University account users beware — a new series of worm viruses are slithering into the University computer network.
No longer limited to e-mail, the viruses enter a computer system through an open Internet connection, scan the local network connected to the infected computer and proceed to attack other machines on UOnet.
One of the more common worms, called “Blaster,” infects a computer by generating more traffic to the server, making it impossible for other people to use it.
After the University Computing Center realized the potential threat of the viruses two months ago, technicians began disabling Blackboard, e-mail, dial-up and wireless access for infected accounts to limit the virus’ spread. Although an infected account can still receive e-mail, students are not notified that their services have been shut down because they are unable to access their inboxes.
Whether it is a Gladstone, Darkwing or Oregon server, any University account that is primarily accessed from Windows 2000 or XP can be affected by the virus. And although he couldn’t determine the exact number of accounts that have been disabled to-date, Microcomputer Services manager Dan Albrich said a handful of computers are infected every day because users don’t download enough security updates.
“We’ve seen an incredible influx of virus activity,” he said. “By using RADIUS, we can disable a bunch of access privileges at once.”
Initially designed as a dial-up identification system, the Remote Authentication Dial-In User Service is a single point of authentication mechanism that allows one user to have the same user name and password for access to several different systems. The mechanism is ideal for virus protection because Computing Center technicians can use it to disable all potential access points at once, keeping the worms out of the network. Since RADIUS is also used for unique service such as off-campus server access through Virtual Private Network, Albrich said the key advantage of the mechanism is simplicity.
“Students don’t want to have 10 user names and passwords for all the campus services available to them,” he said.
Acceptable Use Policy officer Jon Miyake, who is in charge of managing infected campus accounts, said disabling accounts has been vital to ensuring a healthy campus network, even if it poses a temporary inconvenience to users.
“We try to get accounts back online as soon as possible,” he said. “Overall, it’s a pretty painless process.”
Miyake said reactivating an account takes less than 30 minutes on average, thanks to the Computing Center’s easy-to-use security CD.
“It’s very effective for users who are trying to clean up their machines,” he said.
Having encountered a plethora of viruses in campus accounts, Miyake said students and faculty can turn to Computer Support Services or ResNet for information on how to cope with a disabled account and obtain a security CD. Albrich, who manages the full-time Computing Center help desk located at 151 Mckenzie Hall, said he and his coworkers are another great resource for information about the most current viruses and how to avoid them.
Amid the frustration and confusion of not having access to their accounts, some students have gone to the CC-EMU computer lab for advice or to obtain a security CD. Although they would love to help, all the lab employees can do is send infected account holders to the Computing Center.
“We get a lot of calls and students who come in asking for help,” lab assistant Lizette Crow said.
Crow’s advice to students who encounter initial access problems is to double-check their information before jumping to conclusions.
“Most of the time, students don’t have the correct user name and password, and they just think it’s a worm,” she said.