rtravsky@UWYO.BITNET (Richard W Travsky) (12/05/90)
If you are part of a university site (as mine is), I have a question or two about your virus policy. - - In the broadest sense, what _is_ your policy? Is it written down as a statement by your computer center? (If so, would it be possible to obtain a copy?) - - If you use scanners/disinfectors, do you distribute them or do you only use them yourselves in response to a call from a user? - - If you do distribute scanners/disinfectors, what sort of support do you give for the packages? (Documentation, training, etc.) - - How do you respond to calls from users? Personal visits (for things like networks or hard drives), have them come by in person (like for a diskette)? - - Do you have penalties for users caught knowingly spreading a virus? - - What packages do you use/recommend? Are they commercial or shareware/public_domain? (We're on a budget here; guess which kind we're likely to use...) Which have worked the best? - - Anything you'd like to add. Thank you for your time! If you respond to the list, please cc: me so that I won't have to wait for the digest. Richard Travsky Bitnet: RTRAVSKY @ UWYO Division of Information Technology Internet: RTRAVSKY @ CORRAL.UWYO.EDU University of Wyoming (307) 766 - 3663 / 3668
jalden@eleazar.dartmouth.edu (Joshua M. Alden) (12/07/90)
rtravsky@UWYO.BITNET (Richard W Travsky) writes: >- - In the broadest sense, what _is_ your policy? Is it written down as a > statement by your computer center? (If so, would it be possible to obtain > a copy?) We don't have a stated policy as such. Nothing written down that addresses the problem in general. >- - If you use scanners/disinfectors, do you distribute them or do you only u se > them yourselves in response to a call from a user? We use Disinfectant and GateKeeper Aid (with GateKeeper for those who want to read the docs). Since we are almost exclusively Macintosh, we have no set procedures for IBMs. Every time the question comes up the answer is different, because the question is asked infrequently. We have Disinfectant and GateKeeper (and family) on our Public File Server. We also distribute them freely through our Consultants and Student Assistants; we have a standard anti-viral disk which we copy freely to anyone who brings us a floppy. >- - If you do distribute scanners/disinfectors, what sort of support do you > give > for the packages? (Documentation, training, etc.) Documentation changes with each update, so we don't keep hardcopies. The documentation for Disinfectant is internal to the program, and GateKeeper's documentation is available with GateKeeper itself. In addition, we have three small help files that we update regularly. >- - How do you respond to calls from users? Personal visits (for things like > networks or hard drives), have them come by in person (like for a diskette) ? Rather than visit them personally, we try to teach them to handle the problem. That's pretty easy to do with Disinfectant so handy and free. If it's a floppy we also invite them to bring them in, and we try to get them to bring blank disks so we can make antiviral disks for them. If there's no other recourse (the user is unable to handle the problem, or under a deadline) we'll make a housecall. It's just that housecalls are time-consuming and there are only so many of us. User self-sufficiency is much preferable. >- - Do you have penalties for users caught knowingly spreading a virus? Not expressly stated, but that would fall under a violation of the Dartmouth Computing Code of Ethics, which states, in part: "No one should deliberately attempt to degrade system performance or to deprive other users of resources or access to any College computer." Though intentionally spreading viruses doesn't fall directly under the Code unless the virus is spread to a College-owned machine, it violates the spirit. We've never had a problem with intentional spreading, though. (Knock on wood.) I hope we never do. We could probably answer persistent malicious spreading with disciplinary action. >- - What packages do you use/recommend? Are they commercial or > shareware/public_domain? (We're on a budget here; guess which kind we're > likely to use...) Which have worked the best? We use and recommend Disinfectant and GateKeeper Aid. We make GateKeeper available for those who want more protection than Disinfectant INIT provides, if they are willing to take the time to read and understand the documentation. - -Josh Alden, Dartmouth Computing Services Virus Consultant. This is not an official statement by a representative of Dartmouth College. These are simply my own observations and my own interpretation of the circumstances here as I understand them. - -- /--------------------------------------------------+-------------------------\ |Josh Alden, Consultant, Kiewit Computation Center | HB 48, Dartmouth College| | Private mail: Joshua.Alden@dartmouth.edu | Hanover, NH 03755 | | Virus mail: Virus.Info@dartmouth.edu | (802) 295-9073 |
BLSCOLLO@OCC.BITNET (Bonnie Scollon) (12/20/90)
I just got around to reading an older issue of VIRUS-L (I have trouble
keeping up). I saw a response to what apparently was a question from
you concerning policies on virus protection. Here at Oakland
Community College we were hit with a widespread infection of the Joshi
virus last summer. This was specifically in the IBM world. The
policy we developed was (basically):
1. Each student is responsible for keeping his own diskettes clean. The
college is responsible for keeping our hard drives clean (We are not
networked yet.)
2. To that end, we have a site license of Vi-Spy from RG Software Systems.
($15 per computer). We use this to protect our hard drive and students
may USE it to check their diskettes.
3. We provide a copy of the registration document for McAfee's software
products so students may license the less expensive products for use
on their own computers.
In addition, we made a short video that all instructors could show to
their students explaining this policy. This seems too simple to be
effective. Does it work? I'll let you know after the Winter
semester.goodwin@casbah.acns.nwu.edu (David C Goodwin) (01/04/91)
For a while last year we were hit with a lot of IBM viruses, all at once. We have Novell networks, that use individual boot disks, and that's how it spread from floppy to floppy. Every time a user asked for a boot disk, we grabbed any floppies they had and SCAN'ed them. The average user didn't carry more than two or three floppies at a time. Good luck.