“The prestigious CAT exam of 2009 has not been able to live up to the standards its predecessors maintained”, so say the disheartened students who kept burning the midnight’s oil during long, persevering preparations. While some have lost faith in the assessment system of the IIMs, others have turned cynics and voiced sarcastic comments on various forums. Prometric, IIMs, Dr. Barua and Mr.Kapil Sibal, government, none have been spared.

There has been frenzy at various test centres across the country. The 1st day of tests, several servers stopped responding rendering thousands of students alarmed. About 30 centres closed shutters on the 2nd day. Students who managed to answer the 2-hour-15-minutes test in 4-5 hours complained of computers rebooting invariably, waste of time due to slow systems, crashes in operation-system processes like svchost.exe.

When questioned by the media about why the infrastructure was so poor, the IIMs and Prometric issued a statement that viruses had caused the tumult. In two days time, the names of two viruses were disclosed. Conflicker and W32 Nimda. But unluckily for the IIMs, people have refused to accept this theory. This article is a small attempt to prove that viruses can indeed cause furore of this scale.

About the virus
Conflicker, better known as Conficker is a worm which was in news in November 2008. It exploited vulnerability in network services of the Windows operation systems, entered the system and created chaos. http://en.wikipedia.org/wiki/Conficker. Microsoft had promptly released a patch for fixing this vulnerability on the 23rd of October 2008. http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

But Conficker maker/makers were smarter. He/she/they released other variants of the virus, after enhancing it. So far the known variants of this virus are Conficker.A, Conficker.B upto E.

What the virus does

Conficker is a very smart worm. It enters the system either through exploiting the vulnerability mentioned about or through USB drives. Once on the machine, it gets itself administrative rights, executes some code and creates a process of its own. The process can be viewed in the Task Manager under the Processes tab. It skilfully names the process using a technical jargon and thus no normal user would ever suspect any illegitimate activity there. After this, it tries to connect to the internet through different unimaginable ports. If it finds a connection, it downloads any well-known antivirus to corroborate its legitimacy to the user. Post an anti-virus scan, the virus goes into a long sleep/hibernate mode only to wake up once more, this time to damage the system and steal information. It contacts various servers and downloads harmful malware. Presence of W32 Nimda on the computers at the test centres is just part of this gimmick. Conficker has the capacity to steal passwords and send it to it’s’ headquarters (which is still not known) through other infected computers without leaving any trace behind.

Other than this, if the virus infects any server catering to other clients, it breaks the communication channel between the server and the clients, prevents domain-name-to-IP and IP-to-domain-name resolutions, better known as DNS lookups. It prevents regular patching of the operating system by disabling Windows updates. It can render existing anti-virus softwares useless.

Why IIM servers got affected

So the claim that IIMs and Prometric, make isn’t all wrong. This virus has the capacity to take the world by a click. But they cannot take shelter under testimonial because:
1) There are good anti-virus softwares like Microsoft’s Forefront which can detect the presence of Conficker.
2) The patch release by Microsoft is available. But applicable only for genuine Windows operating systems. yes, only genuine windows. We cannot comment on wether the widows installed were anuthentic, but at least this is the logical inference out the arguments and facts presented

In our country, people are gifted with intelligence and can crack the toughest operating system codes to make its pirated copies and find workarounds to make pirated/evaluated copies into genuine ones. Thus, such a venture by Prometric and of course NIIT should have been smarter one. Prometric being a non-Indian company can be given a lee-way for the charge. But NIIT, Indian company, should have known about the intricate details of IT infrastructure in the country where more than 58% of the computers have pirated copies of operating systems and other softwares. As for the IIMs, one cannot blame the manager if the computer freaks out.

Author: Ms. Arpita Dessai has rich experience in Microsoft Applications, Windows & Testing. She loves to research on viruse, designs & possible preventions. She also loves to write. You may visit a personal blog to see another side of Ms. Arpita’s personality here and her technial writings here.

Related Articles

• Updates on CAT & Test delay.

• CAT 2009 results out
• CAT 2009: Mauled beyond recognition
• Probably No Re-Test for CAT 2009
• Updates on CAT & Test delay.
• A wish-list for Windows 8