Spacer
Spacer
BGSU
HomeAcademicsAdmissionsThe ArtsAthleticsLibrariesOffices
Spacer
Spacer Spacer
Top Nav   Office of the Chief Information Officer
Cross Hatch

Office of the Chief Information Officer

Welcome

About Us

ITS - Information Technology Services

IMS - Instructional Media Services

Student Tech

Office of Web Development

BG@100

Projects and Strategic Initiatives

Quick Reference

Newsworthy

Feedback

Office of the CIO Policies

Fraud Notice

CIO-Alerts and CIO-Inform email & PGP Public Keys
No Banner
Spacer Security - Connect May 2003 Spacer
 

   The May issue of Connect, the CIO's newsletter, references an article by Kent Strickland, BGSU information security officer, regarding Viruses, worms, and back doors. The article, in its entirety, can be found below.

   There have been many recent news items regarding student responsibility on university networks, in particular in relation to file sharing of music files. Some highlighted articles regarding university network usage issues are included following Kent's article.

   Also referenced are tutorials created by the Student Technology Center regarding Computer Ethics which are relevant for all network users.


Viruses, Worms,and Back Doors
by Kent Strickland, BGSU information security officer
Connect May 2003

Most computer viruses these days do not simply drop little programs on your computer that play tricks with your system or erase files. They can disable a system's firewall and outdated anti-virus software, and automatically run when the compuer is rebooted. They often include worm code, enabling the virus to automatically spread to other systems that are using Windows file sharing services. The recent Lovgate worm guesses weak Windows file sharing passwords to gain access to the hard drive of other systems on the network.

Worms may function as email servers, create email with forged senders and recipients using addresses found on your hard drive, and attempt to relay email through other sites around the world in an effort to hide their origin. The ability to forge sender information has caused significant problems for listprocs on campus recently (efforts are underway to find a solution), with innocent parties blamed for the incidents by others on the listproc. Some worms send email that looks like spam, enticing you to click on a hostile web page link.

In the initial stages of an infection, the viral code may contact remote hosts to notify an attacker and to automatically download much more sophisticated software such as FTP servers and back doors. A back door running on a system is difficult to detect and can work through most firewalls by establishing an outbound connection with an attacker's system (called a "back channel"), enabling covert remote control of the system. An attacker can use back doors to subsequently burrow deeper into the network and retrieve or compromise sensitive information. In other cases, systems that have a significant amount of available disk space have been used as Internet FTP servers for pornographic pictures or videos, illegal software, and copyright-protected music, movies, and games. Some FTP programs used for this purpose have parameters that can be customized, enabling low resource utilization during the hours of 8 a.m. to 5 p.m. so that security staff and the user can not easily detect that the system is being shared with others around the world.

Using a combination of techniques including abuse reports, anti-virus software on the BGNet email system and desktops, analysis of infected systems and attack patterns and on site education and support through ITS technical support staff and Residential Computing Connection, we have been gaining ground in the battle against viruses and worms. Nonetheless there is more to do.

Considering the sophistication of current viruses and the potential for systems to be remotely controlled by attackers, it is essential that everyone practice safe Internet disciplines in order to protect the University's information assets. Please work with designated support staff to ensure that systems have current bug fixes and security patches installed, unnecessary services disabled, and anti-virus software installed with current virus signature files. As always, think twice about installing free software, do not open email attachments that you are not expecting, and do not forward suspicious email to others. Do not click on web page links contained in suspicious email, including spam.

We are aware that a number of Macintosh users have become somewhat complacent, knowing that most hostile email attachments only infect Windows-based platforms. Opening attachments without concern of infection is not a good practice, especially as platforms are migrated to Mac OS X. The new operating system has stimulated interest in the hacker community because of its Unix underpinnings, and attack code is being ported from other platforms to OS X. This creates a new, large pool of potential targets.

For anti-virus information see: http://www.bgsu.edu/its/security/advice/page11132.html
For information on current viruses or hoaxes affecting BGSU, see: http://www.bgsu.edu/its/security/alerts/index.html
To report a security incident, please send email to: abuse@bgnet.bgsu.edu

Recent News Articles Regarding University Network Usage

Report Shows Drop in File Sharing , Wired News, September 30, 2003
Lawsuits 'not scaring swappers',  BBC News World Edition, September 12, 2003
Record Industry Sues Music File Swappers The Associated Press, September 9, 2003
EFF Urges Users to Pass Up RIAA's Amnesty Offer PC World, September 8, 2003
File-Swapper Amnesty Proram San Jose Mercury News, September 5, 2003
College File Swapping: Making the Illegal, Legal? Wired News, August 26, 2003
How to Tell if the RIAA Wants You Wired News, August 26, 2003
RIAA, Colleges Seek Piracy Fix Wired News, August 25, 2003
Vague Limits Vex Music Traders Wired News, August 20, 2003
ISP sues record industry over subpoenas CNet News, July 31, 2003
RIAA threat may be slowing file swapping CNETews, July 14, 2003
Recording Industry Forces University to Identify Students Suspected of Music Piracy The Chronicle of Higher Education, July 14, 2003 (subscription required)
File Swappers to RIAA: Download This! The Washington Post July 6, 2003
Legal Group Spites RIAA, Defends P2P Silicon Valley Internet.com July 1, 2003
Music Industry Explores Fighting Piracy With Malicious Software New York Times, May 4, 2003 (registration required)
Music Swappers to Receive Warning from RIAA The Chronicle of Higher Education, April 30, 2003
Three Students Arrested for Music Piracy CNET, April 23, 2003
Innocent Downloads Violate Law BG News, April 11, 2003
Students' Network Access Cut Off For File Sharing Internet News, April 2003
Recording Industry Sues 4 Students for Allegedly Trading Songs Within College Networks The Chronicle of Higher Education, April 4, 2003

Back to Project Home Page

  
Spacer
 
Spacer Spacer
Spacer
Spacer
Spacer
Spacer
Bowling Green State University  |  Bowling Green, OH 43403-0001  |  Contact Us  |  Campus Map  |  Site Map  |  Accessibility Policy (PDF Reader)
Spacer