From: InfoSec News (isnc4i.org)
Date: Fri Sep 05 2003 - 02:05:22 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.washingtonpost.com/wp-dyn/articles/A25845-2003Sep4.html

By Brian Krebs
washingtonpost.com Staff Writer
Thursday, September 4, 2003

George Mason University administrators, anxious to protect the
school's computer network from a raft of viruses and worms plaguing
the Internet, today unplugged thousands of students from the network.

At 1:35 p.m. today, network administrators at the Northern Virginia
school cut Internet access for all 3,600 students living on campus.

The move should not have come as a surprise to GMU students. Last
week, as freshmen reported for orientation, they were required to meet
face-to-face with a network security expert to have their laptop or
computer checked out. Upper classmen were greeted by school officials
who handed out the latest anti-virus software. To get the school's
message across, all students were asked to sign a document confirming
that their computers were updated with all the needed security
upgrades.

Not enough students confirmed that their machines were updated,
prompting the GMU action today. Administrators said they would try
later today to reconnect dorms, weeding out students with infected
PCs. Students living off campus can continue to dial in to the campus
computer network.

George Mason is just one of many universities in the region and across
the country making computer security a top priority as the fall
semester gets underway.

University of Maryland residents who tried to access the school's
network for the first time over the past two weeks were corralled onto
a Web site to help search for and mend the security hole exploited by
Blaster, a computer worm that emerged last month and infected hundreds
of thousands of computers worldwide. More than 6,000 students that had
yet to apply the needed patches did so, but hundreds of other students
ignored the advice and were promptly booted from the university
network, said Gerry Sneeringer, an IT security officer at Maryland's
Office of Information Technology.

"There were a certain percentage of students that wouldn't listen to
us unless we hit them upside the head with a lockout," he said. "You
simply can't deal with these problems until you've got your network
under control."

At the University of Virginia, some 800 new and returning student
residents were knocked offline by the schools' automated security
"bots," programs that patrolled the network looking for infected PCs.
Students were then handed CD-ROMs loaded with anti-virus toolkits and
software patches and were only allowed to plug their computers into
the school network after proving they installed needed fixes.

Spokespersons for Howard, American, Georgetown, George Washington and
Catholic universities reported far fewer problems with their networks.
While several of those schools were forced to disconnect some infected
computers, in most cases students asked to prove their PCs were clean
before being allowed to access campus networks.

As computers have transformed the way students and teachers interact
at most universities, school administrators are focused on protecting
their networks. Roughly 80 percent of higher education classes employ
e-mail and the Internet for some form of student instruction,
according to a 2002 study of more than 640 public and private
universities nationwide conducted by the Campus Computing Project.

Instructors at most universities are under tremendous pressure from
administrators and students to distribute course material over the Web
and through e-mail, and allow students to add and drop classes online,
said Steven Worona, director of policy and networking programs at
EDUCAUSE, a nonprofit that provides computer training and support for
1,900 colleges, universities, and education organizations.

Because of this dependency on the network, a lot of universities have
been forced to place much tougher computer security restrictions on
students.

"Schools are rapidly moving far away from the complete openness that
used to exist on their networks," Worona said. "What we're seeing is
most schools have a desperate need for solutions that can be applied
to hundreds or thousands of computers in a very short amount of time."

At George Mason, nearly 95 percent of resident students arrived with a
computer this year. Like at many big schools, GMU professors are
encouraged to use e-mail to update students on assignments and
last-minute changes to the syllabus -- and even to administer
pop-quizzes and tests. Last year, instructors were free to send e-mail
to an address of the student's choosing, but this semester teachers
are required to communicate with their students using the school's
e-mail system, thus the school is taking extra steps to ensure that
its computer network remains free from viruses.

Despite coordinated efforts to update students' computers, George
Mason found that handing out free software to upper classmen didn't
guarantee that students could successfully install it.

Kimberly Borchert, a 19-year-old sophomore, said her computer "freaked
out" as soon as she plugged it into the school's network last week.
The anti-virus software she received from GMU scanned her computer and
determined it had been hit with the "Welchia" worm, a so-called "good"
worm that destroys Blaster but still attacks other PCs and seizes the
victim's computer power and Internet connection. As of Wednesday
night, her computer was still infected and thus banned from the school
network.

Freshman Andrew Canose was one of several GMU students who encountered
problems after installing the university-provided anti-virus software.
Canose found the new program conflicted with an older anti-virus
program already on his computer. "My computer is like at war with
itself and won't work," he said.

Schools outside of the Washington region also scrambled in recent
weeks to protect their networks. Vanderbilt University in Nashville
last week banned more than 1,300 students -- about one-quarter of all
its residents -- from using the network until they cured their
machines of Sobig and Blaster infections. The school converted
administrative conference rooms into digital triage units so that
campus IT experts could help incoming students disinfect and patch
their computers, a university spokeswoman said.

At the University of North Texas in Denton, the school found that
4,000 of the school's 5,700 resident students reporting for the fall
semester last month brought computers infected with some sort of
virus. Students are being charged $30 if a university technician is
called in to clean an infected machine, a school spokesman said.
Students can go to off-campus experts for a fix but must certify that
their computers are updated with the latest security fixes before
being allowed to access the campus network.

Brown University mass-produced 8,000 CDs loaded with anti-virus
software and security patches and distributed them when students
picked up their dorm room keys. Still, the Providence, R.I., Ivy
League school was forced to dispatch teams of security experts to
residents' rooms to patch computers by hand after university officials
detected more than a thousand virus-infected student PCs connecting to
the university network.

"I think we really need to groom a new type of student who is
responsible for their computer security," said Kathy Gillette, manager
of George Mason University's beleaguered tech support center. "A lot
of them lived at home and mom or dad took care of the computer so
they've never learned how to fix them, but hopefully we'll be able to
teach them that too."

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]