There has been frenzy at various test centres across the country. The 1st day of tests, several servers stopped responding rendering thousands of students alarmed. About 30 centres closed shutters on the 2nd day. Students who managed to answer the 2-hour-15-minutes test in 4-5 hours complained of computers rebooting invariably, waste of time due to slow systems, crashes in operation-system processes like svchost.exe.
When questioned by the media about why the infrastructure was so poor, the IIMs and Prometric issued a statement that viruses had caused the tumult. In two days time, the names of two viruses were disclosed. Conflicker and W32 Nimda. But unluckily for the IIMs, people have refused to accept this theory. This article is a small attempt to prove that viruses can indeed cause furore of this scale.
About the virus
Conflicker, better known as Conficker is a worm which was in news in November 2008. It exploited vulnerability in network services of the Windows operation systems, entered the system and created chaos. http://en.wikipedia.org/wiki/Conficker. Microsoft had promptly released a patch for fixing this vulnerability on the 23rd of October 2008. http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
But Conficker maker/makers were smarter. He/she/they released other variants of the virus, after enhancing it. So far the known variants of this virus are Conficker.A, Conficker.B upto E.
What the virus does
Conficker is a very smart worm. It enters the system either through exploiting the vulnerability mentioned about or through USB drives. Once on the machine, it gets itself administrative rights, executes some code and creates a process of its own. The process can be viewed in the Task Manager under the Processes tab. It skilfully names the process using a technical jargon and thus no normal user would ever suspect any illegitimate activity there. After this, it tries to connect to the internet through different unimaginable ports. If it finds a connection, it downloads any well-known antivirus to corroborate its legitimacy to the user. Post an anti-virus scan, the virus goes into a long sleep/hibernate mode only to wake up once more, this time to damage the system and steal information. It contacts various servers and downloads harmful malware. Presence of W32 Nimda on the computers at the test centres is just part of this gimmick. Conficker has the capacity to steal passwords and send it to it’s’ headquarters (which is still not known) through other infected computers without leaving any trace behind.
Other than this, if the virus infects any server catering to other clients, it breaks the communication channel between the server and the clients, prevents domain-name-to-IP and IP-to-domain-name resolutions, better known as DNS lookups. It prevents regular patching of the operating system by disabling Windows updates. It can render existing anti-virus softwares useless.
So the claim that IIMs and Prometric, make isn’t all wrong. This virus has the capacity to take the world by a click. But they cannot take shelter under testimonial because:
1) There are good anti-virus softwares like Microsoft’s Forefront which can detect the presence of Conficker.
2) The patch release by Microsoft is available. But applicable only for genuine Windows operating systems.
In our country, people are gifted with intelligence and can crack the toughest operating system codes to make its pirated copies and find workarounds to make pirated/evaluated copies into genuine ones. Thus, such a venture by Prometric and of course NIIT should have been smarter one. Prometric being a non-Indian company can be given a lee-way for the charge. But NIIT, Indian company, should have known about the intricate details of IT infrastructure in the country where more than 58% of the computers have pirated copies of operating systems and other softwares. As for the IIMs, one cannot blame the manager if the computer freaks out.
And yes, it isn't about Windows v/s Linux, its about piracy but the lack of contemplation on the part of NIIT!
I guess being a tester for MS for a long time helps. But I still can't figure out why Prometric was not better prepared to handle this load/ issues or other concerns before hand when it is a well known fact how important the once a year CAT is! If the viruses are creating a ruckus why aren't Linux based systems used to cater to these online tests? Only hope that whatever that caused the issue rectifies in time for the aspirants to make it through. In a country of Billion people every single click counts!
ReplyDeleteHmmm....I must admit that it hurts when svchost.exe crashes. :-D
ReplyDeleteA fact based article, written in a thought provoking way, summarizing the root cause in a contemplative way.
Good Job!
It is indeed, interesting to note that though NIIT is playing a crucial role in this preparation; it escaped without any responsiblity whereas people(government) are baying for Prometric's blood.
This failure or CATastrophy (as some have come to call it), does not have its roots in just a failure of infrastructure or bandwidth. The malice is much deeper and the solution needs to be multi-pronged.
For that to understand, the reader will need to read between the lines of this articles. I know because I did. :-)
Bahut accha likha hain Arpita. Mujhe pasand aya!!
Love it...
Regards,
Abhinav.