Computer Parasitology: 8 Proactive Steps for Protection
Computer viruses have progressed from urban myth to major threat. Yet, even with all the damage they have done, they pale in comparison to what we have seen and have yet to see from the dreaded computer worm. Viruses are computer programs designed to spread themselves from one file to another on a single computer. Worms, on the other hand, intentionally infect as many machines as possible, leveraging a network medium such as e-mail. Computer worms pose a great threat to school network systems. Over the next decade they will change the nature of anti-virus software and require paradigm shifts in network infrastructure.
Here are eight proactive steps your institution can take for protection:
1. Run anti-virus software on servers, gateways and desktops.
2. Remove "all staff" addresses from your list. If users need to send a facultywide or studentwide e-mail, they can forward the e-mail to an administrator for posting.
3. Lock down all peer-to-peer networking. We recommend that administrators do this on all computers where it is not absolutely required.
4. Deploy internal firewalls. Corporate firewalls provide no benefit once a worm has entered the school network.
5. Disable e-mail script capabilities. If your groupware product supports e-mail scripting, this should be disabled for all but a few users.
6. Strip executable content from incoming e-mail. This will protect students and faculty from inadvertent worm or virus infections.
7. Use heuristics, and if possible, digital immune system technology. Heuristics can detect up to 90 percent of all new and unknown virus strains.
8. Update operating systems and application software regularly with their security patches.
Symantec Security Response
This article originally appeared in the 11/01/2001 issue of THE Journal.