GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can someone help me in where to go to get information on how to stop this. Some one has been hitting two of my friends servers on win03 and one is rh-ent(router i believe). I have little data on this attach or how to stop it. All I know is that I have had to have him completely reload system bios in order to get the two compag dl380's to post. No viruses have been found and array bios seems to stay intacked. All I am looking for is direction on where to go to get a resolution as most searches on this topic dont seem to return that much in the way of security fixes. Any direction appreciated.
Not completely sure what your asking. Someone remotely crashing you bios? IPX on? turn it off! Port 139 closed/stealth? Block it! If someone is doing it local fire em!
I guess that is the answer I was looking for. The organizations I work for has alway had others deal with such issues and this isnt happening under my roof and I myself have always stayed away from playing with these things. I guess you would have to say its a friend in the business. In ten years in the computer industry I have never had to deal with this.
I believe what we are looking at is called a "stealth attack" and knew that they could lock a computer system just not clear the cmos so the system wouldnt even post. Was trying to help a friend by providing resources in prevention.
I found this, which I wrote in 1992, in Turbo Basic, under DOS:
Code:
cls
locate 5,1
print "This program tries to read TIME from a CMOS clock. If it works"
print "you will see a digital time display in the screen centre."
locate 10,10
print "Press a key to start"
while not instat
wend
a$=inkey$
cls
locate 23,10
print "You should be seeing a digital clock."
locate 25,1
print "Press a key to exit"
while not instat
out &H240,0
s=inp(&H340)
s$=hex$(s)
out &H240,2
m=inp(&H340)
m$=hex$(m)
out &H240,4
h=inp(&H340)
h$=hex$(h)
t$=h$+":"+m$+":"+s$
locate 12,39
print t$;" ";
delay 0.9
wend
So you need to look for something that is doing something along these lines. Note that, in assembler, you can do it in a few bytes.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.