Information Technology's Web site
has links to information on the latest 10 viruses, the top 10 virus hoaxes and the top 10 viruses of the month.

Click here for the information.

By Jeff Giacobbe
Director of Systems, Security and Networking
Information Technology

Blaster, SoBig, CodeRed, Mimail, Nachi, Sircam, Magistr, Klez, Nimda, SQL-Slammer, myDoom. Anyone who has used a computer in the past decade has probably heard of at least one of these names or has been a victim of their activity. They are but a handful of the more than 72,000 known computer viruses and worms that have sprung up since "Brain," the first computer virus, was created by two Pakistani brothers in 1986.

Since then, computer viruses have attracted an increasingly bold and technically savvy counter-culture of hackers who churn out new viruses, worms and other malware on a seemingly daily basis. The explosive growth of the Internet in the early 1990s provided virus writers with a high-speed, worldwide distribution mechanism for their latest creations, primarily via e-mail attachments and file swapping services.

The virus phenomenon also spawned a new industry in the form of anti-virus software companies. Now the "black hats" (malicious hackers) and the "white hats" (anti-virus software vendors) fight a battle of one upmanship as each side attempts to outsmart and outmaneuver the other.

Montclair State University fights that battle on the home front with a multi-layered approach of virus prevention, detection and removal. Each piece of the University's anti-virus strategy plays a critical role in creating an effective and manageable response to the often formidable security threats posed by viruses.

As with any biological virus, when dealing with computer viruses an ounce of prevention is worth a pound of cure, and the best form of prevention is user education. With few exceptions, a computer cannot be infected by a virus unless the user performs some action to activate the virus code. This action usually involves downloading a file or e-mail attachment to the hard drive and double-clicking on it to run it.

Through training classes, campus-wide e-mail announcements and written documentation, Information Technology has made a concerted effort to inform the campus community of the dangers of opening e-mail attachments and/or downloading unknown files. This increased user awareness has had a significant effect on reducing the number of virus outbreaks on campus over the past year. Users are now pro-actively calling the Helpline to report a suspicious e-mail attachment instead of opening it.

Effective virus detection and removal requires the use of specially designed anti-virus software that recognizes known virus "signatures" and either removes the malicious code from the file or deletes the infected file. Montclair State employs anti-virus software on both the campus e-mail server and on all University-owned desktop and laptop computers. The e-mail software is configured to automatically update its virus signature file with the most recent version every hour, and the desktop software is configured to update itself every 24 hours.

Last May, Information Technology installed an anti-virus gateway that scans all e-mail arriving at the campus e-mail server (mail.montclair.edu) and removes attachments that contain a known virus signature. All file attachments are scanned, even if they are in a compressed format like zip. If a virus is detected in one or more attachments, those attachments are removed and the remaining parts of the message are delivered to the user with the subject line altered to include the tag "[PMX:VIRUS]."

To date, the anti-virus gateway has performed superbly, detecting and removing more than 30,000 viruses before they had a chance to reach a user's inbox.

While the gateway has had a tremendous effect on reducing the University's exposure to malicious viral code, it can only detect and remove viruses that are sent to or from a mail.montclair.edu e-mail account. Unfortunately, this is not the only avenue for viruses to infect a campus machine. For example, e-mail that is retrieved from an off-campus mail service like Yahoo or Hotmail does not pass through our gateway and is therefore not scanned for viruses. Viruses also can be transmitted by downloading files from Web sites or by exchanging music files through services like Napster or Kazaa.

To combat these alternate routes of exposure, the third piece of Montclair State's virus protection strategy is the anti-virus client software installed on every faculty, staff and laboratory machine. This software is active from the moment the machine is booted to the moment it is powered off, and is constantly on the lookout for files that contain a known virus signature. If a virus is detected, the anti-virus software will alert the user with a pop-up warning message and then attempt to clean the file by removing the virus code from it. If the file is not able to be cleaned, the software will ask the user if it is OK to delete it.

Viruses, worms and other malware are an unfortunate reality of the digital information age. As long as there are computer savvy individuals with an ax to grind or something to prove, there will always be the threat of malicious code finding its way to an unprotected computer and causing havoc.

Information Technology has provided a number of resources to help members of our user community protect themselves against malware, including user training, server-side filtering for e-mail and desktop anti-virus software. However, none of these resources in and of themselves are effective unless users understand and accept their personal responsibility for helping protect our computing environment from potential security threats. Users need to be aware of the risks, operate with appropriate caution and make a conscious effort to use the preventive technologies available to them.