Click here to receive your FREE subscription to Campus Technology
Lessons from a Post-Blaster, Post-Welchia, Post-Nachi, Post Mortem
Current News
Picking at a Virus-Ridden Corpse:
Lessons from a Post-Blaster, Post-Welchia, Post-Nachi, Post Mortem
9/17/2003
J'e St Sauver, director of user services and network applications at the University of Oregon Computing Center, has just gone through what everyone else has: the epidemic of viruses and worms that rained down on campus networks over the last several months.As our guest editorialist this week, J'e has some strong opinions on why some people got hit so hard and others didn’t. He also has some good lessons-learned. Oh, J'e also wanted me to point out that his perspectives here do not reflect difficulties or conditions at either his institution or any one particular institution. They are "a synthesized view that reflects the collective higher education experience."
—Terry Calhoun, IT Trends Commentator, Society for College and University
Planning (SCUP), University of Michigan.
------------------------------------------------
Sick of the Blaster/Lovsan, Welchia, Nachi experience? I know I am.
Let's do a brief post mortem and see what good we can glean from the latest
virus follies.
1. It's Windows PCs (again)
D'es your campus rely on PCs running a current version of Microsoft Windows?
If so, I suspect you were hit hard. Campuses that use Macs (or Unix/Linux workstations,
or a mixture of different types of systems) experienced fewer direct problems,
although even the most innocent shouldered part of the collective burden.
Do we never learn? Just as these viruses targeted PCs running Microsoft Windows,
so have virtually all the previous ones. Time after time, infestation after
infestation, the viruses and the worms have come for the PCs running Microsoft
Windows, and time after time, the PCs running Microsoft Windows have fallen.
Given that pattern, what is surprising (at least to me), is that few universities
seem to notice this pattern, and even fewer of them "vote with their purchase
orders" in favor of more secure/less commonly attacked systems.
D'es this mean that I would like all sales of Windows PCs to cease? No. What
I do want is a healthy level of operating system diversity, because in computing
(as in agriculture or a stock portfolio) diversity is key to managing risk and
building resilience.
2. That Perimeter Fence Sure Looked Good
Institutional firewalls are a staple security recommendation on every IT auditor's
checklist. Unfortunately, the recent viruses have illustrated just how ineffectual
they can be. Failure modes were numerous at many sites and for many reasons,
including:
Recommended Reading
- Campus Security :: November 14, 2008
:::::: SECURITY SPOTLIGHT
: Smart Phone Security: New Challenges for Road Warriors
:::::: CAMPUS SECURITY NEWS
: SMobile Releases Antivirus To Protect Google Android Phones
: Blue Coat Integrates Network Appliances
: e2Campus Provides Twitter Integration in Emergency Notification System
: Moodle Gets Student Verification Capabilities
: Rave Wireless Adding BlackBerry Devices to Notification Service
: U Miami Trades IPS for Top Layer Security System
: Cornell Hardens Campus Network with Gigabit Wireless Radio Links
: U Pittsburgh Turns to Verizon Business for Automated Notification Services - IT Trends :: Thursday, November 13, 2008
:::::: CASE STUDY
:: Cornell Takes Visual Approach to Data Analysis
:::::: IT NEWS
:: Panopto Launches Hosted Lecture Capture System
:: Microsoft To Add Smooth Streaming in IIS7
:: Agile Solution Provider Rolls Out Java SDK
:: Salem CC To Enhance Self Service with Unified Digital Campus
:: Parallels Desktop 4.0 Get Performance Boost, DirectX 9.0 Support
:: Brandon U To Automate Employment Processes with EmpCenter
:: SMobile Releases Antivirus To Protect Google Android Phones - C-Level View :: November 12, 2008
:::::: EXECUTIVE VIEW
: Delta iTunes U Enhances Learning in a Familiar Web 2.0 Environment
:::::: WORTH NOTING
: Caltech Completes Parking Structure Solar Array
: Schools Take Recruitment Virtual with Online Education Expo
: Blackboard Managed Hosting Rolls Out Virtual Operating Environment
: Higher Ed Help Desk Platform Adds Web 2.0 Tools
: Moodle Gets Student Verification Capabilities - SmartClassroom :: Wednesday, November 12, 2008
:::::: TECHNOLOGY TRENDS
: Microblogging and Relevancy
:::::: NEWS and PRODUCT UPDATES
: Open Source Java Libraries Debut for uPortal
: Dimdim Launches Hosted Virtual Classroom
: ASU School of Engineering Posts 10,000th Lecture with Mediasite
: Lyon College Plans Student Laptop Rollout
: Moodle Gets Student Verification Capabilities - News Update :: Tuesday, November 11, 2008
:::::: NEWS
: Caltech Completes Parking Structure Solar Array
: Schools Take Recruitment Virtual with Online Education Expo
: Salem CC To Enhance Self Service with Unified Digital Campus
: Brandon U To Automate Employment Processes with EmpCenter
: Open Source Java Libraries Debut for uPortal
: ASU and Obsidian Collaboration Seeks to Boost Long-distance Bandwidth
: Blue Coat Integrates Network Appliances
: e2Campus Provides Twitter Integration in Emergency Notification System
: Plagiarism Detection System Adds URL Filtering, Reporting Groups - IT Trends :: Thursday, November 6, 2008
:::::: CASE STUDY
:: Small College Makes Big Leap in Wireless
:::::: IT NEWS
:: Washington U Healthcare Researchers Turn to Virtual Storage
:: Cornell Hardens Campus Network with Gigabit Wireless Radio Links
:: BYU-Idaho Turns to Web-based Facilities Management System
:: U Pittsburgh Turns to Verizon Business for Automated Notification Services
:: Universities Turn to Oracle for Web-based Services
:: Delgado CC Expands Outsourced Support Agreement with Presidium Learning
:: Security Concerns May Slow Cloud Computing Adoption
