Re: Can you really 100% clean a compromised machine 100% of the ti
From: Kerry Brown (kerry_at_kdbNOSPAMsys-tems.c*a*m)
Date: 11/20/05
- Next message: stevenestrada: "Re: Shut off auto reconnect network drive"
- Previous message: Shenan Stanley: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- In reply to: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Next in thread: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Reply: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 19 Nov 2005 17:12:27 -0800
"-Draino-" <Draino@discussions.microsoft.com> wrote in message
news:E98110E0-352D-422B-B96F-90B9F76D7E39@microsoft.com...
> First of all everone here had to understand the issue here......"TIME vs.
> MONEY"
>
> A brand new machine will only cost $350.00 dollars from DELL.
>
> So with that in mind you MUST come in at no more than $150.00 or most
> people
> won't spend the money or they will just get a new machine, at least that's
> their logic.
>
> Assymilating a machine into my network takes 2 minutes. A copy backup of
> the
> MY DOCUMENTS folder take about 5 minutes at most.
>
> A machine designed for XP will install in 39 minutes (XPSP2 intergrated
> with
> all updates). So now we are at about 44 minutes. I install Norton 2005 on
> all
> XP machines, Microsoft Anit Spyware Beta, Ad-Aware and Spybot Search &
> Destroy. So add 30 minutes for that and that's my 1½.
>
> I don't install and/or configure any Office programs or configure any
> e-mail
> programs......they did it once they can do it again.
>
> I will install a print driver for them. At least that way they can print
> when they hook up their computer.
>
> 95% of all clients don't have anything they want saved anyway..
>
> OK so real world about 2 hours MAX. Nothing ever goes as planned :)
>
> -D-
It may work for you but most of my clients want for more than My Documents
backed up. If they have teenagers you have to find all the mp3's which could
be anywhere. Every p2p program seems to store them in a different place.
Some camera software doesn't store photos in My Documents. I'd hate to
explain where their wedding photos went. What if there is more than one
user? Most of my cients have their kids set up as separate users. What about
email? You have to figure out what email client they use and transfer
accounts and email for each user. The Files and Settings Transfer Wizard is
a big help but you still have to double check the rest of the drive(s) for
data as well. The backup and restore is what takes the time to do properly
and what creates a loyal customer. I do agree if you charge too much they
will go elsewhere. As for them buying a Dell I say have at it. I make more
money from them when they get the Dell and then can't figure out how to
transfer all their data. All I have to do then is the backup and restore and
I get to charge the same two hours :-)
Kerry
>
> "Kerry Brown" wrote:
>
>>
>> "-Draino-" <Draino@discussions.microsoft.com> wrote in message
>> news:3C7D58E5-33F9-46FA-95B7-22DC8F42B33C@microsoft.com...
>> > Ok here's the deal. I think the only way to "Certify 100% Clean" is to
>> > format
>> > and re-install the OS...........period.
>> >
>> > The bottom line is I can save all of the customers data, do a fomat,
>> > re-install with all the updates and install anti-virus software in
>> > about
>> > 1½
>> > hours. Plus setup file sharing, networking, and make many tweaks. Why
>> > even
>> > mess around trying to clean when most of the time it is just not going
>> > to
>> > work.
>> >
>> > I get $130.00 for each machine, flat rate. I usually do about 10
>> > machines
>> > a
>> > month, so it makes for some nice pocket money.
>> >
>> > When the customer ruins their machine again I do it all over again and
>> > charge the same money.
>> >
>>
>> You must move at light speed, have a very fast Internet connection, some
>> way
>> of temporarily overclocking the customer's pc, and spend a lot of time
>> maintaining a very large collection of drivers and slipstreamed Windows
>> CD's. On a normal XP machine say a P4 2.0 GHz, 512 MB ram, PATA hard
>> drive,
>> ATI or Nvdia graphics it takes at least 1 1/2 hours just to install
>> Windows, install the latest drivers, download Windows updates and install
>> an
>> antivirus. Add anything unusual or a lesser machine (say a Celeron or
>> Duron
>> with 256 MB) in the mix and it will take longer. This doesn't include
>> backing up then restoring their data. A typical customer has at least 5
>> to
>> 10 GB of data they want saved. To be safe you should actually take an
>> image
>> of their current system which is likely to be greater than 20 GB. If the
>> pc
>> doesn't have USB 2.0 or firewire the backup process will be slow. You
>> would
>> have to backup via LAN, USB 1.1 or open the case and install another
>> drive.
>> If they have Office or any other significant apps to reinstall it will
>> take
>> longer again. I charge two hours to do what you claim to do in 1 1/2. It
>> usually takes around three to do it properly but two is the going rate.
>> The
>> saving grace is a lot of time while Windows is installing can be spent
>> working on another machine. I'm not saying it can't be done in 1 1/2
>> hours.
>> I have done it on fairly simple configurations.I am saying it usually
>> takes
>> around double that to do the job properly. Some comments from others
>> would
>> be good. Maybe I'm being too picky and/or doing more work than normal.
>>
>> Kerry
>>
>> > "Leythos" wrote:
>> >
>> >> Most of us the worked on computers for a living have run across many
>> >> compromised computers with many different types of malware.
>> >>
>> >> As people post with compromised machines we direct them to all of the
>> >> tools that we know about in an effort to help them regain use of their
>> >> machines in a malware free mode, or at least enough access to backup
>> >> their documents and files to restore later.
>> >>
>> >> What is really at question is the ability of the current tools we have
>> >> to clean 100% of the malware 100% of the time in the current and
>> >> future
>> >> environment for a givem machine at a given instant.
>> >>
>> >> This thread is not personal, about anyone's skills, about any
>> >> individual, it's only about cleaning malware off machines to the point
>> >> that we could state that 100% of all malware, known and unknown, is
>> >> removed from the machine at the moment you finish cleaning it.
>> >>
>> >> Do you feel 100% certain that your tools and skills can clean a
>> >> compromised machine, 100% of the time, without any malware, known or
>> >> unknow, remaining on the machine - 100% of the time?
>> >>
>> >> Since I don't believe that any one can actually say "YES" without
>> >> limitations, then how do we help all of these clueless users ensure
>> >> their machines are clean?
>> >>
>> >> We all know that you can wipe/reboot/install from clean disks, in a
>> >> clean environment, and the machine will be clean at that moment.
>> >>
>> >> We all know that it takes between 30~90 minutes to restore a machine
>> >> from scratch (depending on the method, quicker for ghost images), and
>> >> that it's time consuming to get everything back to normal for
>> >> customers.
>> >>
>> >> We all know that no one wants to wipe/reinstall as it means lots of
>> >> extra work.
>> >>
>> >> Now, we also know that removing the malware can take hours in some
>> >> cases, most takes less. For some malware you have to boot to the
>> >> recovery console and manually remove it.
>> >>
>> >> So, it comes down to this - clean their system enough to save files to
>> >> CD/DVD, then wipe it to ensure that the malware is 100% removed and
>> >> the
>> >> system is clean enough to be certified as clean.
>> >>
>> >> While most of us will just clean a machine and reboot it several
>> >> times,
>> >> check the registry, tasks, netstat, etc.... then run the malware
>> >> removal
>> >> tools several times, etc... It just means that we're willing to take
>> >> the
>> >> level of risk for not having to put the time in to ensure that the
>> >> system is 100% certified clean, which means we don't really want to
>> >> reinstall everything again :)
>> >>
>> >> I know that some will claim they can perfectly clean a machine, but,
>> >> if
>> >> you're really that sure you can clean 100% of malware, 100% of the
>> >> time,
>> >> now and in the future, of known and unknown malware, without a
>> >> wipe/reinstall, then I think you're just fooling yourself.
>> >>
>> >> Again, are we assuming that by providing "reactionary" tools and
>> >> methods
>> >> that don't wipe/reinstall, that we're doing visitors to this group
>> >> (and
>> >> others) justice and actually providing them with a 100% clean platform
>> >> to continue with?
>> >>
>> >> --
>> >>
>> >> spam999free@rrohio.com
>> >> remove 999 in order to email me
>> >>
>>
>>
>>
- Next message: stevenestrada: "Re: Shut off auto reconnect network drive"
- Previous message: Shenan Stanley: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- In reply to: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Next in thread: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Reply: -Draino-: "Re: Can you really 100% clean a compromised machine 100% of the ti"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
