OK, I’m ready to form a posse and hunt down, string up, then draw and quarter all would-be hackers and virus creators. We suffered from two separate attacks this week that nearly brought our operations to a standstill.
First, there was the hacking. I don’t know if it was a mistake or intentional. If intentional, I don’t know if it was automated, or if someone was manually trying to compromise our system. Regardless, the upshot was that we were without Internet access for large portions of the week.
Our first indication that something was amiss was that the ports on our router seemed to be cycling off and on. Turns out it wasn’t the router but our firewall that was getting hammered. We finally found the problem Thursday morning. It seems that a large portion of our DNS traffic was being routed to some place on the "blackhole.com" server. Whatever that server is, it didn’t know how to handle our traffic, so it returned an error message. This basically set up an infinite loop, so it was killing our bandwidth. I’m hoping the problem is now fixed. At least, my bandwidth usage looks better than it has in ages.
Then we come to the virus. One entire VLAN at our high school got hit very hard. Any time a computer was booted up on the network, it was instantly affected – no suspicious e-mails nor files had to be opened. It just happened. The virus is so new that there was no record of it, and our anti-virus software couldn’t clean it. We did find how it was exploiting the system, so we were able to correct the problem in a slow, tedious one-on-one manner.
During this incident, it was amazing to me how teachers flatly refused to follow instructions. We had told them not to turn on their computers. They did it anyone. We unplugged cables and they plugged them back in. We eventually had to unplug the drops right in the communications closets. One or two got very upset that they were going to lose data on their hard drives (even though our guidelines state that they should save to the network instead of the local drive.) Part of my is glad that they are so gung-ho about using the computers, but the better part of me wishes that they would just listen.
Patching Windows XP to sp2 seems to have fixed the problem. I’m just keeping my fingers crossed that it doesn’t happen again.