+ Post New Thread
Results 1 to 3 of 3
MIS Systems Thread, Connect Directly to SIMS Server in Technical; OK, here is the story. Conficker is running rampant accross the network in a tidal wave of frustration and two ...
  1. #1
    CAM
    CAM is offline

    CAM's Avatar
    Join Date
    Mar 2008
    Location
    Reigate Area, Surrey
    Posts
    4,416
    Thank Post
    882
    Thanked 416 Times in 316 Posts
    Blog Entries
    61
    Rep Power
    328

    Connect Directly to SIMS Server

    OK, here is the story. Conficker is running rampant accross the network in a tidal wave of frustration and two systems it hasn't yet touched are my laptop and our SIMS server. After an entire day of Reason Code 0's Capita have informed us that our ISA Server (which controls Sophos, Printers and acts as out Internet Gateway) may be infected and blocking the ports required for SIMS to use.

    How can I remove the ISA Server from the equation and connect directly to the server with my laptop to see if SIMS will log me in? I have tried setting the servername variable to the server's IP address in connect.ini but that hasn't worked.

    My laptop firewalled and in a workgroup of it's own and connects to SIMS and shares using my domain admin password (but doesn't let machines connect back to the laptop using the same password, hence avoiding infection so far. Same with the SIMS server).

  2. #2
    Butuz's Avatar
    Join Date
    Feb 2007
    Location
    Wales, UK
    Posts
    1,579
    Thank Post
    211
    Thanked 220 Times in 176 Posts
    Rep Power
    63
    Right - you need to sort out the root cause first: Conficker. Confricker infection is purely down to workstations and servers not being patched correctly via windows update.

    Conficker will automatically affect any PC or Server that does not have Microsoft KB958644 patch installed. Any PC that has conficker will automatically broadcast the virus out to any other PC that is not patched.

    How to identify which PC/Servers have conficker:
    Download Nmap Comand Line version and run a scan on your domain controller. This will identify any PC's that are definatly affected.

    How to remove conficker from your network in 4 Easy Steps:

    1) Install KB958644 on every server and PC.
    Install it on all your servers first.
    Best way on PC's in a large network would be to run it "quietly" via start up script.
    Restart all your PC's
    NB. This stops the PC from being re-infected with conficker - it does NOT actually remove conficker itself.
    Now they are all protected from being infected by conficker (though they still may actually have it and be able to spread it)

    2) Run Microsoft Malitious Software Removal tool (kb890830)
    Run this on your servers first.
    Best way on a large network would be run it "quietly" via start up script.
    This actually detects and removes Conficker (any many others) and is a super bit of software.
    Restart all your PC's.
    Now as long as they are also patched with KB958644 they will be immune to conficker.

    3) Run Nmap again and hopefully you should now find that no computers are flagged as being definatly affected. They will however be flagged as being possibly affected, this is because they have already been affected in the past even though they are clean now. No way to get round this without a format c:

    4) Enable windows updates on all server and PC's so you dont have this situation again!!!

    Hope this helps!

    Butuz

  3. Thanks to Butuz from:

    CAM (19th November 2009)

  4. #3
    CAM
    CAM is offline

    CAM's Avatar
    Join Date
    Mar 2008
    Location
    Reigate Area, Surrey
    Posts
    4,416
    Thank Post
    882
    Thanked 416 Times in 316 Posts
    Blog Entries
    61
    Rep Power
    328
    Windows Update is on, one potentially infected machine was updated recently. I think one bad apple has spread the virus about with domain names.

    I'll pass that info on to our tech team immediately, thanks.

    Any way to rule out the ISA Server blocking it meanwhile?



SHARE:
+ Post New Thread

Similar Threads

  1. Connect to server
    By techie08 in forum Mac
    Replies: 1
    Last Post: 1st October 2009, 11:23 AM
  2. Replies: 1
    Last Post: 17th April 2008, 05:44 PM
  3. Migrated sims server but workstations can't connect
    By philjones2000 in forum MIS Systems
    Replies: 19
    Last Post: 18th June 2007, 03:32 PM
  4. SIMS Connect.ini default location
    By PHolland in forum MIS Systems
    Replies: 8
    Last Post: 16th May 2007, 05:31 PM
  5. ASP connect to SIMS database
    By ryan_powell in forum MIS Systems
    Replies: 1
    Last Post: 26th October 2006, 07:31 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •