Training/devastation

[petarggh]

I work for the Residential Network at a University. We are hiring a large group (well, about 30) new employees to help with move in in the fall. Part of our training this year will be to have messed up computers (with common ailments) for our trainees to help fix. This will provide them with hands on experience in what we see most in student owned computers (as a large part of our assignment is fixing student computers).

My question is this-- We plan on making one or 2 disk images of typically messed up computers for the group and I'm trying to decide what to do to them.

I've got lots of basic IP related things, but I can't decide how to simulate our most common threat: VUNDO.

Is there a way to download this virus or a simulation like it? (admins--if this is too off kilter i won't be offended if you delete this )

OR if this isn't possible without going all over the internet to seedy sites-- what else should I do to these computers to give an accurate portrayal of a messed up (infected, slow, wacked windows) student computer.

Thanks for any input.

[simple_inhibition]

do lots of installations, and un-installations for different types of software and put aol on there 19 times. massive amounts of digital photos and music.

in real life, you probably would see lots of torrenting related stuff (actual downloading software and downloaded torrent files) on a system like that. its up to you to decide if your comfortable doing that (as its pretty illegal from my understanding)

[screwballl]

Setup a free hotmail/live or yahoo account and get yourself on spammer's lists... within a week or two they will start sending you viruses.

Having a computer with say Windows 2000 or XP (with NO service packs) are 2 easy ways to open it up...

Downloading random crap (not actual illegal stuff but the ones that are obviously viruses) from Kazaa or any filesharing type program is an easy way to get infected, especially those 66KB files for the latest movie...

Make sure there is no anti-virus or security software (except maybe Comodo free firewall to partially prevent it from getting out to the network).

Also one MAJOR thing to remember... make sure that these computers are not on the same network with good and clean computers, many viruses spread to other computers on the network.

[petarggh]

Quote:

Originally Posted by screwballl

Setup a free hotmail/live or yahoo account and get yourself on spammer's lists... within a week or two they will start sending you viruses.

Having a computer with say Windows 2000 or XP (with NO service packs) are 2 easy ways to open it up...

Downloading random crap (not actual illegal stuff but the ones that are obviously viruses) from Kazaa or any filesharing type program is an easy way to get infected, especially those 66KB files for the latest movie...

Make sure there is no anti-virus or security software (except maybe Comodo free firewall to partially prevent it from getting out to the network).

Also one MAJOR thing to remember... make sure that these computers are not on the same network with good and clean computers, many viruses spread to other computers on the network.

heheh- don't worry.. i'm not so **** as i sound. The training computers with viruses will be disconnected from the network, while the computers with connectivity issues will be not infected.

I like the idea of pummeling it with "legit" software such as AOL etc and i think i'll see how that goes. I'm just trying to decide how to simulate a manual virus removal (if antivirus fails etc)--i think i'll just make bogus .exe files in system32.

I also made a sheduled shutdown (at boot ) :P

that gives them 7 minutes to abort shutdown/solve issues before reboot.

(more for the hiliariousness of it than trainins [/evil] )

[screwballl]

I just wanted to make sure I covered the bases, no insult intended.

Pummeling it with all kinds of extra software is good for extra junk... may also help to find a freshly formatted and installed OEM with all the OEM "junk" they include... removing one or two key files to make the trial Norton/Mcafee not work...

Increase the system restore storage space (to something like 30GB) and add a whole bunch of unneeded restore points... like after you install each and every program

[petarggh]

:D no worries. I like the system restore idea.

i've got about 8 toolbars on internet explorer and i'm gonna damage firefox. Have a TON of startup programs to try to mimic the customer Crawl we're so familiar with. Just trying to figure out how to safely simulate a spyware infection :S

I'm tempted to get a friend to whip up a pseudovirus just to set the antivirus off. hmmmmm

[Reloadron]

If you really want to mess with viruses this is a good start point:

62NDS.COM - virus code

The virus codes are presented in plain text. Now if you take a Virus like the ILoveYou and copy and paste the text into notepad and save as a .vbs file you just may have a real live virus. You are strictly on your own! My little disclaimer is if you screw with some of these codes bad things can happen. Don't blame me. The VBS are the easiest to mess with lacking a compiler or the software the others were created in. This is presented for information only.

Ron

[drew and not u]

just download stuff from seriall.com
Almost all of the downloads are virus's. Just throw a few of them on there and you won't be simulating a virus attack, you'll have a real one!

[Zambini]

Hehe, is that what I would be doing if I applied Peter?

:P

Maybe I'll do that next year.


Just use IE5 or something and go to all sorts of porn/warez sites.

Also, Kazaa/Limewire would hit the spot in <3 minutes.

[petarggh]

heheh,--- maybe i should clarify a bit. The way the network is configured, if i were to really infect the computer it would be kicked off the network with some sort of infected flag. This would totally undermine the main point of the exercise: dealing with a customer's 'baggage' to achieve the goal of functional internet connectivity.

SOOooo.. for most of the computer i'll be doing basic annoyances and overloading things, but nothing to get it banned.

BUT--we will have one or two unprotected computers which won't touch the network that we'll infect highly and annihilate the registry of-- but more for fun than training purposes.

my main question has been adressed pretty well so far though, and thank you :D


i added animated .gif images as the background and put an obscene amount of startup software on it. It also has a completely full hard drive (epic hidden files :p) and restarts afer 5 mins if not in safe mode.

(sounds like a normal day at work, ya?)

PS the machines i'm 'pwning' are P4 2.6ghz 512mb ram machines