Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




35 posts

Geek
+1 received by user: 2


Topic # 198892 27-Jul-2016 11:53
Send private message

This is bizarre and a bit hard to describe.

 

We have a small office network (Modem and ethernet switch with about 5 devices networked).

 

My boss remotely logs into a PC on our network to use our quoting software as he lives in another town. He sends the quotes by email from the same PC using Outlook. In case it's relevant, we have a static IP that allows him to communicate.

 

Problem: Emails will not send from this PC when my PC (different machine on same network) is shut down. When I start my PC AND outlook in the morning, his Outlook wakes up and sends all queued messages.

 

What the heck is going on here???


Create new topic
2464 posts

Uber Geek
+1 received by user: 735

Trusted
Lifetime subscriber

  Reply # 1599447 27-Jul-2016 11:58
Send private message

What error messages are seen when trying to send?

 

What email system is in use - POP or Exchange or IMAP?

 

Which email program is being used on the machines?

 

Check his machine is using DHCP (for IP and DNS) https://youtu.be/QhpNEL2wOcE 





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams



35 posts

Geek
+1 received by user: 2


  Reply # 1599456 27-Jul-2016 12:16
Send private message

 Thanks for the reply.

 

~ No error message, just sent email "stuck" in outbox. (until I start Outlook on my PC)

 

~ Using POP

 

~ Outlook 2007 on both machines  (yes I know .... old!!)

 

~ Boss's machine does not have DHCP enabled as requires static IP to run software via remote desktop. Has worked fine for 12 years on this very machine.

 

We have installed a new modem recently as have upgraded to VDSL, not sure if that could be relevant.

 

Bosses machine is XP  (please don't hit me I'm only IT dpt by default in a two person company!)

 

My PC is Win7


 
 
 
 


2464 posts

Uber Geek
+1 received by user: 735

Trusted
Lifetime subscriber

  Reply # 1599462 27-Jul-2016 12:28
Send private message

webfish:

 

 Thanks for the reply.

 

~ No error message, just sent email "stuck" in outbox. (until I start Outlook on my PC)

 

~ Using POP

 

~ Outlook 2007 on both machines  (yes I know .... old!!)

 

~ Boss's machine does not have DHCP enabled as requires static IP to run software via remote desktop. Has worked fine for 12 years on this very machine.

 

We have installed a new modem recently as have upgraded to VDSL, not sure if that could be relevant.

 

Bosses machine is XP  (please don't hit me I'm only IT dpt by default in a two person company!)

 

My PC is Win7

 

 

lol 12 years?  Wow.

 

Can he access the internet from his computer with yours turned off?  Can it receive email with yours turned off?  I was wondering whether your computer might be providing DNS for his computer for some reason when asking you about DHCP. Are his SMTP Server settings in the email account settings in Outlook the same as yours?

 

New modem in theory would not have an impact.....  does the timing of the issue coincide with that or did it already exist?

 

If your email is POP, I would be concerned it is not being backed up.  An Exchange-based solution like Office 365 takes care of this, but that would involve upgrades.

 

Ransomware is getting more and more prolific.  Please please please think about your current backup strategy and how you can make it more effective.





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

14284 posts

Uber Geek
+1 received by user: 2590

Trusted
Subscriber

  Reply # 1599469 27-Jul-2016 12:44
Send private message

Traffic could be routing through your machine, or some dependent service running on it.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


5092 posts

Uber Geek
+1 received by user: 1211

Moderator
Trusted
Lifetime subscriber

  Reply # 1599471 27-Jul-2016 12:47
3 people support this post
Send private message

Sounds like the other machine is acting as the POP and SMTP server for your boss.

 

PS it's highly negligent for your business to be running such old software.  Not just to yourselves but you become a threat vector to other organisations that you deal with.  It's really not hard or expensive to get your infrastructure into a current state.

 

 


14284 posts

Uber Geek
+1 received by user: 2590

Trusted
Subscriber

  Reply # 1599503 27-Jul-2016 13:56
3 people support this post
Send private message

Think about disaster recovery and backups. Sounds like the current setup is a recipe for disaster.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




35 posts

Geek
+1 received by user: 2


  Reply # 1599589 27-Jul-2016 16:15
Send private message

Thanks for your concern. The PC in question does one thing and that is run quoting software (not updated beyond XP) and send quote emails. No email comes into that computer and no web browsing takes place. It gets accessed periodically via remote desktop which is probably the extent of our exposure.

 

Nothing on that machine needs backing up as the information in the sent emails resides elsewhere.


2095 posts

Uber Geek
+1 received by user: 357

Lifetime subscriber

  Reply # 1599612 27-Jul-2016 16:22
Send private message

SMTP account used on both machines uses same credentials??





Ross

 

Spark FibreMAX using Mikrotik CCR1009-8G-1S-1S+

 


Speed Test


399 posts

Ultimate Geek
+1 received by user: 216

Trusted

  Reply # 1599617 27-Jul-2016 16:29
One person supports this post
Send private message

webfish:

 

Thanks for your concern. The PC in question does one thing and that is run quoting software (not updated beyond XP) and send quote emails. No email comes into that computer and no web browsing takes place. It gets accessed periodically via remote desktop which is probably the extent of our exposure.

 

Nothing on that machine needs backing up as the information in the sent emails resides elsewhere.

 

 

 

 

RDP over the public internet to a non-patchable XP host..... well now, that was always going to have a big issue at some point

 

1 minute google -

 

http://www.securebinary.co.za/remote-desktop-rdp-vulnerability/

 

https://www.youtube.com/watch?v=W_K0xzj4Q5c

 

http://www.securityfocus.com/bid/52353

 

I would assume more exploits have been found since XP ended support, if not being able to send email is your only issue you should be very happy.

 

 

 

 

 

 

 

 


3510 posts

Uber Geek
+1 received by user: 985


  Reply # 1599618 27-Jul-2016 16:33
Send private message

The PC in question does one thing and that is run quoting software (not updated beyond XP) and send quote emails.

 

Where is its IP gateway pointed at?, it may be pointed at your machine?


5092 posts

Uber Geek
+1 received by user: 1211

Moderator
Trusted
Lifetime subscriber

  Reply # 1600085 28-Jul-2016 10:41
Send private message

The fact that it sends email is exactly the sort of risk to other parties that we're alluding to.  




35 posts

Geek
+1 received by user: 2


  Reply # 1600103 28-Jul-2016 11:11
2 people support this post
Send private message

Can I point out that I am not an IT department and none of this is in my job description - I was just trying to help my employer out with an email issue. I have, however, taken all your security concerns on board and advised my boss. It's up to him now.

 

Aaaand ..... I'm out.


2464 posts

Uber Geek
+1 received by user: 735

Trusted
Lifetime subscriber

  Reply # 1600105 28-Jul-2016 11:13
Send private message

Noooooooo you don't get off that lightly!  It's all going to turn to custard and somehow it will become your fault!  *chuckle*





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

895 posts

Ultimate Geek
+1 received by user: 285


  Reply # 1600140 28-Jul-2016 12:29
One person supports this post
Send private message

At the very least

 

  • Make sure you have good backups, on a device that spends most of its life not plugged in to your LAN or any device attached to your LAN.
  • Be prepared for someone to find a way to send enormous volumes of spam via your mailserver.  Your ISP will not be happy, and when your legitimate mail starts getting blocked by people's mail filters, neither will you.
  • Be prepared for someone to break into that XP machine and steal your company's data / encrypt all your files and demand a ransom for the password / etc.
  • Be prepared for someone to break into that XP machine and use it as a jumping-off point to hack into someone else's systems, leaving a trail of log entries saying the attack originated from your company's network.

Yeah, doing proper IT security is hard, especially when you don't know how and no one has any time.  Cleaning up after one of the above messes is also hard.  You won't get to choose when it happens, and it could well cause significant financial or reputational damage to your company.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.