I did a house call today for some family friends who were having trouble with their computer. Most of it was really simple stuff, spyware and junk. But the kicker was that their computer would no longer stay in standby mode. It would shut off, and then immediately turn back on. I tried the usual bag of tricks, nothing worked. I unplugged the keyboard to check for a stuck key, I flipped the optical mouse on its back to make sure it wasn't registering small movements or something, still not working. As I went to turn the mouse back over, I noticed something. A very tiny strand of hair stuck in front of the sensor. I removed the hair thinking to myself, "wouldn't it be funny if that was causing the problem. yeah right, theres no way..." and then it went to standby and stayed there.
I sat there somewhat shocked, and yet relieved, because I could have wasted a lot of time, and looked like quite the fool for trying to fix something so incredibly bizarre.
I upgraded my server running FreeBSD 4.9 to 5.3-STABLE a few weeks ago. The nightly security email logs failed ssh login attempts, and I usually get a nice big list showing some douchebag trying to bruteforce the root login. After I upgraded, I noticed that they changed the warning message.
Dec 28 08:18:17 sshd: reverse mapping checking getaddrinfo for hyllyperse.net failed - POSSIBLE BREAKIN ATTEMPT!
POSSIBLE BREAKIN ATTEMPT! OH NO!
I love overzealous alert messages.
Today I got a chance to play around with BartPE; a very cool tool for assembling a WindowsPE environment from a standard Windows XP disc. I was very impressed with the functionality that the WinPE provides, and it really got me thinking about how we could potentially leverage this when helping students with virus or spyware infestations.
You get all the advantages of being detached from the file system, yet you can still run the latest versions of adaware or mcafee. Typically we have students boot into safe mode and run the tools from there, but getting them to press F8 at the right time is sometimes tricky, and they always freak out when they get a black screen with big icons. It would be waaay slick if they could just pick up a cd, pop it in, and have the whole process automated.
Also, I can't help but start wondering if I can somehow use this to rid myself of my dependency on the dos based ghosting software. The ghost client itself isn't too bad, but ghostwalk is atrocious. Ghost32 is certified for WinPE environments, so I think I'll download the trial and see how it goes.