Click here to receive your FREE subscription to Campus Technology
Current News
Picking at a Virus-Ridden Corpse, Part II
9/24/2003
According to J'e, we’re focusing more on the critters – worms
and viruses than we should, sometimes at the expense of some other important
security issues. On top of that, every user functions as a system administrator,
like it or not – and not only is probably very bad at it, but is also
needlessly connected to too much of your network. Further, users are becoming
addicted to bloated HTML e-mail, and there can be lots of reasons that make
it easy not to buy most users (students) antiviral software.
J'e’s lessons-learned are an unflinching, but useful and enlightening,
out-of-the-box look at ourselves. As we mentioned in Part
I, J'e’s perspectives here do not reflect difficulties or conditions
at either his institution or any one particular institution. They are "a
synthesized view that reflects the collective higher education experience."
—Terry Calhoun, IT Trends Commentator, Society for College and University
Planning (SCUP), University of Michigan.
----------------------------------------------
Picking at a Virus-Ridden Corpse, Part II
J'e St Sauver
University of Oregon Computing Center
Last week we briefly looked at four lessons learned from the Blaster/Welchia/Nachi
worm infestations that swept across much of higher education at the beginning
of this academic year This week we look at six more.
1. Distribution of Out-of-Band Software Updates
Quick poll: put your hand up if your campus had to create a supplemental security
CD to disinfect compromised systems which had been taken offline. Okay.
Now, keep your hand up if you ended up looking at creating yet another CD to
handle additional new vulnerabilities discovered after the creation of that
first CD? Hmm.
I believe that if you need to completely break your users’ connectivity
to control infested systems, you are a charter member of the security-CD-of-the-month
(or security-CD-of-the-day!) club.
If at all possible, you really need to be building your network in a way that
will permit you to use VLANS creatively to control infested users, while not
taking them entirely off the air. Infested users should not have unfettered
access to your campus network nor to the global Internet, but they must have
access to a local machine with key decontamination tools and the ability to
access Windows Update servers.
And while we're talking about disabling network access, how many of you have
just learned the hard way that having a single-sign-on authorization system
isn't much fun if "breaking network access" also means "breaking
e-mail access" and breaking access to other mission critical systems,"such
as your teaching and learning system?
If you've gone to single-sign-on with no granularity to your authorization system,
you've drunk the purple, powdered-drink mix along with all the other members
of your strange, apocalyptic cult.
Recommended Reading
- Campus Security :: November 14, 2008
:::::: SECURITY SPOTLIGHT
: Smart Phone Security: New Challenges for Road Warriors
:::::: CAMPUS SECURITY NEWS
: SMobile Releases Antivirus To Protect Google Android Phones
: Blue Coat Integrates Network Appliances
: e2Campus Provides Twitter Integration in Emergency Notification System
: Moodle Gets Student Verification Capabilities
: Rave Wireless Adding BlackBerry Devices to Notification Service
: U Miami Trades IPS for Top Layer Security System
: Cornell Hardens Campus Network with Gigabit Wireless Radio Links
: U Pittsburgh Turns to Verizon Business for Automated Notification Services - IT Trends :: Thursday, November 13, 2008
:::::: CASE STUDY
:: Cornell Takes Visual Approach to Data Analysis
:::::: IT NEWS
:: Panopto Launches Hosted Lecture Capture System
:: Microsoft To Add Smooth Streaming in IIS7
:: Agile Solution Provider Rolls Out Java SDK
:: Salem CC To Enhance Self Service with Unified Digital Campus
:: Parallels Desktop 4.0 Get Performance Boost, DirectX 9.0 Support
:: Brandon U To Automate Employment Processes with EmpCenter
:: SMobile Releases Antivirus To Protect Google Android Phones - C-Level View :: November 12, 2008
:::::: EXECUTIVE VIEW
: Delta iTunes U Enhances Learning in a Familiar Web 2.0 Environment
:::::: WORTH NOTING
: Caltech Completes Parking Structure Solar Array
: Schools Take Recruitment Virtual with Online Education Expo
: Blackboard Managed Hosting Rolls Out Virtual Operating Environment
: Higher Ed Help Desk Platform Adds Web 2.0 Tools
: Moodle Gets Student Verification Capabilities - SmartClassroom :: Wednesday, November 12, 2008
:::::: TECHNOLOGY TRENDS
: Microblogging and Relevancy
:::::: NEWS and PRODUCT UPDATES
: Open Source Java Libraries Debut for uPortal
: Dimdim Launches Hosted Virtual Classroom
: ASU School of Engineering Posts 10,000th Lecture with Mediasite
: Lyon College Plans Student Laptop Rollout
: Moodle Gets Student Verification Capabilities - News Update :: Tuesday, November 11, 2008
:::::: NEWS
: Caltech Completes Parking Structure Solar Array
: Schools Take Recruitment Virtual with Online Education Expo
: Salem CC To Enhance Self Service with Unified Digital Campus
: Brandon U To Automate Employment Processes with EmpCenter
: Open Source Java Libraries Debut for uPortal
: ASU and Obsidian Collaboration Seeks to Boost Long-distance Bandwidth
: Blue Coat Integrates Network Appliances
: e2Campus Provides Twitter Integration in Emergency Notification System
: Plagiarism Detection System Adds URL Filtering, Reporting Groups - IT Trends :: Thursday, November 6, 2008
:::::: CASE STUDY
:: Small College Makes Big Leap in Wireless
:::::: IT NEWS
:: Washington U Healthcare Researchers Turn to Virtual Storage
:: Cornell Hardens Campus Network with Gigabit Wireless Radio Links
:: BYU-Idaho Turns to Web-based Facilities Management System
:: U Pittsburgh Turns to Verizon Business for Automated Notification Services
:: Universities Turn to Oracle for Web-based Services
:: Delgado CC Expands Outsourced Support Agreement with Presidium Learning
:: Security Concerns May Slow Cloud Computing Adoption
