======================================================================== SECURITY ADVISER: WAYNE RASH http://www.infoworld.com ======================================================================== Thursday, September 2, 2004
Network protection commentary by: Wayne Rash THE SP2 CATCH-22 By Wayne Rash Posted August 27, 2004 3:00 PM Pacific Time I was talking to NBC technology reporter IJ Hudson about Microsoft's impending release of SP2 (Service Pack 2), which allegedly starts going out to Windows Update users in the next few days, if it hasn't started already. We had both heard that a number of IT managers at major universities in the Washington, D.C., area were planning to find ways to keep their students from upgrading their copies of Windows. ADVERTISEMENT -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- INFOWORLD RESEARCH ON SECURITY Planning to replace or upgrade your corporate phone system The 2004 InfoWorld Security Survey shows IT managers are worried about the effectiveness of their security systems, with good reason. Download research highlights and find out how others are dealing with the security threat at their organizations. Sponsored by Sprint. REGISTER AND DOWNLOAD NOW http://newsletter.infoworld.com/t?ctl=875DD7:2B910B2 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- The reason? The schools' IT managers didn't want to take the bandwidth hit that the massive upgrade might cause. These same managers were also taking a go-slow approach to allowing their faculty and staff members to perform the upgrade, saying they needed time to test the upgrade before letting it in to their enterprises. It sounds like these managers are at least being consistent, but they're not. And in the process, they're risking the security of everyone else on the Internet. On one hand, the operations of faculty and staff members are very similar to the employees of any other large enterprise. For the most part, their computers are centrally managed, and it's likely that they have at least some locally developed custom software running. SP2 really needs to be tested to make sure everything works. No surprise there, and it's a sound practice. They're doing exactly what the people in the IT department should do. But when it comes to managing SP2 for students, the situation is completely different. In many, if not most, universities, student computers are not protected by an enterprise firewall. They're just out there in the open by the thousands. An unprotected computer in such an environment is fertile ground for any worm that happens by. This was clearly demonstrated a year ago when we saw one worm attack after another rip through the Internet. One major vector for these infestations was the multitude of computers freshly attached to university networks where everyone has broadband connections, and many have remarkably little training in how to protect their computers. At home these same students probably got to the Internet through a DSL or cable modem, or they had a dial-up connection. They had at least some minimal protection this way. And it might have been pretty decent protection if their family had a router with built-in firewall at home. Now, unprotected, they're just what worm writers are looking for. As soon as students plug that Ethernet cable into the wall, they're fresh meat. Unless, of course, they have a well-patched version of Windows and a firewall of some sort. But because these universities' IT staffers are refusing to allow the students to upgrade, they won't have either. Instead, they'll have worms almost immediately (our tests show that the first infection can happen in about 10 minutes). If it was just the university's problem, we might be sympathetic. But by insisting that these computers remain unpatched, they form a launching pad aimed at the heart of your enterprise. This is a major source of an implacable, relentless stream of attacks that will cause headaches or worse to you and your users. The responsible act would be to insist that computers be upgraded to SP2 before they could connect to the campus network. IT managers should also insist on current anti-virus software and a personal firewall. Yes, SP2 does require some bandwidth, but not nearly the bandwidth that a campus full of infected computers will demand. There's cost either way. But at least by upgrading, the IT managers are doing the right thing for everyone involved. Wayne Rash is a senior analyst at the InfoWorld Test Center. ======================================================================== Keep Up with the (Dow) Joneses - and Everyone Else InfoWorld Test Center technical director Tom Yager knows lots of technologies, companies, and strategies. That's why you're likely to find out about something you didn't know in every issue of his free weekly Enterprise Strategies newsletter. From how to pick ASPs to the marriage prospects of P-to-P and B2B. Hey - every good idea is working for somebody, maybe even your competition. Subscribe at http://newsletter.infoworld.com/t?ctl=875DD3:2B910B2 ADVERTISE ======================================================================== For information on advertising, contact [EMAIL PROTECTED] UNSUBSCRIBE/MANAGE NEWSLETTERS ======================================================================== To subscribe, unsubscribe or change your e-mail address for any of InfoWorld's e-mail newsletters, go to: http://newsletter.infoworld.com/t?ctl=875DD4:2B910B2 To subscribe to InfoWorld.com, or InfoWorld Print, or both, or to renew or correct a problem with any InfoWorld subscription, go to http://newsletter.infoworld.com/t?ctl=875DD6:2B910B2 To view InfoWorld's privacy policy, visit: http://newsletter.infoworld.com/t?ctl=875DD5:2B910B2 Copyright (C) 2004 InfoWorld Media Group, 501 Second St., San Francisco, CA 94107 This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
