Click here to receive your FREE subscription to Campus Technology
Current News
Picking at a Virus-Ridden Corpse, Part II
9/24/2003
According to J'e, we’re focusing more on the critters – worms
and viruses than we should, sometimes at the expense of some other important
security issues. On top of that, every user functions as a system administrator,
like it or not – and not only is probably very bad at it, but is also
needlessly connected to too much of your network. Further, users are becoming
addicted to bloated HTML e-mail, and there can be lots of reasons that make
it easy not to buy most users (students) antiviral software.
J'e’s lessons-learned are an unflinching, but useful and enlightening,
out-of-the-box look at ourselves. As we mentioned in Part
I, J'e’s perspectives here do not reflect difficulties or conditions
at either his institution or any one particular institution. They are "a
synthesized view that reflects the collective higher education experience."
—Terry Calhoun, IT Trends Commentator, Society for College and University
Planning (SCUP), University of Michigan.
----------------------------------------------
Picking at a Virus-Ridden Corpse, Part II
J'e St Sauver
University of Oregon Computing Center
Last week we briefly looked at four lessons learned from the Blaster/Welchia/Nachi
worm infestations that swept across much of higher education at the beginning
of this academic year This week we look at six more.
1. Distribution of Out-of-Band Software Updates
Quick poll: put your hand up if your campus had to create a supplemental security
CD to disinfect compromised systems which had been taken offline. Okay.
Now, keep your hand up if you ended up looking at creating yet another CD to
handle additional new vulnerabilities discovered after the creation of that
first CD? Hmm.
I believe that if you need to completely break your users’ connectivity
to control infested systems, you are a charter member of the security-CD-of-the-month
(or security-CD-of-the-day!) club.
If at all possible, you really need to be building your network in a way that
will permit you to use VLANS creatively to control infested users, while not
taking them entirely off the air. Infested users should not have unfettered
access to your campus network nor to the global Internet, but they must have
access to a local machine with key decontamination tools and the ability to
access Windows Update servers.
And while we're talking about disabling network access, how many of you have
just learned the hard way that having a single-sign-on authorization system
isn't much fun if "breaking network access" also means "breaking
e-mail access" and breaking access to other mission critical systems,"such
as your teaching and learning system?
If you've gone to single-sign-on with no granularity to your authorization system,
you've drunk the purple, powdered-drink mix along with all the other members
of your strange, apocalyptic cult.
Recommended Reading
- Campus Security :: June 27, 2008
:::::: NETWORK SECURITY
: Delivering Slices of Network Securely at USC
:::::: CAMPUS SECURITY NEWS
: VMware Finds Home on Campus in Disaster Recovery Planning
: Microsoft Advisory Targets SQL Injection Attacks
: Mobile Security To Surface in Sybase iAnywhere Suite
: Southeast Missouri State Says Former Employee Took Student Data
: Universities Deploy Procera Hardware to Prioritize Network Traffic
: Dartmouth Launches 2-Week Crash Course in Security
: Survey: Many Microsoft Patches Are Going Uninstalled
: New Bluetooth Patch Fixes XP Security Hole - IT Trends :: Thursday, June 26, 2008
:::::: FOCUS
:: Lyon's 1:1 Laptop Program Aims To 'Level the Playing Field' for Students
:::::: IT NEWS
:: Windows XP's Death Is for Real, Microsoft Rep Explains
:: Temple To Deploy Wireless LAN Across 8 Campuses in Philly
:: Adobe Releases Acrobat 9, Creative Suite 3.3
:: Microsoft Open XML Converter Arrives for Mac
:: Pentaho's BI Platform Released Under GPL
:: New Bluetooth Patch Fixes XP Security Hole
:: New 11.0 openSuSE Linux OS Released - C-Level View :: June 25, 2008
:::::: EXECUTIVE VIEW
: The Educational Software Paradox - Can We Learn to Unlearn?
:::::: WORTH NOTING
: D2L: Blackboard's Comments 'Contempt(ible)'
: Ohio State Installing Interactive Technologies in Campus Incubator
: New Green Supercomputer Powers Up at Purdue
: Western Governors U Offers New Online Degree in Health Informatics
: Foothill-De Anza CC District Deploys Abaca for E-mail Protection - SmartClassroom :: Wednesday, June 27, 2008
:::::: VIEWPOINT
: Podcasting in Instruction: Moving Beyond the Obvious
:::::: NEWS and PRODUCT UPDATES
: D2L: Blackboard's Comments 'Contempt(ible)'
: Ohio State Installing Interactive Technologies in Campus Incubator
: Samsung Launches Pint-Sized Projector
: Mediasite 5.0 Debuts; New Classroom Recorders Coming in July
: Mitsubishi Launches Wireless, Short-Throw Projectors - News Update :: Tuesday, June 24, 2008
:::::: NEWS
: Sao Paulo University Taps Sun Technology for Computing Cluster
: Ohio State Installing Interactive Technologies in Campus Incubator
: New Green Supercomputer Powers Up at Purdue
: Mediasite 5.0 Debuts; New Classroom Recorders Coming in July
: Intel 'Holding Back' USB 3.0 Spec, Says Nvidia
: Allegheny College Launches Energy Reduction Program
: Virginia Tech Automates User State Management with Kaseya
: Tokai U Uses PTC MCAD Software To Design Car that Competes at Le Mans - IT Trends :: Thursday, June 19, 2008
:::::: CASE STUDY
:: Job Scheduling Software Smooths Data Transfers at IUF
:::::: IT NEWS
:: Blackboard Continues Pursuit of Desire2Learn
:: IBM Launches 'Carbon Strategy' Service in Project Big Green
:: Microsoft Joins Open Source Census Group
:: Swedes Deploy Dual-Boot 'Green' Supercomputer with IBM, Intel Chips
:: U North Texas To Roll Out ImageNow for Document Management
:: Cambridge Installs Panasus Parallel Storage System for Research Support
:: Novell Joins Microsoft Server Virtualization Validation Program, Runs Windows Server 2008 On SUSE Linux Enterprise
