[OPLINTECH] Potential Computer Vandalism

Mike Hensel henselmi at oplin.org
Wed Nov 20 10:29:52 EST 2013 

Nick:

 

I did clear the bios before I installed the new hard drive and I got the
same HD lock but when I put the new HD in - it worked.  Basically, whatever
the culprits did - it render the HD useless. 

 

We have good knowledge that two youth were on the computers doing stuff that
was out of the normal use of our computers but I'm still not sure how they
compromised them other than setting a password to gain access to the HD.
It appears they could have tapped into the Dell Security Manager system
which will only give access to an HD with a password.   It still puzzles me
because it seems they were only on one machine and I had five machines go
down which resembles a virus.   I shudder to think that a virus could do
something like this on network scale.  

 

Mike Hensel

Director, MLIS

London Public Library

20 E. First Street

London, OH 43140

www.mylondonlibrary.org

740-852-9543

Mobile 614-325-1429

 

From: Nick Kelley [mailto:nkelley at avonlake.lib.oh.us] 
Sent: Wednesday, November 20, 2013 10:16 AM
To: Mike Hensel
Subject: Re: [OPLINTECH] Potential Computer Vandalism

 

Did the new hard drive resolve the issue? If it was the BIOS than a new hard
drive wouldn't fix the issue. 


Sounds like the BIOS was compromised. You can manually reset the BIOS by
unplugging the computer and removing the little battery on the motherboard.
Leave it sit like this for about 15 minutes and then put it back together
and turn it on. You will need to manually set all of the BIOS settings
again. You might want to write down the settings on a same model, currently
working computer so you know you have it right.

 

On Wed, Nov 20, 2013 at 9:20 AM, Mike Hensel <henselmi at oplin.org
<mailto:henselmi at oplin.org> > wrote:

OPLINTech Libraries:

 

I've got a situation where one of my patron computers last week booted up
with a Security Manager Screen that basically needed a password to boot from
the hard drive.  We run DeepFreeze on all of the computers.  I eventually
had to get another hard drive sent from Dell.  Last night 5 more computers
displayed the same message.  We lock the computers down with policies as
well.  I have not seen any virus alerts pop up in Symantec.  We run Symantec
Endpoint.  I don't believe we had the bios locked down so the only thing I
can think of is someone logged into the bios and setup an password on access
to the HD which is leaving our machines dead. 

 

Has anyone run across this scenario and is there any easy fixes besides
getting a new hard drive and rebuilding the machine.   I'm trying to
determine if it was a local hack (patron at each machine) or virus.

 

Any help would be appreciated.

 

Mike Hensel

Director, MLIS

London Public Library

20 E. First Street

London, OH 43140

www.mylondonlibrary.org <http://www.mylondonlibrary.org> 

740-852-9543 <tel:740-852-9543> 

Mobile 614-325-1429 <tel:614-325-1429> 

 


_______________________________________________
OPLINTECH mailing list
OPLINTECH at lists.oplin.org <mailto:OPLINTECH at lists.oplin.org> 
http://lists.oplin.org/mailman/listinfo/oplintech
Search: http://oplin.org/techsearch




-- 
Nick W. Kelley
Technology Manager 
Avon Lake Public Library
440-933-6418
nkelley at avonlake.lib.oh.us <mailto:nkelley at avonlake.lib.oh.us>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20131120/64296d5c/attachment-0001.html>

More information about the OPLINTECH mailing list