Click here to receive your FREE subscription to Campus Technology
Home > Picking at a Virus-Ridden Corpse, Part II
Current News
Picking at a Virus-Ridden Corpse, Part II
9/24/2003
5. Virtually No One's Really Serious About Desktop Workstation Security.
I'm willing to bet that the recent viruses resulted in hundreds, if not thousands, of compromised systems on each of your campuses.
No one's watching, so let's be perfectly candid: were all those compromised systems low-level formatted and reinstalled from scratch? No? Are you really, really, comfortable that all those patched-but-not-fully-reinstalled-from-scratch machines don't have any lingering, virus-created "back doors" that just haven't been noticed yet? No?
And if a virus on those machines had completely wiped out the hard drive on each of those infested systems, would each have had a current backup? Would you at least have had a backup of the important stuff that you can't otherwise re-create?
Trust me, virtually no one's really serious about desktop workstation security. If such people exist, they would have reinstalled from scratch, using backups that most of us probably didn't have.
6. It's Not Just the Viruses and Worms.
It is really easy to get tunnel vision and think that viruses/worms are the only security threat you face. They're not.
At the same time you're dealing with viruses and worms, you should also be thinking about the steps that you'll take to deal with at least one other major security vulnerability this year.
Maybe that's physical security: What could someone with a sledge hammer and five gallons of unleaded gasoline do to your physical infrastructure?
Or maybe this is the year to go after plain-text passwords on the wire: ssh makes a nice drop in replacement for yelnet, and you can comparatively easily TLS-enable most POP and IMAP clients and servers now, just to mention two areas where encryption has come a long way without much fanfare.
In Conclusion . . .
There are plenty more lessons we could learn from these most recent infestations, but let's just stop at 10. If we can do these ten, or even some of these ten, we'll be making great progress.
J'e St Sauver, Ph.D., is Director of User Services and Network Applications., University of Oregon Computing Center. He can be reached at j'e@oregon.uoregon.edu
We know that everyone is working hard and with inadequate resources. If you’ll read back a few issues, you’ll note that, about the way folks handled the mess when the students came back to campus, we wrote: "on campus after campus, the IT staff came through with shining colors." J'e’s main point may be that you should just occasionally ask yourself whether you are about to do the lazy/expeditious thing, or the right thing – not in terms of reacting to a crisis, but in light of what might be the consequences down the road.
Joe St Sauver, Ph.D. (joe@oregon.uoregon.edu) is the director of user services
and network applications at the University of Oregon Computing Center.
Cite this Site
, Joe St Sauver, "Picking at a Virus-Ridden Corpse, Part II," Campus Technology, 9/24/2003, http://www.campustechnology.com/article.aspx?aid=39508
copy text (above) for proper citation
Recommended Reading
- Web 2.0 :: Wednesday, October 8, 2008
:::::: THE BUZZ
: The Institutional Path For Change in This Age: Andragogy, not Pedagogy
:::::: PRODUCTS AND APPS
: College Students Find WiFi Essential to Education, Survey Reports
: Digital Arts Alliance Adds Fordham U
: Amazon To Host Microsoft Solutions in the Cloud
: Online University Aims To Boost Rural Math and Science Teachers - News Update :: Tuesday, October 7, 2008
:::::: NEWS
: Coming to Terms with Cloud Computing
: IBM Aims To Boost Mainframe Competency with Scholarship Program
: Microsoft's 'Dublin' App Server Tied to .NET 4.0
: Payment Card Security Toughens with DSS 1.2 Release
: 6 Universities Join NASA Astrobiology Institute
: Amazon To Host Microsoft Solutions in the Cloud
: CRM Pushing into New Areas of Higher Ed
: U Washington Aims To Streamline Data Access with Amalga
: Silverlight 2 Release Candidate Available - IT Trends :: Thursday, October 2, 2008
:::::: INTERVIEW
:: CRM Pushing into New Areas of Higher Ed
:::::: IT NEWS
:: Integrated Collaborative Environment Leverages Web 2.0
:: You Say You Want a Runtime Revolution?
:: Visual Studio To Include jQuery Library
:: Browser Makers Seek Clickjacking Fix
:: China's Southeast University Upgrades Wireless LANs Across 6 Campuses
:: Aruba To Increase Wireless Performance with ARM 2.0
:: More Universities Sign with Hothand Wireless To Deliver Mobile Marketing - SmartClassroom :: Wednesday, October 1, 2008
:::::: ELEARNING TIPS
: Avoiding the 5 Most Common Mistakes in Using Blogs with Students
:::::: NEWS and PRODUCT UPDATES
: Stanford Testing iPhone Application Suite
: North Seattle CC Adds Plato Online Algebra Course to Math Formula
: Second Life Mashup Helps Boost Distance Ed Retention at Huntington JC
: DePaul Weaves SS&C Tech Finance Material into Hybrid Graduate Course
: Serena Acquisition Takes Aim at Microsoft Project - Web 2.0 :: Wednesday, October 1, 2008
:::::: THE BUZZ
: The Generative Nature of the Digital Economy and Its Challenge to Educators
:::::: ELEARNING TIPS
: Avoiding the 5 Most Common Mistakes in Using Blogs with Students
:::::: PRODUCTS AND APPS
: College Crime Gets Google Maps Mashup at UCrime.com
: Second Life Mashup Helps Boost Distance Ed Retention at Huntington JC
: UW-Stout Taps Echo360 Lecture Capture To Connect with Distance Students
: Turnitin Integrates Plagiarism Tool into New Online Writing Service - News Update :: Tuesday, September 30, 2008
:::::: NEWS
: Second Life Mashup Helps Boost Distance Ed Retention at Huntington JC
: Seton Hall Monitors Recruitment Dollars with Coremetrics
: Universities Tackle Mainframes in IT Courses
: Windows 7 Bits To Be Released at PDC'08
: Serena Acquisition Takes Aim at Microsoft Project
: United States Tops List of Sources for Botnet Attacks
: Malicious Code Hidden in Rich Content Files Tough To Detect, According to Finjan Report
: Purdue Team Driving SiCortex Low-power Supercomputer in 2008 Cluster Challenge
: U Arizona To Optimize Wireless Networks on Campus
