19 August 2003

Worm activity

Update on recent malicious code attacks on the University network.

The last fortnight has again seen an increase in computer worm activity throughout the world. The University appears to have come out of the latest attacks relatively unscathed, but there were isolated incidents of infection to computers within the network where security practices were lax (not in this Division this time, I hasten to add).

Client Services Division has pointed to several practices that leave the network open to attack by malicious code. These include:

  • Failure to keep University server and desktop machines up to date with the latest security patches and virus definitions.
  • Use of private unpatched and unprotected computers on the University network, particularly when users have accessed non-University email accounts from servers that don't screen for malicious code.
  • Connecting to the university network via modem, bypassing the protection the University has in place.

Our practice in the Division is to ensure malicious code in emails and attachments is trapped by the email server, and each desktop machine is set up to maintain its anti-virus software with the latest definition files to ensure files from sources other than email are virus-free. TSU is investigating configuring desktop machines in the future so that the machines automatically receive the latest software patches to improve their immunity from attack, but this approach will require some consideration to make sure users are not unduly inconvenienced by the changes.

The Division's servers are patched regularly to retain a high level of protection. Users are not permitted to connect servers to the University network.
Users who attach private computers to the university network must ensure that their computers are virus-free and protected against attack. Users who are found to introduce malicious code to the university network will not be permitted to attach their computers to the network.

Users are not permitted to dial in to the University network via modems attached to the University telephone system.