Click here to receive your FREE subscription to Campus Technology
Lessons from a Post-Blaster, Post-Welchia, Post-Nachi, Post Mortem
Current News
Picking at a Virus-Ridden Corpse:
Lessons from a Post-Blaster, Post-Welchia, Post-Nachi, Post Mortem
9/17/2003
J'e St Sauver, director of user services and network applications at the University of Oregon Computing Center, has just gone through what everyone else has: the epidemic of viruses and worms that rained down on campus networks over the last several months.As our guest editorialist this week, J'e has some strong opinions on why some people got hit so hard and others didn’t. He also has some good lessons-learned. Oh, J'e also wanted me to point out that his perspectives here do not reflect difficulties or conditions at either his institution or any one particular institution. They are "a synthesized view that reflects the collective higher education experience."
—Terry Calhoun, IT Trends Commentator, Society for College and University
Planning (SCUP), University of Michigan.
------------------------------------------------
Sick of the Blaster/Lovsan, Welchia, Nachi experience? I know I am.
Let's do a brief post mortem and see what good we can glean from the latest
virus follies.
1. It's Windows PCs (again)
D'es your campus rely on PCs running a current version of Microsoft Windows?
If so, I suspect you were hit hard. Campuses that use Macs (or Unix/Linux workstations,
or a mixture of different types of systems) experienced fewer direct problems,
although even the most innocent shouldered part of the collective burden.
Do we never learn? Just as these viruses targeted PCs running Microsoft Windows,
so have virtually all the previous ones. Time after time, infestation after
infestation, the viruses and the worms have come for the PCs running Microsoft
Windows, and time after time, the PCs running Microsoft Windows have fallen.
Given that pattern, what is surprising (at least to me), is that few universities
seem to notice this pattern, and even fewer of them "vote with their purchase
orders" in favor of more secure/less commonly attacked systems.
D'es this mean that I would like all sales of Windows PCs to cease? No. What
I do want is a healthy level of operating system diversity, because in computing
(as in agriculture or a stock portfolio) diversity is key to managing risk and
building resilience.
2. That Perimeter Fence Sure Looked Good
Institutional firewalls are a staple security recommendation on every IT auditor's
checklist. Unfortunately, the recent viruses have illustrated just how ineffectual
they can be. Failure modes were numerous at many sites and for many reasons,
including:
Recommended Reading
- IT Trends :: Thursday, August 14, 2008
:::::: RESEARCH
:: Higher Education Fertile Ground for 802.11n WiFi, ABI Reports
:::::: IT NEWS
:: U New Hampshire Consolidates Backup and Recovery Environments
:: System Center Update Promises Energy Savings
:: Stephens College Automates Campus Administration with PowerCampus UDC
:: Chapman University To Deploy Campus-wide WiFi
:: Ultimus Releases New Version of Adaptive BPM
:: Utah Education Network Selects To Deliver High-speed Internet Access and Metro Services via XO
:: Video Spotlight: Google, Microsoft Go Head to Head in Edu Space - C-Level View :: August 13, 2008
:::::: EXECUTIVE VIEW
: ERP: More Than System Functionality
:::::: WORTH NOTING
: Open Source Brings Down Cost of Wireless Rollout
: Polytechnic Institute of NYU Deploys Array Networks' SSL VPN
: KU Medical Center Installs Real-time Beacon System
: Utah Education Network Selects To Deliver High-speed Internet Access and Metro Services via XO
: Video Spotlight: Google, Microsoft Go Head to Head in Edu Space - SmartClassroom :: Wednesday, August 13, 2008
:::::: FOCUS
: Open Source Brings Down Cost of Wireless Rollout
:::::: NEWS and PRODUCT UPDATES
: Skoobit Launches Online College Textbook Rental Service
: Virginia Tech Tries 'Compliance Sheriff' To Improve Web Site Accessibility
: Utah Education Network Selects To Deliver High-speed Internet Access and Metro Services via XO
: Collexis' Lawriter Debuts Social Network for Law Students
: Promethean, Simtrol Use Activeboard To Manage Classroom Devices - News Update :: Tuesday, August 12, 2008
:::::: NEWS
: U Toronto Team Wins 2008 Innovate Canada Competition
: Terracotta Integrates Sun's VisualVM
: IBM Touts Linux Strategy with New Virt, SuSE, Supercomputer Intiatives
: Open Source: A 'Growing Challenge' to Microsoft
: Internet Freedom: Google, Microsoft, Yahoo Near Agreement
: Pepperdine U Upgrades WiFi with Xirrus Arrays
: IBM To Team with Linux Vendors on 'Microsoft-Free' PCs
: Security Woes Up, as PHP and OSS Make the List
: CourseCast 2.0 Adds Podcasting, Streaming Media Features to Free Lecture Capture System - Campus Security :: August 8, 2008
:::::: SPOTLIGHT
: A Cheapskate's Guide to Free Security Software
:::::: CAMPUS SECURITY NEWS
: Collaboration Key to Security, Microsoft Says
: IBM Unveils New Software Designed To Streamline eDiscovery
: Security Woes Up, as PHP and OSS Make the List
: Apple Reacts to Spoof Threats, Issues DNS Hotfix
: Reflex Security Releases Virtual Security Center
: Moravian College Turns to Appliance To Deter Malware and Botnet Activity
: Sophos Upgrades Web Security Appliance
: Most Malware Found on Trusted Web Pages, Report Says - IT Trends :: Thursday, August 7, 2008
:::::: WIRELESS
:: Drexel Sees 802.11n as Logical Leap
:::::: IT NEWS
:: Pepperdine U Upgrades WiFi with Xirrus Arrays
:: CourseCast 2.0 Adds Podcasting, Streaming Media Features to Free Lecture Capture System
:: Roanoke College Gets Personal with CRM
:: Hobart and William Smith Colleges Wrap First Phase of CRM Implementation
:: Higher Ed Least Likely Sector To Adopt Energy Management Policies
:: Katana Brings Education Content to Sakai Open Source LMS
:: Universities in Indiana, North Dakota, New York Deploy Oracle Software
