At a Glance
 
Central Software
CityVoD - CSC Forum Archive
Software List on CSC Student LAN
Location and Floor Plan of the CSC Teaching Studio Areas
Opening Hours of the CSC
Systems Maintenance Schedule
List of Blocked Network Cards / IP Addresses
List of CSC Representatives
List of Departmental Network Administrators
Staff Computer Courses
Sitemap
 
CSC e-Forms
 
Submit CSC Work Req.
Req. for Printing
Req. for Dump / Restore
Teaching Studio Booking / Cancellation
Email Alias Application
Apply for a New Domain Name
Remove an Existing Domain Name
Modify the Hosting of an Existing Domain Name
 
Useful Links
 
OCIO Home
IT Information for Students
IT Information for Staff
IT Information for Alumni
 
Got any questions, comments or suggestions? Contact the editors at ccnetcom@cityu.edu.hk
Issue 40 - June 2004
CSC Strives to Ensure a Virus-Free Environment
By Raymond Poon

The Sasser virus and its variants have been rampaging on the Internet since May 2004. According to the information provided by Symantec, Sasser is an Internet worm spreading through the MS04-011 (LSASS) vulnerability.

This vulnerability is caused by a buffer overrun in the Local Security Authority Subsystem Service, and will affect all machines that are:

- Running Windows XP or Windows 2000
- Haven't been patched against this vulnerability
- Are connected to the Internet without a firewall

Once infected with the Sasser worm, the following symptoms may occur:

- Computer performance is decreased or network connection is slow
- One may see a dialog box that contains text that refers to LSA Shell
- Computer may restart every few minutes without user input

Many organizations and universities worldwide were hit really hard at the time. Fortunately, most of our users hardly noticed this epidemic because:

  1. We, the Computing Services Centre (CSC), have been taking preventive measures by automatically forcing security patches of Windows as well as updates of virus signature files to all PCs on our Staff LAN as soon as these patches and updates become available.

  2. We have been proactively urging those users whose PCs are not managed by the CSC (e.g. PC for research, LAB PC, etc) but are detected by our security software tools to be vulnerable to either hacking activities or contracting viruses to take immediate remedial action. If they do not cooperate, their machines will be forced to disconnect from the campus network in order to protect other users on the network.

  3. From the past experience learnt, we have been able to identify threats well before they get worse and are deploying security devices at critical parts of the network infrastructure to monitor for abnormal traffic and to limit the potential damages done by new threats or unidentifiable attacks.

  4. For those publicly accessible PCs (e.g. those in Lecture Theatres, classrooms, etc) or kiosks that we manage, we install additional security hardware and procedures to further protect our users. For those we do not manage, we have been providing departments with best practices and guidelines on how to secure them which actually are the first point of entry to our network and thus also served as its first line of defense.

  5. We have been making use of the Departmental Network Administrators (DNA) and the System & Network Technical Group (SYSNET) to communicate well and share experience with one another on tackling security problems.

  6. We have been using statistics gathered from the Help Desk on types and causes of security breaches, users' awareness levels, etc. to establish policies, devise preventive measures and promote user awareness.

Despite these, we still see room for improving our preparation for the next wave of attacks. We still have lots of fire-fighting work to tame the viruses spread by improperly protected PCs on campus as well as those at the student hostels and at home that we practically have little or no control of.

The University community must work hand in hand as a whole to secure our network. After all, the security of our network is only as strong as its weakest link.

Also in this issue...
Using the Server-side Spam Filtering Service
Restrictions on Delivering E-mail with Unsafe Attachments
A New Way to Connect: USB Device
A Brief Glance at the Usage of Video Conferencing Facility
Tech Terms: Do You Know What They Mean?

 

 
Current & Back Issues
 
 
Search Articles
 
 
FAQs
 
Microsoft Windows10
Microsoft Windows 7
Office 365 ProPlus
Microsoft Office 2013
Microsoft Office 2010
中文支援常見問題
Internet Explorer 11
Internet Explorer 9
Email Services
Confidential Email
Wireless LAN
Virtual Desktop Service (VDS)
USB Flash Drive
Mirroring360
CityU SMS (for Department)
CityU SMS (for Staff & Student)
iPad (iOS 5.x)
Wiping a Mobile Device
Wiping Mass Storage Device
Handling Handheld Smart Devices for Service Maintenance, Recycling Use, and Disposal
Staff Account Renewal
Changing Local Administrator Password
McAfee Endpoint Security
Full Scan of Your Computer for Concealed Computer Virus
Anti-spyware
Computer Warranty Scheme Software Copyright Declaration and Compliance Observation
 
Technical Guides
 
AV Facilities User Guide
Connecting to Wireless LAN (WiFi)
VPN Connection Setup Guide BitLocker To Go User Guide
 
Copyright© Computing Services Centre, City University of Hong Kong. Best viewed in 1024x768 with IE. Javascript enabled. Last modified on Friday December 28 2018 .