 |
 |
This is in response to concerns about student accounts being blocked. I'm responding on behalf of Doug Nelson and the Computer Lab. As you can imagine, Doug and his staff are extremely busy right now. The network team has been scanning to locate computers that are infected with worms exploiting the Windows RPC vulnerability. Yesterday they identified over 1000 infected machines. These computers were causing severe damage to network performance. The network team had no choice but to disable the computers causing the most damage. Yesterday, the network team blocked 500 infected computers. Today, 500 more infected machines have been located. Network performance remains degraded, especially for areas connected via FDDI. The network team is refining the DHCP process so that new as well as blocked users will be directed to steps they need to follow. Windows XP has a built in Internet Connection Firewall (ICF) and it is important that ICF be turned on BEFORE the PC is connected to the campus network. If you plug a new Windows machine into the network you can become infected even if you do not complete DHCP registration. Instructions on enabling ICF appear at: http://help.msu.edu/virus/winxpfirewall.html For a complete list of steps users should take, see: http://help.msu.edu/virus/ Users running any operating system should consider running personal firewall software such as Black Ice or Zone Alarm. We have set up procedures so that consultants can take phone calls from blocked users, verify that the infected computer has been patched and disinfected, and re-enable network access. I'll address that further in another note. We understand and appreciate the need to inform customers before actions are taken that affect them, but please understand the current situation is extremely unusual, and the basic functioning of the campus network is at stake. /rich