Universities Taken Offline to Fight Worms, Viruses 450
chrismg2003 writes "Nationwide universities are opening their doors to new students but closing off their network services. The Blaster worm has caused universities to take drastic actions to protect their campus networks. Universities have gone as far as shutting down their entire resnet network and bringing it back up dorm-by-dorm after each computer has been certified worm-free. The ICMP ping requests alone have brought down my university's resnet multiple times and we are scrambling to clean the worm from all computers before it forces us to follow suit with other universities."
Can ISPs get with it too? (Score:5, Interesting)
Problem is, any plan will cost money to support. Worse, it might prompt the users to just cancel their service. I can't imagine ISPs like that idea. At least with the universities, the students have no choice, pretty much.
Re:Can ISPs get with it too? (Score:5, Funny)
Customer: I can't download the patch, you've turned off my internet access
That could be a problem
Re:Can ISPs get with it too? (Score:5, Funny)
Re:Can ISPs get with it too? (Score:5, Interesting)
Re:Can ISPs get with it too? (Score:3, Informative)
Re:Can ISPs get with it too? (Score:4, Insightful)
Re:Can ISPs get with it too? (Score:4, Insightful)
Re:Can ISPs get with it too? (Score:5, Interesting)
I absolutely agree with the original poster... if some idiot doesn't patch his box, I shouldn't suffer. If anything, set up rules at the upstream router to shut down his, and only his, connection (hell, you could automate this if you wanted). But don't you dare touch mine.
Re:Can ISPs get with it too? (Score:5, Insightful)
But even with all this, lots of people for some reason are just too lazy or too stupid to get this vaccine. According to you, every place should be quarantined to make sure the disease doesn't spread further, even though this is going to be a major PITA to all those people who got vaccines, and all the green-eyed people who don't have any problem in the first place. This is stupid. What should be done is just let the disease run its course, just like we do with the flu every year. Anyone too lazy or stupid to protect themselves, given how easy it is to do and how impossible it is to not know better, deserves to die.
People do this now (Score:4, Interesting)
Well, one problem... only about six people showed up, and this was after they advertised beforehand, posted it in the innner-city clinics, etc.
So yes, some people could care less... it was a very eye-opening experience for a group of well-meaning young physicians.
But to address the original point, there is NO justification to sanction the whole because of the actions of the few... that's a lazy and ineffective strategy.
Honestly, you'd be surprised (Score:3, Interesting)
There are people out there who preach that vaccines are a scam; nothing but evil, drug company money-makers. They look at the very small numbers of adverse reactions, where vaccines make people sick (a few hundred cases, generally out of millions of doses), and use those incidents to frighten parents
Re:Can ISPs get with it too? (Score:2, Interesting)
Re:Can ISPs get with it too? (Score:2)
With all of the variants of msblast out there, there must be source code for the exploit someplace that someone could use to write a "friendly" patch program.
Re:Can ISPs get with it too? (Score:4, Interesting)
Re:Can ISPs get with it too? (Score:2)
One host at a time
The "friendly" variant of MSBlast does every host at once and yes, creates a shitload of traffic to download the patch from Microsoft.
My point is that the traffic should be contained on the LAN, which is much faster and less expensive than grabbing the patch over the internet.
Too mechanical (Score:5, Interesting)
Indeed, if you call your favorite big ISPs tech support, they are unlikely to provide real help anyway (little technical insight, low pay, high turnover). Adding the extra burden of instructing the user how to un-infect their computer on something mechanical like individual telephone tech support would not help matters.
I favor the idea of cutting off infected customers. But I think the mechanism of getting customers back online should not involve the customer having to figure out that they need to call tech support - at least not first. The better way to support them is to redirect ALL HTTP requests from these customers to a ISP-provided site, which in turn informs the customer that they are seeing this page because their network access has been lost due to a virus problem on their computer.
That's the way that AT&T got customers off their @Home services (e.g. static IP addresses, dns/nntp/pop3/imap server information, etc etc). All HTTP requests went to a canned page. All usenet newsgroups at the old NNTP server contained a single message - one that instructed the customer to reconfigure their NNTP settings. All requests from non-DHCP provided IP addresses were directed to an appropriate placeholder.
Here's a solution (Score:3, Insightful)
"We detected MSblaster on you machine, please goto to microsoft wupport, and download the appropriet patch"
Just let it sit there for 60 seconds, then let them conintue on.
After they hey the site three times, send them an email with directions. always point towards microsoft support.
all this can be automated pretty darn quickly.
Re:Here's a solution (Score:5, Insightful)
I think this is a brilliant world. Unfortunately, there are already some sleazy companies who have pop-up ads that say the same thing. (ie. "You're infected with MSBlaster, patch your machine, then protect yourself permanently with (whatever the company's product is called.)"
You could also exploit a common NT hole by sending an NTMESSENGER message to them. (ie. "Message from Root@yourdomain.com: Your machine has been infected with a virus, please visit Windows Update to apply the patch ASAP.)
Re:Can ISPs get with it too? (Score:3, Interesting)
Re:Can ISPs get with it too? (Score:5, Interesting)
Next day, we try and go online only to be redirected to http://outbreak.ntli.net/ which told us they'd found that we were transmitting loads of data... they gave us links to blaster and welchia scanners and the MS patch. Until we stopped transmitting we weren't going to be allowed onto the net at large.
Upon removing Welchia we were promptly allowed back online. I've never been very impressed with NTL before, but this sort of decisive action was very impressive.
This ISP does (Score:4, Interesting)
Ever since Welchia hit, we have been doing exactly what is being described here: kicking off individual customers and even shutting off entire chunks of our network when it is discovered that a particular user or a large group of users are infected with Welchia and spewing their worm-related ICMP crap all over creation. We've had to take down entire apartment complexes and have people go door-to-door with CDs containing the removal tools and MS patches before bringing them back up.
I'm not certain how many people outside of the ISP technical support world know just how much of a PAIN Blaster and Welchia have been FOR technical support departments. Welchia came out, what, 2-3 weeks ago?, and although for the most part the majority of people are not seeing their effects anymore, these worms *are* still alive and kicking, and I don't see the end in sight anytime soon...our incoming calls have skyrocketed ever since the worms were released and especially after we found we had to take the drastic actions that we have had to take, and they have not waned yet!
We're going to be forced to continue to deal with these annoyances (-- understatement) for a long time to come.
Hrm.. dorm by dorm? (Score:2)
Places of Wisdom? (Score:2)
Re:Places of Wisdom? (Score:5, Insightful)
Re:Places of Wisdom? (Score:2, Funny)
Re:Places of Wisdom? (Score:2)
You haven't been to a university lately, have you? Think "high school, but bigger and you're allowed to have alchohol."
Re:Places of Wisdom? (Score:2)
What makes it so difficult for them to run lindows instead?
Universities And Linux (Score:2, Interesting)
> If you mean Linux, I assume you somehow are going to fund training all the students how to use it, along with getting all of the school's faculty and staff to support it, along with providing for Linux patch management efforts. Yeah, right. Back to the real world we go...
Insightful? That isn't insightful, that's just plain flamebait. Obviously you've never even tried using Linux! There's nothing difficult about it at all - KDE and Gnome look enough like Windows that anyone familiar with Windows ca
the little details... (Score:3, Insightful)
The "gentleman scholar" approach you advocate to teaching engineering has been tried.
It results in highly trained people with degrees who design and build things that don't work in the real world.
Re:Places of Wisdom? (Score:3, Insightful)
No. People who don't apply security patches are about that insensitive. There are a lot of mismanaged Windows machines in the world; there are also a lot of mismanaged linux and BSD machines.
We see Windows worms because that's a big target; but let's not delude ourselves into thinking that our favourite operating systems are immune.
Re:Places of Wisdom? (Score:3, Insightful)
Yes, and there are bugs which were in Sendmail for over a decade before they were discovered. Ditto for BIND. And BSD. And it would almost certainly be the same for linux, if linux were old enough.
My employer (who keeps up with security patches) was only halfway through the desktop update cycle.
For some value of "keeps up with security patches" meaning "is halfway through applying security patches which were released four weeks ago".
Re:Places of Wisdom? (Score:3, Insightful)
This is, however, rather irrelevant to the question of worms; most of the machines hit by Code Red had IIS running (and weren't patched, of course) but weren't actually hosting any web sites.
Won't someone please think of the children? (Score:2, Funny)
Re:Won't someone please think of the children? (Score:3, Funny)
Linux (Score:5, Interesting)
Re:Linux (Score:5, Informative)
Re:Linux (Score:3, Informative)
I believe Salo2112 is referring to DCOM-KB826369-X86-ENU.exe
The direct link is probably too long to avoid the /. lameness filters, so just go to Microsoft's Blaster Page [microsoft.com] and follow the link in the section for network administrators.
Labor costs? (Score:2)
Geez, this gives that old joke about the guy yelling from the back of the auditorium, "Get a Mac!" new life.
SUNY Maritime (Score:2)
I still haven't moved into my dorm, so I guess I'll have to find out when I go in. I have friends at RIT, West Conn, RPI, Marist, UCONN, NYIT, University of Rochester, and Elizabethtown College and none of them have trouble with their internet connections (I'm assuming this
Non-windows Students (Score:5, Funny)
Re:Non-windows Students (Score:3, Insightful)
Since when does using Linux mean IT doesn't have to worry about you? A friend of mine set up a Linux box a few years ago. ITS showed up at his office and shut his computer down because it was (unintentionally) DDoSing the DHCP server.
I'm a Linux user as well, but I certainly don't think that it solves all problems. Should knowledgeable Windows users who keep their systems pat
Say what? (Score:5, Insightful)
Re:Say what? (Score:3, Insightful)
Well, if the students patched their boxes... (Score:2, Interesting)
This is being done or discussed widely (Score:3, Interesting)
Next year, however, there is discussion of implementing something like checking all the dorm machines before they are allowed on the network... We have 40,000 undergrad students, so if even 1/4 are living on campus that will be quite a chore, but it is being discussed, and will happen.
One of the computing directors even told me the only reason it wasn't done this year was because they could not get the cd's for staff cut in time. I just want to know where they are going to get the army of staff that would be needed on Labor day weekend to do this.
seems fairly easy to solve (Score:2)
As I mentioned in that Ask Slashdot question a while back about handling this sort of thing, one could VERY easily set up VLANs on managed network equipment.
Joe User plugs in his desktop. His machine starts spewing garbage, which gets detected either at a border or by honeypots. Script runs, switches Joe User's network jack to a secure VLAN which is heavily firewalled and only allows him to get antivirus updates, removal tools, etc.
Of course, this requires you use managed hubs/switches. If you're not
Yet another reason to have a Linux boot disk (Score:2)
Surely they have routers and not just switches tying each wing into the network. So I wonder why, instead of spending all these hours on manpower for the current worms, they don't just block ports 445, 135-139. Do they really need them on the residential network?
Re:Yet another reason to have a Linux boot disk (Score:2)
Don't forget ICMP echo requests for the Welchia crap and port 25 for Sobig virus spamming everyone. Oh hell, just block all the ports and require everyone to use an authenticated web proxy with content filters and you even cut out P2P file sharing!
Our Solution (Score:5, Interesting)
I work for tech support for a large (30,000+ students) university. This fall we're expecting as many of 30 percent of the machines coming to residence to be infected with a worm.
To defend against this we're going scan all machines over the network during the registration process and if the machine is vulnerable the browser will get redirected to a webpage with the relevant patches which the client must apply. If they don't apply the patch they won't be able to connect to anything but our internal authentication vlan.
One of the reasons our networks get hammered during any worm incident is that there are so many machines connected to the network that just aren't patched ever.. Eventually we just have to manually shut down the ports infected machines are connected to and wait till clients call to complain to explain why they've been disconnected.
Notre Dame did something like this (Score:3, Interesting)
At UMCP (Score:2)
Re:At UMCP (Score:3, Funny)
After the main registration session ends, the university will release a custom DCOM worm of their own. After infecting an unpatched machine, it automatically contacts the university's online registration site and unregisters the student from all of their classes. Students who come back to re-
We got hit by Nachi ... (Score:4, Funny)
At the university where I work, the main campus is in the middle of an XP rollout, and the builds being installed didn't have the patch applied. Hosed the network so badly that remote updating wasn't possible - all the techs have been frantically running around with patch disks for the last few days.
Fortunately, the campus where I'm based is mostly on Win 9x, and we managed to get most of the rest of them patched before many were infected. We thought that we'd got them all, but we were still seeing ridiculous ICMP traffic. The networking people checked the traffic logs, and the PCs were identified.
They belonged to two of the Technical Support staff.
Ow. But you know... (Score:5, Insightful)
Sometimes they are so lame they can't be bothered to wipe their own asses, either...
Still, what a professional embarassment!
Re:We got hit by Nachi ... (Score:3, Interesting)
My university, and how they dealt with the worms (Score:3, Interesting)
Another defence was through the problem reports, since the campus provides computers for every dorm room. Upon submission of the problem, sometimes we would go reimage the system with the fix. Other times we would run some virus software to remove it and then the fix. After a few days, after we had figured out the fix, we sent out an email to the entire student body with the fix and with a removal program.
On the network end, port 139 is still currently blocked since that was one way that it spread. We have yet to totally get rid of the worms, but we are almost there.
With the other viruses, the server team quickly blocked all attachments with the pif extension, and a few others. This worm was pretty much stopped before it had a chance to grow on the network.
My university never shut down dorms or the network of any sort to stop the worm. We have maintained a active roll with virus software with our own ftp server for the definitions. Our server is also update twice a day to help prevent any more outbreaks.
Even though the worms were all acrossed campus, having many people work on the stopping and blocking the transmission of the worm, I think help keep my universitys network up.
UC Berkeley (Score:4, Interesting)
Comment removed (Score:5, Funny)
OT: viewing archived posts (Score:2)
My university too (Score:2)
North Dakota State University's Solution (Score:2, Interesting)
I'm at NDSU [ndsu.edu] in Fargo (insert obligatory joke here), and for once ITS had a semi-intelligent solution. They found some way (haven't had a chance to ask for specifics) to find out when a computer was infected (or even vulnerable, I hear), and then they just denied that MAC address an IP from the DHCP server. Once it's cleaned up, you call or email them and they put you on the list to be reactivated. Of course, it's a bit bothersome when you have to wait overnight to get a PC back online, but it's better then
OK, great. At least there are funny quotes (Score:4, Insightful)
To get the school's message across, all students were asked to sign a document confirming that their computers were updated with all the needed security upgrades. Not enough students confirmed that their machines were updated, prompting the GMU action today. Administrators said they would try later today to reconnect dorms, weeding out students with infected PCs. Students living off campus can continue to dial in to the campus computer network.
Looks like the kids are getting a decent deal on virus-removal and system updates too:
Students are being charged $30 if a university technician is called in to clean an infected machine, a school spokesman said. Students can go to off-campus experts for a fix but must certify that their computers are updated with the latest security fixes before being allowed to access the campus network.
Hmph, I can't find anything wrong here. Of course, there are a couple of choice quotes from the kids who, I believe, are our future:
Kimberly Borchert, a 19-year-old sophomore, said her computer "freaked out" as soon as she plugged it into the school's network last week.
Freshman Andrew Canose was one of several GMU students who encountered problems after installing the university-provided anti-virus software. Canose found the new program conflicted with an older anti-virus program already on his computer. "My computer is like at war with itself and won't work," he said.
But my favorite lines are from the admins, such as this gem:
"I think we really need to groom a new type of student who is responsible for their computer security," said Kathy Gillette, manager of George Mason University's beleaguered tech support center. "A lot of them lived at home and mom or dad took care of the computer so they've never learned how to fix them, but hopefully we'll be able to teach them that too."
And the classic:
"There were a certain percentage of students that wouldn't listen to us unless we hit them upside the head with a lockout," he said. "You simply can't deal with these problems until you've got your network under control."
Re:OK, great. At least there are funny quotes (Score:2, Funny)
Switching Operating Systems is not the answer. (Score:2, Insightful)
Dumb schools (Score:2)
MSN Messenger... argh. (Score:4, Interesting)
Yes, yes... install all patches, etc. The thing is, Microsoft is releasing security patches at an alarming rate at this point, and XP's Automatic Update seems profoundly dumb... I could swear I've downloaded the same security updates 3 times now, since it apparently either doesn't detect whether you already downloaded them (I can't always install-and-reboot in the middle of my work), or there's a ongoing stream of new revs to the patches, without them stating such.
And now, MSN Messenger keeps informing me that there's a "Critical Security Update" with a link to a download page (naturally, I can't reply to the message...), and going there informs me that I must set up a
All I want to do is turn MSN Messenger off. Close, disable, whatever. Version 7 seems to have no method of preventing it from connecting and giving me a bunch of messages when I connect to the internet. Try exiting it, it says it's in use by another application, even when I have none open. Select anything regarding its startup options in the options menu, still comes up. I've now went ahead and uninstalled it using Add/Remove Programs, though I'm reluctant to do that in case I need to communicate with a client using it at some point.
This is truly annoying. It seems that in effect, Microsoft is zealously forcing me to maintain my vulnerability to exploits, by insisting I continually use their Messenger (Yahoo IM works just fine for me, thank you...). They nicely give me the alternative of updating, to do which I need to sign up for
At least in most areas, you can choose to avoid a vulnerability-laden application. It seems the Microsoft solution to their insecure software is just to go ahead and force you to use it.
Argh. Does anyone know how I can just turn off MSN Messenger? TIA!
(Disclaimer: My personal experience, Microsoft used fictionally, MS lawyers are good people, etc...)
Re:MSN Messenger... argh. (Score:5, Informative)
msconfig is the answer to all your problems with stupid applications running at startup (like messenger, realplayer, etc). Start->Run, type in msconfig, hit enter. Go to the rightmost tab, "Startup", and uncheck all the boxes. Your computer will start up and run faster and more reliably, and you won't get retarded MSN messenger starting up (though you can still start it manually if you really have a burning desire to use it). You have to do this periodically since whenever you install a program nowadays it adds something to this list. Some programs are even adding Windows services, which aren't disabled by this screen. Luckily the next tab to the left is "Services", and it even has an option to hide all the default ones that come with Windows so you can selectively disable the ones installed by programs (And while you're at it, disable the deceptively named "Messenger" service from Microsoft to stop those stupid gray popup ads from appearing).
The constant use of msconfig is practically essential to running a decent windows system these days, so it's something everyone should know about. The combined use of msconfig and AdAware can keep a windows system reasonably clean of useless commercial junk, extending the time before you need to do a reinstall to remove all the crap.
Re:MSN Messenger... argh. (Score:3, Informative)
"HIDE" with nothing but don't remove the ","
before : msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
aft
go to "Add/Remove programs" and "Add/remove Windows Components" then uncheck "Windows Messenger"
if you removed all the "hide"s from the file, you can uninstall many many other unnecessary components as well
Re:MSN Messenger... argh. (Score:3, Informative)
Similar thing happening in Mexico (Score:2, Interesting)
Also, every time you go into the school's web site, a pop-up window appears with instructions on how to install Norton AV and keep it updated.
Because of these worms/virii, the network has been down intermittently for the last 4 weeks.
Excellent plan... (Score:2)
No, the terrorists are winning!
Funny, that. (Score:2, Interesting)
No Biggie (Score:2)
Was it a hassle? Yeah, it definitely was, but to
Interesting quote from the article (Score:2)
think we really need to groom a new type of student who is responsible for their computer security," said Kathy Gillette, manager of George Mason University's beleaguered tech support center. "A lot of them lived at home and mom or dad took care of the computer so they've never learned how to fix them, but hopefully we'll be able to teach them that too."
This raised two points in my mind:
1. Young people raised on a MS Wi
UW Labs (Score:5, Interesting)
Now you may wonder why I said "computer" and not "computers". Well here is why...the UW has an imaged drive lab. So one computer is used to push updates to EVERY single computer. Everytime a student logs off a computer the hard drive is made fresh again (cleaned) by the master server. That ensures proper working order and minimum IT staff work. Anything the student installed is erased too.
Single point of failure anyone?
Make Standards, Hold Students Responsible (Score:3, Interesting)
There's no reason why behavior with a computer should be exempt.
If some college kid physically damaged hardware in his school's server farm and took the network down, the school might very well sue him to recover their financial losses.
Likewise, any student who deliberately releases a virus, worm, etc., on a school network ought to be held financially responsible for the damage.
Schools (and any other institutions) should establish "standards of behavior" (e.g., required protective software, avoidance of banner servers, etc.) and hold students who violate those standards responsible for their share of the damages.
Problem solving, (Score:3, Insightful)
That should make linux etc popular. Every windows user has stare at their empty nic while the nerds just keeps using the network as usual.
RIT's Solution -- Working well (Score:5, Interesting)
Every PC on our network must go to start.rit.edu (when they plug in they get a temporary 10. IP, which can only access select servers, and other machines on their subnet). At the start.rit.edu page we've coded an activex control which checks the version numbers of the RPC DCOM patched files (We compiled a list of every major windows version, every service pack, pre/post RPC DCOM patch). If the user is not patched, they are redirected to a page indicating which patches they must download/install off our server -- we also have allowed the users to access windows update through a proxy (if IE auto proxy detection is turned on).
Finally we've coded a program, and put it on a CD entitled the RIT Windows Resource Kit. The program automatically detects their OS version, and upon them clicking a button, runs ipconfig
We also have RIT servers on campus who's logs are parsed on an hourly basis, and any machine which has connected to it in an attempt to spread the worm is blocked from the network. We then have a new custom-coded web interface which correlates with our network registration database: IPEdit [rit.edu] that we can use to look up users who can't get online, explain to them to get the CD, patch their PC, run stinger, and then we can reeanble them. Most users are back online within an hour.
So far we've distributed over 5,000 copies of the CDs to each incoming freshmen and returning upperclassmen. (15,000 students at the college). As can be seen, our bandwidth usage [rit.edu] is very much under control. Although we've experienced a lot of call volume (300 students a day) this last weekend as 2500 freshmen moved in, I'm happy to say that over 4000 students are registered on the network, and the phone in our office hasn't rung for the last hour.
Re:RIT's Solution -- Working well (Score:3, Informative)
We've also not had any issues with the SoBig virus due to our mail servers filtering out questionable attachments, and port 25 being blocked.
Re:RIT's Solution -- Working well (Score:3, Informative)
To keep blaster infected computers from rebooting. (Score:3, Informative)
UConn. (Score:3, Interesting)
I'm aware that this is an awful problem, but how on earth does it justify keying into someone's room?
(I'm not kidding. dailycampus.com has the story in its 8/28 back issue. They don't take external links, though this [dailycampus.com] will take you to a registration page. Also notice the article on 3/6/2003 where ResNet threatens to boot warez kiddies out of housing. Real nice fellas, these guys...)
--grendel drago
Comp Sci students... (Score:3, Insightful)
It should also be noted in their record. (Wants to run a network, but can figure out Windows Update, personal firewalls or anti-virus software...)
Re:Comp Sci students... (Score:3, Insightful)
Doesn't bother me though, because the lack of competition has meant that I have gotten top
Good for us? (Score:4, Funny)
If that's the case, I'd like to send a shout-out to all the virus and worm authors out there: you infect my computer and I'll pop a cap in yo azz, but as long as you just infect the clueless newbies, and it helps me separate them from their cash, I give you the thumbs up.
Well (Score:3, Interesting)
There was a noticable slowdown on Saturday and Sunday (when all freshmen moved in), but the network didn't go down. I imagine probably some of it was the normal freshman Internet traffic since many of them never had fast internet before, the rest was from Blaster.
Returning students arrived on Monday and Tuesday. Tuesday the network got slower and SLOWER and SLOOOOWEERRR then crashed about mid-afternoon. Didn't come up until yesterday morning.
RA's and orientation leaders were given CD's with the patch, fix tool, and virus definition files for various popular virus scanners.
Knowing this university, there will still be people unpatched come next May since no one has gone door-to-door to verify everyone's computers.
Oh and some students randomly can't get on the internet. Noticed today I had an IP address conflict, so I got a suspcion that the DHCP server has also ran out of IP addresses.
My girlfriend goes to NEC and their network has been totally down since Sunday. Basically they are going to go to each computer and patch it before they turn the network on. For some reason they insisted on attempting to patch her computer even though she showed them it was running Windows 98 SE (which isn't effected by Blaster), just like I told her to do. *sigh*
UConn saved our tail (Score:4, Informative)
Re:UConn saved our tail (Score:3, Interesting)
They did a very nice job containing the spread of the worm. Kudos to them.
On the other hand, the response from our office (Housing Tech Support at a school in Indiana, we just help students get online, don't deal w/ switches and routers) has been somewhere between nothing and next to nothing. I asked my boss to go buy u
Re:They should have patched IN JULY (Score:2, Insightful)
Re:They should have patched IN JULY (Score:5, Informative)
Of course you can try to educate them so that they will understand the need for these patches and apply them on their own, but actually achieving that goal is not a trivial task (and perhaps drastic actions like kicking machines off university networks are the first step in a tough love approach that might just work).
Maybe I'm blind, but... (Score:2)
An anti-MS agenda?
On the whole, I've found while there's an anti-MS bias, pro-MS comments, etc... that are intelligently written will usually get modded up, not down.
Me? I'm OS-agnostic. Whatever tool feels right for the job.
Re:Maybe I'm blind, but... (Score:2)
For the record, I'm another OS-agnostic, w
Re:They should have patched IN JULY (Score:3, Informative)
Right - Microsoft itself can't keep up with all the patching required to keep it's systems clean.
http://www.cnn.com/2003/TECH/biztech/01/28/micr
Re:Seems kinda stupid... (Score:2)
Re:Seems kinda stupid...not really (Score:3, Interesting)
The idea of Quarantining users in a "update" sandbox sounds really cool. As long as the ISP can locally host the patches, it sounds like the perfect solution to the virus problem. I'd think we'll see virus scanning being included with ISPs in the very near future. Unfourtnately, MS is only interested in Mono
Re:And its only going to get worse... (Score:2)
A couple of incorrect premises (Score:4, Insightful)
I'm only on page 3 of 7.. but think I have made enough comments to show that we should take this article with more than a grain of salt. I'm going to read the rest of the article now.
-tor
Re:outlaw windows? (Score:2, Interesting)
Re:Easily avoided, your' right! (Score:4, Insightful)
Anyone "retarded" enough to get infected with a virus on Windows is FAR too "retarded" to not get their linux box rooted. Especially with the blaster virus. It could be blocked by two compeltely seperate and simple prevention schemes.
If you have your linux box, unsecured on the net, then you are the "retarded" one. You have either been rooted already and don't know it or it will happen soon.
If you HAVE secured it, I guarantee you did more work to do so that it would have taken anyone to prevent being infected with Blaster.
Re:Why Not Just Require All Students To Use MacInt (Score:3, Insightful)
Certainly there are far fewer OS X virii, but it's far from true to say it can't be done.
Dave