Who are the above-mentioned computer users at the College? Everyone. Every professional staff and faculty member employed by the College uses a computer, and even part-time and student employees have near-universal access to a computer in order to do their work. About fifty computers are maintained in our building alone for use by students while they are on campus, in addition to whatever computer resources they may have at home or carry with them. Computers have become indispensable tools that are ubiquitous in the workplace and they simply must be kept in good operation for work to be accomplished.
Why are computers targeted by people who write viruses? This is a good subject for a sociology study. In short, computers present a challenge to those who consider themselves clever enough to beat the man, the establishment, the powers that be. Sadly, a counter-culture has developed that prides itself in being a thorn in the side of the computing establishment. In particular, because of the character of its corporate operations, Microsoft has positioned itself and its products as some of the chief targets of hackers. Compounding this problem is the fact that for many years Microsoft presented a relatively soft target to attackers. But no computer operating system is immune from these attacks.
So, what are viruses, worms, and so on, and how and why should College employees protect their computing resources? To answer these questions this set of FAQs (Frequently Asked Questions) was written.
1. What are viruses?
"Virus" is the common term used to describe a family of malevolent programs written by individuals, propagated by the sharing of computer files and email programs, that have the purpose of, at the least, reproducing themselves, and at the worst, bringing down individual computers and entire networks.
In other words, a virus is a piece of computer code that usually is invisible or masquerading as something valuable or interesting that lives in your computer, reproduces itself, and can lead to serious problems. The term "virus" is an excellent analogy because, like a true virus, the malady can spread like wildfire and depending upon the nature of the virus and the vulnerability of the target may be a mere annoyance or fatal. Indeed, once a virus has been written and delivered to the computing population it takes on a life of its own, but only lives and thrives in its hosts.
An excellent tutorial on viruses can be found at: http://www.cknow.com/vtutor/
2. How are viruses spread?
Currently, the way most viruses spread is through files, such as a Word document you pass on to a colleague. The other chief mechanism, a more annoying and persistent method, is through email. Email viruses are usually sent as visible attachments that, once they are received by the host computer, run themselves invisibly. To make matters worse, they often will look in your email directory and send themselves out to everyone on your list. Then, when your colleagues and friends get them, they appear to be welcome correspondence from you. And the cycle begins anew.
These email viruses cleverly mislead the recipient into thinking that they've gotten email from a friend or trusted associate and that they are receiving anything from a family photo to important information on how to disinfect a virus. Simply viewing the email in a preview window is enough to unleash it. For that reason, it is nearly impossible to prevent receiving email viruses just be screening your email.
3. How does the University protect its users from viruses?
You would think that it would be expedient for the University to screen every piece of email for viruses as they pass through its mail server. (Think of the email server as the electronic equivalent of a post office, receiving and distributing email much like the post office handles traditional mail.) However, practically speaking, it's just not possible to do this with any certainty that good mail will be handled and "bad" mail rejected. Remember, the virus writers have disguised their malicious payload as innocuous attachments. In fact, some screening does take place, but the responsibility for protecting computers ultimately falls upon the user.
The University does have an active team working constantly on computer security. For a description of these efforts, see: http://www.utexas.edu/computer/security/
One of the most important things the University does in the security area is purchase virus-protection software for each of its computer users. This software, such as Symantec Anti-Virus, works well, albeit at a slight cost to your computer's performance.
4. How does anti-virus software work?
Anti-virus software works by constantly screening for viruses, whether they come from email attachments, embedded in documents, whatever. And it works very well on known viruses, and there is the rub.
New viruses are constantly being churned out and circulated. Anti-virus software needs to be constantly updated so that it can recognize viruses that have been created since it was released. This used to be a huge hassle, but now the software can automatically check for updates on the web and stay current. Be sure to turn this feature on.
5. What is a firewall?
A firewall is basically another type of virus protection that looks at all incoming and outgoing network traffic and scans for viruses. It is also an effective tool but also only detects viruses borne by network-based communication, and it, too, must be constantly updated.
There are two kinds of firewall. One resides on the network hardware itself, and the other is software that runs on your computer, often referred to as a personal firewall.
While we encourage people to use firewall software, it does present significant challenges to the typical user because firewalls are inherently complicated to configure. One has to be very familiar with the software that is running and its network usage to properly configure a firewall. If it's not set up properly, for example, a user may find that a particular piece of software, such as Timbuktu Pro (a remote access and control program popular with some at the College who travel a lot or frequently work at home) is not functional because the firewall does not recognize the operation of the software and therefore considers it to be an assault on the computer from the network.
6. Why doesn't the University have a firewall that protects all of UT?
Consider the enormous breadth and depth of computer-based content at the University. If, for example, the firewall scanned for computer programs it would be a tremendous impediment to the folks in Computer Science who routinely collaborate on writing programs. Researchers also often write programs that assist in their discovery and analysis of data. And, consider the concept of academic freedom. It's just not practical for the University to operate a campus-wide firewall. On the other hand, it may be quite workable in the content-restricted environment of a corporation, and corporations do often protect their networks with firewalls.
7. What is the College of Pharmacy's plan to protect users' computers from viruses?
First of all, we make available and install, depending upon the needs of the client, the virus protection software that the University has purchased on our behalf. When we install the software we enable it to check for updates automatically. And, we typically scan the machine when we install the software to make sure that you start off clean. In our experience, and in our environment, this has been a very effective strategy--nearly all of the virus problems we have ever encountered came initially from outside the College and were propagated by people who did not keep their virus definitions updated.
Second, we monitor activity on the web for new or prevalent viruses and keep a special eye out for those. We constantly receive updates from the UT network office on current threats.
Third, when one of our clients becomes infected, we take action to remove the virus as soon as possible and to let others on our network know what to watch for. This is especially important for viruses that take the form of email from trusted colleagues.
Fourth, in cooperation with the folks at the UT network office, we watch for signs of unusual traffic on the network and take action to make sure that our network is not harboring any unauthorized activity. Note that this is not "content police." Instead, we are looking for cases where outside users with no connection to the University have hacked into a computer and used it, for example, to distribute copyrighted materials. These attacks often happen over weekends because hackers know that users will not be using their computers and therefore they will likely go undetected. (These attacks really do not fall under the umbrella of viruses, but are nevertheless an important security concern.)
8. I work on a Macintosh. Do I need to worry about security?
Yes, but not to the same extent as Windows users. Whether or not the Mac operating system is inherently more secure is debatable, but the fact is that people who write viruses are looking for the most bang for a buck. There are far more Windows users worldwide than Macintosh users, so they can infect a lot more computers by targeting Windows. However, all computers, whether they run the Mac OS, Windows, or UNIX are vulnerable.
Learning Resource Center
College of Pharmacy
The University of Texas
2409 University Ave
Austin, TX, USA
Email Address: pharmacy
Joyce McClendon, senior systems administrator in the Learning Resource Center has been selected to receive a 2011 University Staff Excellence Award.
Read more about McClendon.