|
|
Issue
42 - December 2004
|
Ferocious
Virus Infection and Hacking Activities in Student Residence
By
Noel Laam
|
|
|
Security
incidents such as virus infection or hacking of machines in
the Student Residence (SR) have been a recurrent and serious
problem faced by the Computing Services Centre (CSC) since
the inception of the SR. Causes leading to the current situation
are many, some of them are:
-
Lack
of security awareness such as the habit of using software
from unknown source, or visit to unknown sites as tricked,
tempted, or persuaded by the received Email
-
Use
of browsers without proper security settings
-
Using
unlicensed Windows operating systems
-
Lack
of anti-virus software (e.g. Norton, Mcafee etc.)
Only
licensed Windows operating system will come with a valid key
that authorizes the owners to download the security patches
from the Windows Updates, and only with these patches being
applied in time and together with a valid and up-to-date anti-virus
software (anti-virus software of the latest version and its
virus signature regularly being updated) being installed could
students greatly reduce the risks of their machines being
attacked ( e.g., machines being infected with virus, or being
hijacked for attacking other machines or for sending spam
mail). Lacking any one of these tools or measures renders
the students' machines vulnerable to attacks. When attack
strikes, these machines will infect or jeopardize other machines
on the network, and the CSC, as the network administrator
of the University, will have no choice but to immediately
remove them from network by blocking their network connection.
In view
of the seriousness of the consequence and the ferocity of
these problems, we have decided the following:
-
Starting
from November 2004, Mcafee anti-virus software will be provided
free of charge to all students in the SR, and they only
need to download it from the machines in the SR terminal
rooms.
-
Starting
from Semester A 2005, all students in the SR will be required
to sign an agreement to use only valid licensed software
on their computers before they will be granted network access.
Moreover,
in order to educate our students to be considerate to other
users on the network and thus to become responsible network
users, their network connections will be blocked immediately
when they commit a security offence. The blocked connections
will only be released when the students have rectified the
security problems with all required protection mechanisms
installed. If they commit the same offences repeatedly, depending
on the frequencies and the problem types, their machines will
be blocked from connecting to the network indefinitely unless,
on very exceptional cases, sufficient proof can be obtained
from students that the problems will never happen again
It is
hoped that these measures will be able to alleviate much of
the existing problems so that our students and staff all can
study, teach, or research under a safe and secure networking
environment.
|
|
|
|
|
|
|