Some ISU students, faculty and staff may have been denied access to the Internet after computers on the network became infected with a computer worm and virus hybrid, W32/Bagle.

W32/Bagle, a worm and virus hybrid discovered last week, is one of the most recent examples of computer programs that use e-mail to spread a virus from one computer to another. While Bagle and similar programs pose a serious threat to computers connected to the Internet, two local experts agree students have many ways to prevent such infections.

Bagle works by sending an e-mail with the subject “Hi” to all e-mail addresses found on the infected computer. Attached to the e-mail is a program which repeats the process, spreading the program over many computers. In addition to its mass-mailing component, Bagle uses a remote access feature that allows the program’s author to take control of the infected computer.

Frank Poduska, systems analyst for Academic Information Technologies, said somewhere between 50 to 100 machines on the ISU network have been blocked from the network because they contain Bagle or a similar program.

Poduska said a standard worm propagates itself, meaning the user doesn’t need to perform any particular action for the program to work.

“Worms exploit a defect in operating systems which lets it move from system to system,” Poduska said.

Poduska said Bagle is not a true worm, because it requires the user to perform an action for it to spread. In Bagle’s case, the user must open an attachment in the e-mail for the program to infect their computer, making it similar to a virus.

Doug Jacobson, associate professor of electrical and computer engineering, described a virus as a program that is run without the user’s knowledge. Jacobson said problems caused by viruses and worms vary depending on the program.

“Some viruses are harmless, while others will kill you,” Jacobson said.

Jacobson said people connected to the ISU network are in fairly good shape. The ISU network filters out many viruses and worms before they ever reach the machines on campus, Jacobson said.

“We have a pretty good front door,” he said.

Poduska said students can take steps to prevent infections from occurring on their computers. Both operating system and antivirus software updates are crucial to preventing an infection, he said. People should be cautious when opening e-mail attachments — if the user doesn’t know whom the e-mail is from, the attachment should be deleted immediately, Poduska said.

If a student finds his or her machine has been blocked, they can take steps to get reconnected, he said.

“There are steps on the AIT Web site a student can take to get unblocked,” Poduska said.

Jacobson said it is still important for users to run virus scanners and install personal firewalls.