Testing the depth of user stupidity

[kruptos]

Hehe cool idea...

How did you get the boss to buy in on the idea...might look bad if he or she were to click on it..and find out your the one to set it up...lol

Unless you are the boss. then your all good :-)

Any chance you can post it in the tools archive, or send me a copy on email? be good to have in the tool box :-)

Thanks!!

[CXGJarrod]

I have done this before and tricked about 50% of the people in the office into opening the attachment. (Bat file that did a net send to my computer)

I took the stairs armed with a pliers to pull the half melted transparency from the laser printer. The week before we had someone on the same floor wipe out five laser printers with transparencys he brought from home. The first printer melted the transparency so he tried the second printer.That one melted it also but it seem be almost printed so he tried the third printer. He then decided the first three must have been too small so he went for our 2 group printers.

Had this same problem with one of our users trying to print on envelopes. It would melt the plastic on the envelope window and then harden in the printer. Well the user did not tell me and sure enough, later that day I got a call to come fix the printer. We had to buy a rebuild kit to get ti working again.

[foxyloxley]

Users : You can't beat 'em ----------------------------- Mores the pity !!!

[UnderClockdMind]

I think thats a great idea. I'm my Dad's unoffical tech guy for his small accouting firm. They never listen does not matter how many times they have to call me. Even my Dad who just downloads every attachment on his work comp. I can't wait to see your result.

[valhallen]

bad news guys - just got home.....we spent all day testing EVERY area of ALL the servers in the building as no-one could get/send email or view web >_<

the amount of times i was down in the coms room fiddling with the firewall ARGGGGG!

only to find out it is the company who suplies us with our net connection that went down and not us -_-

am gonna do it tomorrow though when i aint so preoccupied - lol

as for the whole "how did boss clear it?" he hasn't am doing it off my own back - but am semi-head of tech so is my duty to check these things

v_Ln

[s33ka]

I remember that in my first two weeks in my first support role I biult 11 stand alone AV scanning pc's for floppies I personally went to all 11 offices across England to set thesse up and demonstrate gow they work ("Yes I know but they, would never have been able to turn the monitor on if they had not been shown first") Two weeks later I had to go back to our office in Sheffield ("Thats a long trip from London to Sheffield, by train") only to find that not only was the Stand Alone off, but it was also in the storage cupboard......

They then had the nerve to complain that they had been sent a disk and they think that the current virus came from that disk.

After to speaking to my Line manager I prompty went around and removed all the floppy drives.............

Kind of reminds me of the user, phoning tech supp and stating that the coffee holder broke off..

[hypronix]

Nowadays virii can come through the CD as well I guess, since people use rewritables to transport work home and back to work sometimes. And since they are prone to do the same mistake at home [of openning all the files they receive] then it can be safely assumed that one needs to completely block any media access to the computers.

Well, tech support must be a great job! And all the 'idiots' call the tech people geeks. But they depends on these geeks as much as they depends on their morning coffee, or their sleep. Little do they know of the power of the tech guys!

[chsh]

Originally posted here by MURACU
Hate to say chsh but that is not always true.

I know it doesn't apply to every situation, however in terms of opening viruses, and allowing them to infect the machine, a lot can be done by the sysadmin to lock the box down.

I took the stairs armed with a pliers to pull the half melted transparency from the laser printer. The week before we had someone on the same floor wipe out five laser printers with transparencys he brought from home. The first printer melted the transparency so he tried the second printer.That one melted it also but it seem be almost printed so he tried the third printer. He then decided the first three must have been too small so he went for our 2 group printers.

It seems everyone has an issue with transparencies and lasers. The COO at the company I used to work for who ruined a perfectly useable $7500 networked colour laser printer from canon doing that. Apparently transparencies can do a lot of damage to the laser, and it really gummed up the bloody works. I'm no expert on printer hardware, but basically, I didn't really question it when the canon rep. told me it was pretty well FUBARed.

anyway got to the office where the printer was and there was in effect a heavy oily smell but no smoke. All the accountants were waiting outside at the coffe machine just in case. Called in the head accountant and explained that to solve the problem all he had to do was keep the windows shut while the workmen were resurfacing the road in front of our building. Tarmac stinks while it is still hot.

Hahahaha. A colleague of mine described a similar experience with an old place he worked at. Only it was the marketing person complaining of the stench of toner from the printer, and it turned out to be the repainting going on in an adjacent office...

[MURACU]

I know it doesn't apply to every situation, however in terms of opening viruses, and allowing them to infect the machine, a lot can be done by the sysadmin to lock the box down.

Chsh I agree totaly with that. I wouldn't blame a user for a virus that came through the network either by mail or by the lan while in a normal woking enviroment. In that case it is the IT departements fault that the virus got through not his.
I only get annoyed when your are a couple of hours into an attack, you have sent out warnings to everyone not to do such and such till they get the all clear. Things are just getting under control then someone somewhere does exactly what he was told not to do.
The hardest part IMHO of the admins job is not locking down the hardware and software. The information is out there and easy enough to find. The hardest part is keeping the users security conscious in the time between security alerts.

Anyway I still reckon valhallen will have some users who open the mail twice just to make sure they really understood. Then a couple more will open it just to see the message.

[Tiger Shark]

This, couple with the fact that my users don't seem to be able to "cotton on" to the fact that a file with a single .txt extension is safe to open no matter how many times I tell them is why I have started stripping every file with a potentially harmful extension in SMTP mail at the firewall. During the recent spate of Netsky, Mydoom and Bagle the variants were coming more quickly than the defs were even though my mailserver updates it's defs hourly we had 8 new variants get as far a a (l)user..... Only one clicked on it fortunately and I was alerted by other systems. The big pain was that I made the _stupid_ mistake, (knowing that the AV removes infected files and replaces them with an attachment, (duh), telling the recipient what it did), of telling the users that if it doesn't have a single .txt extension to forward it to me....... Well, let me tell you how quickly an inbox can fill up during a major virus attack with useless friggin' text files forwarded by 650 odd users who are too scared to even look to see what the extension is.....

Once the firewall was stripping _everything_ I sent out an email that said "there are no longer _any_ attachments you _can't_ click on - have at it". My inbox has since returned to normal size.....