COD's Virus Protection
What are viruses and worms?
According to a recent report entitled The Impact of SPAM, Spyware and Viruses on Academic Computing , prepared by consulting firm Project Leadership Associates for the College of DuPage, a virus is a piece of malicious programming code usually disguised as something that causes an unexpected and undesirable event. A virus is often designed to automatically spread to other computer users. Viruses can be transmitted as attachments to an e-mail, downloaded in files or embedded in programs. Some viruses take effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are playful in intent and effect while others can be quite harmful by erasing data, causing hard disk corruption or overloading servers. A worm is a self-replicating virus that does not alter files, but resides in active memory and duplicates itself. Worms are commonly noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.
Where do they come from?
Virus infections can come from sources such as e-mail, files transferred through disks, CDs, FTP, or from Internet downloaded files. The difference in academic computing is not the source but the potential avenues for infection such as student labs or public terminals connected to the academic network. One of the key differentiating factors for an educational institution is the ability to facilitate the free exchange of information and knowledge. As such, the availability of Internet-connected PCs for students, staff and faculty to “plug-in” have become unsupervised avenues of potential infection.
External access to COD applications, such as e-mail, has opened another avenue of potential infection. COD believes in the open exchange of information and total accessibility to core communication mediums such as e-mail. This access is provided via dial-up and Virtual Private Networking (VPN). This introduces another unmonitored avenue, beyond the control of COD IT staff, where virus infections may get introduced into the environment.
An unknowing faculty member dialing into COD to check e-mail could infect the system by uploading or attaching an infected file from their home machine. This infection could spread to the entire e-mail server or to other users on the system, resulting in a domino effect.
What is COD doing to protect me from viruses?
The Information Technology Department uses a 3-tiered approach to protect against viruses. The Boundary Level protects the network by scanning inbound traffic, i.e. e-mails, downloads/uploads, and denial-of-service attacks. The Server Level uses TrendMicro's ScanMail to protect e-mail information stores and TrendMicro's Server Protect to protect data stored on file servers against infection from sources missed by the boundary level. The Machine Level utilizes Command Antivirus to protect individual desktops and laptops connected to the network from manual sources, i.e. disks or CDs.
During a typical month the COD email server will process between 900,000 and 1,000,000 email messages and catch 4,000 to 5,000 viruses per month. With the release of the Sobig and MS blast viruses in mid August, the email server caught approximately 278,830 viruses in one month.
If you have
any further questions please do not hesitate to contact the Help
Desk at ext. 4357.
|
