Campus Steps Up Computer Network Security Measures

If you were in Davis last fall, you might remember that several serious viruses?including Welchia, Blaster and MyDoom?damaged computer networks around the nation, disrupted businesses and public institutions, and posed a significant threat to the campus servers. These malicious programs, like many computer viruses, destroyed data, caused programs to stop functioning, and allowed intruders (hackers) to access users? personal data. To combat these virus threats, the campus assembled a workgroup of campus technology experts and charged them with developing a system that would prevent viruses from compromising our technology resources.

The Plan

These experts had much to consider when developing an effective plan. They knew that all the computers accessing campus computing resources were connected to a network?a community of computers connected together, through which users share files and utilize the same services. Unfortunately, one virus-infected computer participating as part of the network can infect all the other computers as well. Like a biological virus, a computer virus replicates itself and can spread from one computer to another when users exchange files. Each individual computer must be monitored and protected to keep the community of computer users safe. This challenge is compounded by the high turnover of users on the campus network. Every year, thousands of new students bring their computers to campus, introducing a multitude of computer security threats that are constantly changing and evolving. In response, the campus must continually update security systems to prepare for new computer security attacks.

The Scan

Last fall, with these challenges in mind, the workgroup developed a system that scanned individual computer systems when users tried to access the campus network. Without accessing personal files, the scanner could tell whether an individual computer system was infected with a virus or was vulnerable to inf ection due to a lack of computer security maintenance. Computers that were vulnerable to infection or already infected were denied access to the MyUCDavis Web portal, UC Davis email (?Geckomail?), and other campus services; instead, they were redirected to instructional content'such as links to updates and patches for their operating system'to help users remove vulnerabilities. Scanning individual computer systems before they logged on to the network allowed the campus a front line of defense to keep computers with poor security from causing further problems.

The vulnerability scanning system proved so successful that Information and Educational Technology (IET) has been working this summer with campus technology experts to strengthen the campus? defense against computer security threats. So what's new? Beginning this fall, the campus will use a threat analysis service to anticipate critical security threats on the horizon and will take steps to defend against them before they become widespread. This means that we now have a proactive approach to maintaining the security of the campus network. Security Coordinator Bob Ono explains that

'the previous scanning system was designed to respond to one specific Windows vulnerability. While initially valuable, the usefulness of this scan has diminished over time. The new system permits the campus to respond to new vulnerabilities more easily; thus, as new security issues arise, we can quickly adjust the scanner to identify computers vulnerable to the new threat. In some cases, we will be able to perform these changes before the new threat damages a large number of computers.?

How it Will Effect You

Computers that are scanned for critical security vulnerabilities will receive one of three diagnoses:

  • If your computer is already protected from the security threats, you will be logged on to the network as usual. You probably won't even realize your computer has been scanned.
  • If your computer has minor security glitches, you won't be denied access to the network but you will see a warning page notifying you of the security risks and will suggesting that you repair the problems. You can then continue with your log on.
  • If your computer is infected with a critical virus or is vulnerable to serious infection, you will be blocked from accessing the campus network. This an unfortunate side effect of being infected; however, you will be provided with a link to information or detailed instructions that will help you fix your computer and regain access to the network.

Since there is a proposed campus policy requiring computers attached to the campus computing network to be free of critical security vulnerabilities, this is an effective and noninvasive step to help faculty and students keep their computers safe. Ono points out that 'this vulnerability scanning system is evaluating operating system programs and configurations; the scanner does not inspect personal data files.?

New Self-Test Web Site Available

The campus has provided a new Vulnerability Self-Test Web site that allows you to scan your computer yourself. The self-test scan checks your computer for all security vulnerabilities identified by the campus during the past six months. The site also provides instructional information for fixing any vulnerabilities or infections you might have on your system.

For additional information about the computer vulnerability scanning service, including the Computer Vulnerability Scanning Policy, visit http://security.ucdavis.edu/vuln_resources.cfm.