Alerts Arm University Computer Users against Cyber Attacks

Posted: March 4, 2004 at 1:00 am, Last Updated: November 30, -0001 at 12:00 am

By Fran Rensbarger

Note: This is the second in a series of articles about cyber security at Mason. The first article on Feb. 18 explained how the university foils viruses and worms.

The university is at war with unseen attackers. While efforts of the Information Technology Unit (ITU) staff keep most cyber enemies at bay, the entire university community is urged to enlist in the effort against the stealthy invaders. That is because most faculty, staff, and students can aid in defending against a virus, worm, or Trojan horse attack by updating software on their own computers.

“The most important defense is keeping antiviral software up to date,” advises Cathy Hubbs, information technology (IT) security coordinator. “Microsoft users should use Windows Update for Critical Updates and Service Packs,” she adds. Awareness is on the rise, she says, but still ITU continues to offer courses on using and installing Norton AntiVirus and Microsoft Windows Update. The next two courses are scheduled for tomorrow and April 23 from 1 to 3 p.m. in Innovation Hall, Room 334. Click here for information.

Viruses, worms, and Trojan horses are different types of cyber attacks. In general, viruses are computer programs that replicate themselves, says Randy Anderson, director of Network Engineering and Technology of ITU. “For instance, they come as an e-mail attachment, and when the attachment is opened the viral program copies itself to some unexpected location in the user’s computer files.

“A worm is a virus that spreads itself to other systems, most often through e-mail but sometimes through file sharing programs or other means,” he says. “Once a worm infects a computer, it typically searches for the user’s e-mail address book and mails copies of itself to everyone in the list, often faking the return address. The current generation of worms, in conjunction with the fast and powerful personal computers (PC) on most people’s desks these days, have the side effect of producing large amounts of network traffic that can slow performance or even bring parts of the enterprise network down. That’s why it is so important to try to limit the number of vulnerable systems.

“Finally, many viruses and worms leave behind back doors, also known as Trojan horse programs or simply Trojans. Even if the virus itself has been removed from your PC, the back door it leaves behind can be used by a creative attacker to remotely control your PC, either to try to steal passwords, credit card numbers, or other sensitive information, or, more commonly, for future use in distributed denial of service attacks against a target web site. Systems infected with the Novarg worm, for instance, were used to attack the SCO Group and Microsoft. Fortunately we found very few infected machines here at Mason, due to the vigilance of our IT people, as well as, presumably, the increased level of awareness among our user community,” Anderson says.

Awareness at Mason includes using the Alerts page on the ITU web site, which provides the Mason community with current information regarding viruses, worms, Trojan horses, and other vulnerability information, says Hubbs. Generally it takes a few hours for an alert to go on the page after a new virus or worm is discovered, she adds.

Also, will display a static alert image as an additional measure to alert the community of any current threats. Clicking on the alert image will bring the user to the Alert page.

“The pages are currently being redesigned to provide the user community with a friendlier interface,” says Hubbs. “We are providing enough details so that the technical user is satisfied without overwhelming the more casual computer user.”

Write to at