[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Logfile worries

Anne Wilson wrote:
On Monday 18 September 2006 17:59, Jeff Vian wrote:

On Mon, 2006-09-18 at 09:49 +0100, Anne Wilson wrote:

I have logwatch mailing me daily about activity.  This morning the report
from this box has the following lines in the samba section:

Yes. This is XP. Running as a non-administrator is so crippled as to be useless, and realistically no windows-user is going to learn that there is something equivalent to su - in fact I had not heard of it until this morning, either.

Yesterday, I was working on her laptop. I know I gave the correct username and password, but it was rejected. Doubting for a moment, I tried another password she uses but that also failed, twice, before the original password was accepted. The other thing I noticed was that when I tried the correct password it was simply rejected, whereas when I tried the alternative one the screen blinked before offering the login dialogue (with fields filled in) again.

This user is a cautious user, who wouldn't dream of using peer-to-peer or visiting dodgy websites. She keeps her AV software up to date and scans daily.

I can think of no way in which that laptop is configured differently to other windows boxes on the LAN. Do you have anything specific in mind when you talk about 'properly configured'?


I know that this may seem obvious but are they using IE with Active-X enabled?

There is a an unpatched hole that is being exploited.


You only mention anti-virus.  What about adware/spyware scans?

What about a scan with a different anti-virus software package?

All it takes is one visit to one site that has a bad link. It has happened that a good site will have a bad advertising link that will infect the machine making it a bad site.

I have had to use an XP machine that was supposed to be up to date and the number of spyware/adware applications took me by surprise. My first day was just cleaning the computer.

Good luck. As Microsoft's has suggested, re-installing is sometimes the only sure fix.

Robin Laing

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]