FELDMAN_@CTSTATEU.BITNET (11/17/89)
Please help!! I work in an Apple computer lab at Central Connecticut State University, and lately we've been having an outbreak of viruses (nVir A). I figured it out by using Disinfectant Ver. 1.1. What should I do?? It is a public lab, so people are in and out all the time some with their own disks. We have all Mac SE's with 20 meg HD hooked up through appletalk. I tried using gatekeeper, but programs such as Excel would not work. I tried initializing all the hard drives, and replacing them with the original software, but the viruses keep coming back. Also some of the people come in with their own software that could be infected. Any information on how I can control this problem would be greatly appreciated. You can contact me at: FELDMAN_GAL@CTSTATEU Thanks, Garry Feldman Supervisor, CCSU Apple Computer Lab
chrisj@cs.utexas.edu (Chris Johnson) (11/19/89)
Garry Feldman, Supervisor, CCSU Apple Computer Lab, writes about his
problems fighting viruses in a public access computer lab and mentions
a problem that forced him to abandon the Gatekeeper anti-virus system:
>I tried using gatekeeper, but programs such as Excel would not work.
Judging from this description, you need to use the current version of
Gatekeeper, 1.1.1. It's been out since 26-June and can be found in
the sumex info-mac archives. The problem, for the record, was in
Excel - not Gatekeeper. Nonetheless, I coded around that problem (and
a number of others) in the interest of sparing people just the sort of
problems you've experienced. So give 1.1.1 a try - I think you'll
find that it works well.
By the way, the Computation Center here at U.T. has installed
Gatekeeper on all the Macs (33 of 'em) in its public access
microcomputer lab, and found it completely effective.
Of course, if users insist on starting Macs from their own disks,
Gatekeeper is effectively out of the picture. In practice, though, we
don't have much trouble with that since (a) users tend to need
software like the LaserWriter driver and the UserInfo RDEV that tend
to be unique to the disks we provide, and (b) we scan the disks
checked out to each user with Disinfectant 1.2 after the user leaves -
if we find the disks are infected, that student (whose ID number was
logged when they checked-in) is not allowed to use the facility again
until they've allowed us to clean their disks (we explain about
viruses and give them copies of Disinfectant and Gatekeeper at that
time).
This approach has kept our lab completely clean, and has
*dramatically* reduced the number of viruses present in our user
community.
Of course, this approach isn't possible in an unattended lab. In that
environ- ment, you have to depend on automatic systems like Gatekeeper
almost entirely. And Gatekeeper works extremely well in such
environments. Even if some users start Macs from their own, infected
disks and thereby infect your lab's Macs, Gatekeeper is still valuable
since it will protect later users who do startup from your disks from
the viruses left behind by the other users.
I hope this helps,
- ----Chris (Johnson)
- ----Author of Gatekeeper
- ----chrisj@emx.utexas.edu