This is in response to concerns about student accounts being
blocked. I'm responding on behalf of Doug Nelson and the
Computer Lab. As you can imagine, Doug and his staff are
extremely busy right now.
The network team has been scanning to locate computers that
are infected with worms exploiting the Windows RPC vulnerability.
Yesterday they identified over 1000 infected machines. These
computers were causing severe damage to network performance.
The network team had no choice but to disable the computers
causing the most damage.
Yesterday, the network team blocked 500 infected computers.
Today, 500 more infected machines have been located. Network
performance remains degraded, especially for areas connected
The network team is refining the DHCP process so that new as
well as blocked users will be directed to steps they need to
follow. Windows XP has a built in Internet Connection Firewall
(ICF) and it is important that ICF be turned on BEFORE the
PC is connected to the campus network. If you plug a new
Windows machine into the network you can become infected
even if you do not complete DHCP registration. Instructions
on enabling ICF appear at:
For a complete list of steps users should take, see:
Users running any operating system should consider running
personal firewall software such as Black Ice or Zone Alarm.
We have set up procedures so that consultants can take
phone calls from blocked users, verify that the infected
computer has been patched and disinfected, and re-enable
network access. I'll address that further in another note.
We understand and appreciate the need to inform customers
before actions are taken that affect them, but please understand
the current situation is extremely unusual, and the basic
functioning of the campus network is at stake.