[unisog] Dropping executables - who does it?

Russell Fulton r.fulton at auckland.ac.nz
Tue Feb 10 21:49:54 GMT 2004


On Tue, 2004-02-10 at 11:08, Matt Crawford wrote:
> >> I personally think the policy should explicitly say Windows machines
> >> must run AntiVirus.
> 
> And machines running Windows as a guest OS.  We had one Macintosh pick 
> up the Nachia worm when it was new -- it was running VirtualPC (or 
> whatever it's called).

Dual boot systems are also a problem.  When Blaster was loose on campus
several people who normally run Linux on their machines but have a
windows partition tucked away dutifully booted into windows so the could
apply the patches and promptly got infected :(

Our CS Department also got caught with some of their lab machines.  Many
of their lab machines are dual boot and current course demands
determines where they are run on windows or linux at any particular
time.  They have a multicast system for remimaging windows systems so
applying patches is quick and easy, but the machines have to be running
windows to get updated.  During one of the recent worm outbreaks they
decided they needed more windows systems and swapped about 30 systems
from linux to windows with predictable results.

If you have dual boot systems (or virtual systems) that are not used
much it is very easy to forget to do the required maintenance on them.

Ditto if you rely on automated systems to push out updates.
 
-- 
Russell Fulton                                    /~\  The ASCII
Network Security Officer                          \ /  Ribbon Campaign
The University of Auckland                         X   Against HTML
New Zealand                                       / \  Email!




More information about the unisog mailing list