Jump to content

scorpion

Members
  • Content Count

    4,457
  • Joined

  • Last visited

Everything posted by scorpion

  1. Large numbers of infected computers have been searching in vain for the Srizbi botnet disrupted by the disconnection of ISP McColo a week ago, a security vendor has found. Srizbi rootkit removal instructions http://www.techworld.com/security/news/index.cfm?newsID=107278 http://blog.fireeye.com/research/2008/11/srizbi-removal-instructions.html Step 1: Backup the system (recommended) Windows XP For Windows XP users, we strongly recommend creating a System Restore point before starting this disinfection process. System Restore can help users revert back all the changes to the system in case something goes wrong (such as a random power loss). For more information on System Restore, please refer to http://support.microsoft.com/kb/306084. If system restore is not yet enabled on your system, please follow the instructions here http://support.microsoft.com/kb/310405 Windows 2k (Professional and AS) Unfortunately, the System Restore feature is not available in Windows 2000, so users must back up all of their important files using other tools before continuing the disinfection process. Step 2: Identify and Remove the Rootkit Driver Step 2-1: Start the system in Safe Mode When the system starts in Windows' "Normal" mode, Srizbi uses a kernel level rootkit to hide its files and registry entries. For this reason, we need to start the infected machine in Safe Mode to see the changes made by Srizbi. Information on how to start Windows in Safe Mode can be found here http://support.microsoft.com/kb/315222. Some recent variants have been seen which can also hide their files in Safe Mode, but most do not. Step 2-2: Verify Srizbi Infection Once the infected system is rebooted in Safe Mode, we can try to find some files created by Srizbi. One particular file to look for is a batch (.bat) file, having content like the following: :abc del "C:\D7641A4046742F3294AD4600B15C5E20.exe" if exist "C:\D7641A4046742F3294AD4600B15C5E20.exe" goto abc rmdir "C:\" del "C:\DOCUME~1\worm\LOCALS~1\Temp\_it.bat" Of the hundred+ samples analyzed in FireEye labs, the file that Srizbi executed was in the root directory - C:\. A unique feature of this batch file is the string ":abc" at the beginning of the file. Search for such a batch file on the system disk. You'll want to use the search function on Windows to accomplish this. a) Make sure the "Show Hidden Files" option is enabled. If not, follow these steps to turn it on: My Computer --> Tools --> Folder Options --> View Check the 'Show Hidden Files and folder' option. Uncheck the 'Hide protected operating system files' and 'Hide extensions for known types' boxes. Press Ok. b) In the "File Name" box, enter *.bat c) In the "A word or phrase in the file" box (just below the name box), enter :abc d) You will also need to tell Windows to search for hidden files and folders, by going to 'More Advanced Options' in the lower part of the Search bar. Click it and check the "Search the hidden files and folders option". e) Press the "Search" button and wait to see if system can find any such files. Normally this file only has 3 or 4 small characters in its name, similar to: _it.bat svs.bat If the search finds any such files on the Windows system drive, the system is almost certainly infected by Srizbi for which our removal instructions below will help. NOTE: If the search fails to find such files, the system may be infected by another Srizbi variant which can hide its files even under Safe Mode. In this case, the user should boot from some other bootable media (like Knoppix) that can read the hard drive directly, as at that time the infected OS will not be able to hide the Srizbi infection. A later article will describe this in more detail. Step 2-3: Removing the Infection After the infection is verified, a user can follow one of the following two approaches to disinfect the system. Approach 1. System Restore (Only available for Windows XP) Right click on the .bat file and try to find out its creation date. If you have a System Restore point prior to this creation date, you can choose to restore the system from that. For more information on System Restore one might refer to http://support.microsoft.com/kb/306084. Approach 2. Manual Disinfection (Applies to both Windows XP and 2000) The idea here is to locate a driver (.sys) and an executable (.exe) which was created just before or after the creation of this .bat file (within a minute). In Windows we can search based on the creation dates. a) Type *.sys, *.exe as the file name for which to search. b) Go to the "When was it modified" option in the search bar. Check 'specify dates', Select "Created Date". Now the type the same date when that 'bat' file was created, both in the “toâ€
  2. scorpion

    Srizbi rootkit removal instructions

    For your troubles ask for help here even if you are not computer "literate". http://icrontic.com/forum/forumdisplay.php?f=57
  3. scorpion

    DVR rewind problem (keeps pausing)

    I have never seen 7 second delay. I could see how difficult it can be to watch video. Wow! Can you return this to your dealer? Is it still under warranty?
  4. Is the power supply located at the same point where the wall transformers are located, or are the transformers located with the cameras in another building? The reason I ask is that you may have ground loop issues between the two power points. If you wanted to use your power supply then perhaps the cameras need to be isolated from what they are mounted too? I have seen this with commercial metal buildings when the cameras are bolted to the iron work, or the the metal outer walls. If you had to isolate them then look for nylon bolt, and nuts, and you can go to a hobby store and ask where they keep their styrenne plastic sheets. You can put the mount on the plastic, and cut out the shape to provide insullation. If you want to test the theory then just use cardboard to isolate the camera. What do you think?
  5. scorpion

    DVR rewind problem (keeps pausing)

    Whick model do you have? I do not seem to remember these issues, but then I may be to forgiving of the product based on it price point. There could be some pausing if you have a series of 10 second video "pieced" together so that may make sense. Hard drive issue would be based on the age of the product, and the style, or model of the hard drive. Testing could be done with another hard drive to confirm this issue. If the new hard drive recreates the problem then it is the series of motion that is pieced together, or there are hardware problems that would be unrepairable. You could always do a hardware reset by opening the chasis. Is the pause just a jitter, or does it hang for a bit? I do not seem to remember a long pause, but a jitter would not be out of the question. Are you bringing up video by time date stamp, or does this do this when you press the play button? I am not really sure what you have going on.
  6. I have a small area CCTV proposal, and due to multi building / multi locations of the cameras. There are two areas that are fenced in. I may be doing a mesh network for video transmission. The CCTV can be analog, or IP based. I lean more to analog. I am interested is speaking with you if you are an "expert" working with mesh networks. I need to come up to speed on common mistakes that I may make as a first time user. The level of security is high for the proposal that is before me. Please forgive me for not posting details of the actual installation. Security is of the essence. I have never set up a mesh network, and I am starting to look for PDFs that can provide me the education that I need. I may need to hire someone to build the network, and to make it as redundant as possible, and secure, but I need to have a basic understanding of what someone is telling me, and I need to know how to play "devil's advocate" to any equipment choices, and setups. I will defer to a local expert. Time is of the essence as there is money there for the project, but it is a shared pool, and first come, first served. I would like to get an infrastructure in as fast as possible if I win the proposal. I will need to do an "intrusion" test to verify security. Would you supply the information needed to due such a test. Please use the PM to keep this information off post. If you do not have PM rights then make a post, and I will send you my email address. The system will be a mutli PTZ setup. I will want to use motion detectors to trigger presets to orient a PTZ to respond to all pedestrian gates, and vehicle gates, and equipment. PM me if you need to know more details. Thank you in advance!
  7. scorpion

    Mesh Networking: Intrusion, and Hacking

    Then you probably remember this: http://scorpiontheater.com/antennaorientation.aspx
  8. scorpion

    Mesh Networking: Intrusion, and Hacking

    This link that you provided is information overload! I really appreciate the extra effort that you have done to help me out! I look forward to implementing this project! Although I am new to this kind of technology I am excited to be a part of an emerging technology. I guess I should give up my TRS 80, and my CB radio now?
  9. scorpion

    Mesh Networking: Intrusion, and Hacking

    I do not have experience in this area. I sound like Beavis, and Butt Head after you asked me that question. I would be interested in your information if you would be so kind! Thank you very much!
  10. scorpion

    AVC 760z audio is not recording

    If you use Video Server E then we have some more trouble shooting to do. If you use Video Viewer then let me know.
  11. scorpion

    menu key is not responding

    http://www.cctvforum.com/viewtopic.php?p=96808&highlight=#96808 Manual http://scorpiontheater.com/Documents/AVTech_Manual_English_CPD577W_16CH_V1.0.pdf Press the "ENTER" button four times to enter the menu.
  12. scorpion

    I can't connect to my dvr !? help !!

    I would only do the router.
  13. scorpion

    IR camera picture bad at night

    Something is not right! If that is truely a 125 foot IR throw then the sidewalk should show an intensity spot. Imagine a hunting million candle spot light, and shine it at a wall from 15 feet away. The light would be to bright. I do not see a "high beam" shining on your sidewalk. Perhaps you can take some electrical tape, and put it over the photo cell. This will test to see if external light is causing the IR to not turn on, or it will tell you that the IR is not working. If the IR are coming on then you should see a slight reddish glow. Do this first before you turn the camera. Once we know these answers, then turn the camera, and lets see what we get.
  14. scorpion

    password disable

    If you opened it up, and did a reset then it should go back to default. Perhaps you hit the wrong pins? http://scorpiontheater.com/reset.aspx http://scorpiontheater.com/Documents/Hardware_Reset_AVC777_777W.pdf If you pull the battery then all it will do is lose the date, and the time, and there isno other effect. If you have motion detection, and you have a lot of activity in front of the cameras then press the stop button first, and then press menu. The DVR is looking for motion, and if you will think of it as having blinders on. You may have to use two hands, and you may have to do it a couple of times till you get it right. Press stop, press menu without any pause in between otherwise it may detect motion from a cam, and then you will have to press stop again. What do you think?
  15. scorpion

    IR camera picture bad at night

    Turn the camera 90 degrees then post a screen shot. Also: what is the IR distance rating for the camera? You can only use have of the rating. It appears that the sidewalk is about 15 from where the camera is mounted, but then I am only guessing. If this is the case then it should be working better. The camera is pointed in a downwards angle, and the sidewalk should be lit up from the IR. If the street light was shining in that area, and the street light illumination was enough then the camera may come out of the black, and white mode, and become color. The screen shot shows B/W so that means it may be in the night time mode. Perhaps you need a 60 foot IR throw is needed. http://scorpiontheater.com/irlab.aspx
  16. scorpion

    Starting new business in TX. Help!

    Congradulations! You want to start your own business! http://www.cctvforum.com/cms_view_article.php?aid=31 Guerrila Marketing! http://www.cctvforum.com/cms_view_article.php?aid=45 Marketing 101 http://www.cctvforum.com/cms_view_article.php?aid=44 Press Releases, Home Builders Association, and Networking Groups http://www.cctvforum.com/cms_view_article.php?aid=46 What is Spaghetti Marketing? http://www.cctvforum.com/cms_view_article.php?aid=32 ____________________________________________________________ The sharks will spot you in 5 seconds flat! Do not do it! If you appear much bigger, and more professional then you can handle, then you will paint yourself in to a corner. They will want to know why you came out on a big job with only one employee? If you are so professional then how come you did not come back the next day as you promised to finish the minor details to complete the install. If you are so big, and so professional, then why did you have to stop in mid stride, and have to take off for the hardware store to get the "opps, I did not anticipate that I needed that"! Act like yourself. If you tell people up front that you are new, and that you are getting started then they will appreciate that. You might lose a few jobs because of that, but then again that may be doing you a favor as those could have been the biggest pain in the butt! People love to be the one to brag "I was his first customer when he got started, and now look how big his business has gotten"! "Look at him now! I remember when he started he was in that tiny little building, and now look at him he is moving in to the glass, and brass building! He must be doing damn good nowadays"! If they know you are new then they will be more forgiving when those opps come around. There are sharks out there just waiting for you to fall in to their lair. They will get you started then roll you over for dead, as you do not know what you are doing, and they know every trick in the book. How do you think they got rich to begin with? Learn how credit cards work. Learn about how a customer can dispute the charge, and that the charge card, or merchant services can take that "job money" back from you! Yikes! Learn that you need to document everything! If the customer does not know what they want, then walk them through every decision until you both are on the same page. Take a TV set, and a camera out to the prospective customer. What they had in mind will not work. They will see this when they see the view on the TV monitor. Stand on a ladder, and simulate where the camera will be mounted. You will spend (or waste depending on how you feel about this) more time doing this, but you will save yourself so much money, or a loss of money, or burning time that you cannot charge the customer for correcting issues. Customers have hired you to provide what they needed. What will happen is that they will learn more about the system after you have installed it, and then the learning process will educate them to how they really should have had it installed. Now they will hold back payment because they did not get what they asked for! They may make crazy demands! I cannot read licensce plate in the complete dark as they drive by. I was attacked by my ex husband why do you think I called you in the first place? There is a restraining order, and I want to prove that he is violating the court order. Hmmm! I do not remember her ever saying anything about license plate recognition. Now I find out that she wants video from the street that is more then 60 feet away from her house! Ouch! I mounted 30 foot IR cameras which means that they will only be effective at 15 feet. I do not think that she is going to read a license plate with those. Oh yea! Those are wide angle lenses, and there is no way that she is going to read a plate at that distance! Do a site survey, and learn about your customers, and what do they know now, and what are they expecting? If you have those kind of problems at the end of an install then you did a bad site survey, and you are the only one to blame for your flesh wounds! Once they customer know what they want, (or they think they know what they want), then you get that on paper. Have them email this to you. The email will seem innocent enough, but in the long run you have something to show the judge! BAM! Take that moron in your own words! Now tell the customer what you are going to do for the installation, and what you are going to provide, and what you will not provide! Get signatures on everything thing. Make sure the "lawyer words" are real close to the area where they sign the document! Once your derrier is covered then the rest is easy! Now lets go out there, and have some fun!
  17. scorpion

    I can't connect to my dvr !? help !!

    I reread my own post, and this is not quite what I had meant! This is what I get when I am in a rush, and trying to speed type! What I meant was to use the IP address rather than the dns. If you can log in at work with the IP address then we no everything is working. If you cannot then that is the first step for me to trouble shoot. If your router at home has the port forward setup correctly then I do not know why it is not working. At work do you have some kind of firewall like Sonicwall?
  18. scorpion

    I can't connect to my dvr !? help !!

    Try your IP address at home. Lets see if we can connect, and then we will figure out what is wrong with the dns address after we get connected.
  19. scorpion

    Security System for a Car Wash

    Pick a dealer that you trust. Pay the extra money, and you will be very happy down the road. Do you buy your own eggs, and bacon, and then go down to the restaurant, and ask them to cook it for you? Do you buy your own oil, and filter, and take it down to your mechanic, and ask him to change it for you? You are paying these people for what they know, and not what the wholeslae cost is. If you are technically savy such as I am, but time is of the essence then I will change my own oil, and such. In january my car overheated. I paid an auto shop to replace my water pump, and thermostat. It turned out to be a warped head on the engine. If I had continued to drive the car in the red zone I would have blown the engine. They had to send out the head to be milled, and then they did a complete valve job, and replaced my broken shroud, and my electric fan. The electric fan broke a paddle, and it punched a hole in the shroud, and I lost air flow through the radiator, and then the steam punched a pin hole in the radiator, and everything cascaded. Faced with this, I am not going to sit down with a chilton's book, and teach my self how to tear down a head, and how to rebuild it. I can do if I try. Experience make the difference. I can take the heads to a machine shop on my own, but in my past experience I find taking header bolts off to be a pain. I cannot keep track of which bolt goes in which hole. Some are short, and some are long. OK! The real reason that I let the shop do it? I priced all of the mechanic tools that I was going to buy to do the job! YIKES! I am not the type to rent hand tools. If I am going to pay a rental fee then why not just buy it. Specialty tools are different for a one time use, or the product is just too expensive. It is cheaper to rent a back hoe for a month then to buy one agreed? What will you do when the camera does not do what it said it could do on paper? What if when you power everything up, and there is no video? Oh! You have the technical expertise to fix that! I see! If that is the case then why are you having these guys come out so that you can pick their brain? Read some of these post where people are having problems, and you can see real fast that you may need someone down the road to help you.
  20. scorpion

    I can't connect to my dvr !? help !!

    Is your DVR installed at your home? If you are at home, and you are using a WAN IP address, or your dns host address then it will not work. You have to have a duplex internet. In other words you need to go to another house, and use their internet connection to check your remote view. If you are at home then use 192.168.1.10. Go into your address book, and set up this IP address, and name it LAN in your comments section. Does Video Server E work with your LAN address?
  21. We have 434MHz transmitters, or channel 59 UHF "modulators". Be very careful choosing these devices! Imagine the difficulties with wireless analog cameras, and you can imagine the diificulties playing with these devices. Most of the devices will come with a 9 volt battery clip. If you power the device with your power then be very, very careful with reverse polarity. They will blow faster then you can blink your eye! Use a diode to protect from reverse polarity. The T-59 version are not weather proof, and you have to be carefull how you package them as you do not want to trap any "ANY" heat at all. The 80mW version is just a heat shrink wrapped pc board. There is a version in a metal case. If you are using a TV set then do not use the "Rabbit Ears". You need to use the antenna that is shaped like a bow tie. You older folks know what I am talking about! http://www.radioshack.com/product/index.jsp?productId=2062017 For those of you who are testing these with your home TV then disconnect your TV from any cable box, or sat box as you will not receive the transmitter video signal as it does not pass through the box. Most will have about a 80mW transmitter, and if they brag about a mile distance then do not believe it. Anything close to one watt is going to need an FCC license. Be advised that most TV sets of today will have weak UHF reception. The tuners are not built with any regards for UHF. If you can find "granddad's" old tv with a rotating UHF knob then the better! You can use any camera that you wish, and you can plug the camera video out in to the transmitter. You can wire the "bumper" camera in to your trunk, and then connect to the transmitter. You do not have to worry about how to package the transmitter, and you can reduce the auto 12 volt down to 9 volts. Having the transmitter inside the vehicle will help with the reception as you do not have to penetrate the signal from outside the car through the metal in to the inside of the vehicle. Most modern day cars tend to have the fold down seats between the trunk, and passenger compartment. Video Comm is one of the recommended brands. NOTE : UHF transmitters operate in the Amateur Radio Service (ARS) frequencies, and according to FCC regulations, requires licensing for legal operation. There are no restrictions on the sale of this equipment, however ScorpionTheater urges the user to become familiar with and observe all laws and regulations governing ARS licensing and the operation of ARS equipment. Please note that the ARS frequencies are not for commercial use. ARRL http://www.arrl.org/FandES/field/regulations/bandplan.html FCC http://www.arrl.org/fcc/uls101.html http://scorpiontheater.com/uhf.aspx
  22. scorpion

    Microphone in store

    There is also ETS http://www.etsnm.com/microphones.html
  23. If your DVR does not keep the date, and the time then you may need to replace the battery on the main board. The battery is a MS621FE battery. Here are some various links on the battery. Micro Battery Product Catalogue 2008 - 2009 http://www.sii.co.jp/compo/catalog/battery_en.pdf MS621FE Battery Spec Sheet, Data Sheet, White Paper http://www.vaima.cn/admin/DownLoad/UploadFiles/200841714532072231.pdf Battery Safety PDF http://www.sii-components.com/bm/html/documents/precautions_battery_e.pdf By not having the UPS, and the line filtration you have killed your hard drives. The brown outs are not good for the hard drives. If you get the UPS with good line filtration, and you change the battery then you should be good to go for more years down the road! http://scorpiontheater.com/troubleshooting.aspx
  24. scorpion

    How much???

    £60,000.00 http://www.nexus.org.uk/wps/wcm/connect/Nexus/Nexus/News/News+archive/2008/Nexus+news+Safety+cameras+installed Unrelated to the story, but I was tasked to install 30 telephones, and CCTV in parking areas for a campus. The pole at my cost was $3,000.00 each! Are they kidding me? I can get a 6X6 metal post, and pay someone to drill the holes needed! How much does it cost ot powder coat a pole nowadays? 3,000.00 X 30 poles!! The phones are $1,200.00 each, and you guys can figure the wholesale cost of the PTZ on your own. I wonder if they would get mad if I mounted everything on a 6 inch PVC pole?? The other question is if they would survive on one, or not! OK! I am only kidding!
  25. scorpion

    safe-core dvr400m

    I would guess M for motion?
×