 |
OIT
Steps Up War on Viruses Spread By E-mail
In an effort to keep computers across campus working smoothly, Network Systems at the Office of Information Technologies this week began automated scanning for viruses in e-mail attachments entering campus mail hubs. "We first scan the e-mail attachments for the presence of a virus and then second [if a virus is found] return that message along with the attachment to the sender with an alert that they have a virus on their machine along with information about how to disinfect their machine," said Daniel Blanchard, director of Networking Systems and Services at OIT. "The scanning applies only to mail being sent to or from an OIT-supported e-mail address," said David Lutz, network analyst at OIT. "Mail sent to other departments or groups that maintain their own e-mail systems, for example, Computer Science or Engineering Computer Services, will not be scanned, unless the mail originates from an OIT-supported account." Another network analyst, David Powicki, said that when OIT tested scanning software, the office found approximately 60 viruses per day, but no messages were bounced back to senders until March 23. "When a person gets one of those bounced mail messages, they'll get a URL to a Web page managed by the OIT help desk," Powicki said. "And on that Web page there will be information about viruses, what steps need to be taken for purchasing software or contacting the Help Desk." "When we scan, we're not physically reading the contents of the mail," said Blanchard. "Rather we have computers that are scanning the attachments for viruses." "This is an automated process," Powicki said. "No one will actually be looking at attachments." "[Network users'] privacy - their e-mail - is not being violated; we respect that," Blanchard said. "In our new UMail system we actually encrypt messages so no one can read them." When campus members receive a returned message with instructions on how to proceed with virus removal, they may contact the OIT Help Desk for assistance, according to Tom Mahaney, Help Desk manager. "It may be the person who sent the message doesn't know enough or feel comfortable to remove the virus themselves, so they can call us for help over the phone or, for a fee, they could bring it in and we could do it for them," he said. "This process should be looked at as a first line of defense for viruses," Powicki said. "Users should still be aware that they should install anti-virus software on their own PCs because viruses aren't transmitted only by e-mail. You could have downloaded a virus inadvertently from a Web page. Members of the University community can purchase anti-virus software at a discounted price from OIT. "This is part of a broad project we are working on where we are trying to secure e-mail on campus. When e-mail messages are sent or read on campus, some of them go across campus unencrypted. With the new UMail service, we're beginning the first steps of encrypting mail traffic as it traverses the campus network." Powicki said the service is specific to UMail. POP mail and Pine messages are not being encrypted. Blanchard said his office is concerned about viruses because of the potential damage they can do to a computer and its data. Restoring the computer to operation costs money, but the sometimes greater cost, often immeasurable, is the loss of information. "The real solution to this is two-phase," Blanchard said. "Even though we're scanning for viruses, we can't correct the problem on your machine. "A lot of viruses are being transferred by floppy disks. It's even been known that viruses come in from software you've bought from a company. So it's important that you have a virus scanner on your computer." "We're anxious to get this rolling," he said earlier this month,
"because we know this is a serious problem." |
||
|
|
