Michael Anderberg, IT Pro Evangelist, Microsoft AB

Michael jobbar som IT Pro Evangelist på Microsoft i Sverige och fokuserar framförallt på Windows Plattformen och Säkerhet. Han är också en eftersökt talare både nationellt och internationellt inom dessa ämnen.

Blogs

A highly contaminated network :)

  • Comments 4
  • Likes

As a follow-up on my Guinness World record post yesterday, I can tell you about another maybe not so cool record although non-official but awesome nonetheless...

At that same LAN-Party (Dreamhack) we had another revered partner in our booth and that was Trend Micro. Given any size network, there's bound to be malware in it unfortunately, in an environment like this there was for a fact - and man, AM I GLAD that I was running Service Pack 2 on my Windows XP because let me give you some mind-boggling facts! :)

So, to reiterate a little, for those of you that didn't read my Record-blog;

About 6000 machines connected to the network...
of these 1100 were infected...
no less than 400 000 different species of your least favorite malware were identified!

And before you ask, NO! - They were not all running Windows! :) And everyone who was running Windows XP SP1 or later with A/V software on it and firewall turned on, stayed safe and non-infected! So how did we come up with these figures? Well as I've already mentioned Trend Micro was there with us and they had connected a Network Virus Wall 2500 (NVW2500) to one of the core center switches. This machine can actually isolate and automatically clean infected machines as well. However since people were afraid that they'd get lag in their gaming, we were not allowed to run it in that mode - so, hence we just monitored. These facts were accumulated in about 36 hours!

Memorable quote from Marco Righetti, Trend Micro -"They won't run anti-virus 'cause they're afraid of loosing performance - what do they think x number of spy-wares and viruses will do?"

So, what's the lesson here? Well, first of all never for once, if you work with security-related issues, think that people care about or even understand what it is you are trying to tell them, some do but the majority don’t! Even these guys, hardcore gamers, and in the seriously the most positive meaning of the word - nerds, don't even know about or care about patching their systems - what are the odds that the average Joe-blow will? Hence all of Microsoft's work with Windows update and such - to help people stay safe!

In fact, we kept getting the comments from people that we talked to that they couldn't run firewalls or anti-virus on their machines as they were afraid that that would lower their gaming performance with an FPS or two. Yet, most of the people we approached didn't know they were infected and were quite devastated to find out. In many cases my personal belief is that they usually have their machines hooked up at home, behind "daddy's" firewall or that they have an ADSL-modem with built-in firewalls, although state-full inspection only they are known to occasionally actually stop malicious code... not the way an Microsoft ISA 2004 Server would do it of course, since that one is a layer 7 application layer firewall, but still better than nothing! When they then disconnect their machine and bring it to a place like this - they're unfortunately in trouble!

It will be really interesting to see how many that has gotten XP SP2 installed coming this November, and I hope that we’ll be able to measure the difference then!

Take care/Mike

 

Comments

  • I've heard of many ways to try and set a world record and well I shouldn’t' be surprised that technology...


  • I've heard of many ways to try and set a world record and well I shouldn’t' be surprised that technology...


  • I've heard of many ways to try and set a world record and well I shouldn’t' be surprised that technology...

  • Hey guys - wazzup? I am writing this one in English, as I know that there is an international crowd reading

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment