Outages, new virus test will of technicians
Computer Services scrambling for fixes to newest problems
- January 30, 2004
- Stephen Yeargin, Executive Editor
- Section: Cover
UTM Computer Services announced the newest worm virus threat to students on the local area network on Tuesday and reassured campus residents that steps were being taken to track down Internet issues.
The virus, known as "MyDoom," contains several components meant to cause widespread problems, including a mail engine for the purpose of replicating itself. Analysts at Network Associates say that the engine could also be used to spread unsolicited e-mail known as spam.
A sample e-mail appears to the right, although there are many variations of subjects, body text and file names.
Popular peer-to-peer file sharing programs such as Kazza are said to be the catalyst for the fast spreading nature of the virus. MyDoom is programmed to copy the executable of itself into the shared directories for unsuspecting file-swappers to download.
The virus also has the capability of allowing a remote user to access your machine through open TCP ports.
In addition to these threats, the virus is also suspected to attempt a DOS (Denial of Service) attack on software maker SCO (www.sco.com). A DOS attack is when many remote computers attempt to access a server at the same time, in effect causing a shutdown.
IT Administrator III Ken Blankenship of the Computer Center said in a recent campus-wide e-mail that "As long as you obey the basic computer safety rules, your computer will not become infected."
Earlier this year, the Computer Center purchased a site license for McAfee VirusScan Enterprise Edition for every student and faculty member connected to the UTM network.
These with the software already installed are urged to update their virus definitions often for the best level of protection.
The virus is also known as several different aliases, such as Novarg (F-Secure), W32.Novarg. A@mm(Symantec), W32/Mydoom.a@MM, Win32.Mydoom.A (CA), Win32/Shimg (CA), and WORM_MIMAIL.R (Trend).
Internet outages a mystery The Pacer learned this week of students living in the dorms losing Internet connections in the early morning hours.
According to several residents of Cooper Hall, the outages occur about 4.a.m daily.
The outages typically last for about an hour before the connection is restored.
Amanda Kelley, a sophomore from Trenton and Cooper Hall resident, said "It is really frustrating to be on doing research and to just be kicked off all of a sudden."
In an e-mail from Computer Services Director Shannon Burgin, she said that her department is taking all of the necessary steps to track down the source of the outages.
"Hopefully we will know the problem and the solution soon," Burgin said.
Blankenship echoed the sentiments, saying "We are currently examining system logs, network settings, and setting up other monitoring tools to determine the specific cause of the outage."
"As best as we can tell, this has happened for the past four days," Blankenship said. The Computer Center said that it first learned of the problems on Tuesday.
One concern of some students was that the outages were somehow linked to the new "NetReg" service launched days before the beginning of the semester.
"This does not seem to be connected to the new authorization system in any way," Blankenship said. He says that if the two were related, the outages would have been happening earlier in the semester.
Anyone receiving a message similar to the one above should delete it immediately, Computer Services suggests. Inset, a new Web site has be created to distribute virus scan software (http://security.utm.edu/) for students and staff.