Virus problems cause ISU officials to question scanning
April 11, 2004
Virus detected and cleaned.
The message has been spreading far and wide across WebMail, as Academic Information Technologies fights a battle against the spread of viruses like MSBlast.
Jeff Balvanz, systems analyst for AIT, spoke wearily of the university’s encounter with the Blaster virus, as he said it had been an uphill struggle to get ISU computers up and running again in the midst of the virus.
“If a computer wasn’t patched, it would be infected within five minutes of connecting to the network,” Balvanz said. “Even if the user reinstalled Windows and wiped out the virus, it would be contaminated again five minutes later.”
There have been so many different viruses, worms and Trojan horses in the last year, he said, that it was hard to keep track of them. The names became a blur, although he said he remembers that Blaster and Nachi were among the worst.
This fall, though, the University of Northern Iowa will take a step toward eradicating the problems by requiring all computers hooked up to the school’s network to be completely scanned and found clean.
And while ISU officials say they’re weighing the options of how best to combat the problem, they said they have not yet ruled out a similar system.
Balvanz said one reason why the university is hesitant to follow Northern Iowa right away is the difference between the sizes of the universities.
“We have not done this in the past, and we don’t do it currently,” he said. “It’s something we’ve been talking about doing. But the difference between the ISU and UNI is that our network environment is much larger. We think it’s a good idea, we just don’t know yet how to go about doing it.”
The number of users connected to the network, plus Iowa State’s wireless ports across the campus, make scanning each computer that connects to the network difficult, Balvanz said.
A number of options are available to Iowa State, such as commercial scanning software packages or the usage of a large team of scanners, but Balvanz said all approaches have their drawbacks.
“What we would prefer is a more technologically based solution, which is less dependent on a large number of people,” he said. “There are a few commercial packages available, but they’re horrendously expensive. They can cost hundreds of thousands of dollars.”
As it stands, Iowa State has no real system of maintaining the security of its network users, other than the actions of the users themselves. The AIT Web page offers students a variety of antivirus software this is free to download, as well as patches and anti-spyware programs. But the use of these programs depends upon the user.
However, an AIT program does monitor the activity of some computers on the network, watching for what Balvanz calls “certain hostile behaviors.” If any are recognized, the computer is blocked from the Internet until AIT help center personnel can verify that the problem has been fixed.
Mike Bowman, assistant director of AIT, said the system Iowa State is considering adopting would look at the user’s computer not only for viruses but also to verify the system is well-armed against future technological invaders with the most current virus protection software and patches. It was shortages in these areas that made last fall’s battle with Blaster so laborious, Bowman said.
“It was difficult mainly because so many machines were not brought up to the appropriate patch level,” he said. “That’s why we had more machines infected than any other time.”