Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Tip

A story of Infected Network user.. phuff..

Oct 25, 2014 10:23PM PDT

So,

While joining at a new job in a company's IT department, and after your joining, you realize that all that you see is a messed up network. below are the points I instantly saw after loging into a computer provided to me by an existing IT administrator:

1- I login in with a local account, which means THE FOLLOWING:
1.1- No DC server
1.2- No AD server
1.3- No Storage server
2- the guy starts to setup my email on outlook client and uses Imap and pop3 options:
2.1- No Exchange server(becomes obvious after 1.1)
2.2- No local web-server
2.3- No Email filtration
2.4- Wondered myself, "There should have been something wrong in the network by now.
3- Then instantly internet connection goes out:
3.1- I am like wow, they dont even have proper number of routers.
3.2- plus they are not configured as required.
3.3- They shud have been using Switches and firewall switches for giving people a stable network connection
3.4- Or else they need to buy routers/extenders in order to fill the gaps Or configure the existing once to broadcast signals up to long area like at least 20-25 meters(which is not recommended, it should always be like 15-20 meters max)
3.5- Or they can put a firewall switch linked with the gateway router, then place switches in the far away grouped areas, and connect every one with cables, since its a small HeadQuarter of a Holding company with only 25 users.(errrrr, whats the big deal!!!)

Above points are enough to frustrate any reader who might have never fallen into a situation like this.

I gave them network diagrams, ideas, ways, got all approved, then a SURPRISE:

"Your email service has been blocked by your ISP"

FML...

Called ISP..They replied:

"Your network is infected, we are receiving 2000+ spam emails from you ip for 3 months" my reaction(whom should i shout at, for this?)

Then I started looking for a place to help me cleaning all the viruses, botnets, spywares, adwares, and malwares from all users on the network, while the best thing to do is to format all of them and do a fresh start but i want to give this thing a try so I am taking this step.

And below is the link to a very pious technically helping web guide which actually made all my problems go away at no objection. now i am just looking for a Mac anti threat toolkit, hopefully i will find it someday or else will have to format the Mac.
<span id="INSERTION_MARKER">http://cbl.abuseat.org/advanced.html#tcpview

Thanks for reading,
Waqas Ajaz

Discussion is locked

- Collapse -
May be that's why they employed you
Oct 25, 2014 10:31PM PDT

to sort out the mess.

BTW, why the link? What purpose does it serve in relation to your story?

Mark

- Collapse -
A helping hand
Oct 26, 2014 3:20PM PDT

The link was a helping hand to the last problem I mentioned for emails not able to send/receive, and our public IP being blocked for outbound traffic from our ISP.

I was looking for some bot cleaners, spyware cleaners, scanners over the network for any trojans travelling around, sniffers which i could track the whole network and notify me when ever any IP tries to send a spam and get us blocked from the ISP.

Hope that is understood! if not let me know.

Thanks,
Waqas

- Collapse -
The thing is
Oct 26, 2014 3:50PM PDT

That remote or over the network would take planning so that you deploy the machines ready for such remote actions. Many smaller companies as well as the BYOD machines are not setup to do all that. Don't get upset but asking about this is fine but shows a lack of advance planning. That is, I bump into IT staff that thought Windows would allow such remote work as a default.

No.

Bob