDOT. I think it's approximately 3600 employees.
Last edited by Eric P; 02-24-2018 at 14:00.
This does tell an interesting story about a agency whose job is to maintain roads (not something like administer benefits). Unless the roads are maintained by computer, then it makes sense. But I think we're a few years off from that.
What AV was CDOT using?
Always eat the vegans first
I'm part of the security team responding to this incident; not really good for those involved to talk about it while the incident is still in process. I haven't seen anything sensitive posted so far, but thought I would just post a friendly warning.
I predict future happiness for Americans if they can prevent the government from wasting the labors of the people under the pretense of taking care of them.
Thomas Jefferson
Feedback
Understood.
When this is over, if someone can tell me what AV to avoid, I'd appreciate it.
Always eat the vegans first
It's in the link above. They are running McAfee. CDOT provided a sample to McAfee and the crypto malware was found to be a new variant which McAfee provided a new DAT to catch.
You can get hit no matter the AV solution. I've managed McAfee in an environment of over 16k systems and it's a good product, but it's only as good as the person managing all of the variables to best suit the environment.
If you're allowing autorun on drives, which includes mapped network drives, it only takes one system to drop an autorun file on the network share to infect all systems using that network share. Ran into that when McAfee kept cleaning an autorun file accessed over the network when Trend AV wasn't catching the infected file on the file server.
Sent from my SM-T700 using Tapatalk
Last edited by Gman; 02-24-2018 at 14:59.
Liberals never met a slippery slope they didn't grease.
-Me
I wish technology solved people issues. It seems to just reveal them.
-Also Me
FASTER!
jk
Lessons cost money. Good ones cost lots. -Tony Beets
Posting Permissions
Reply With Quote