The Scarlet and Black Online


Volume 119, Number 15 | January 31, 2003

Q&A

The S&B talks with Bill Francis, Dirctor of Information Technology Services, about last weekend’s computer virus

Q: What’s the virus called? Has it been removed?

A: Slammer or Sapphire, and yes.

Q: Exactly what effect did it have on Grinnell’s network? 

A: Flooded both on-campus network and our connection to a flooded Internet

Q: Are personal machines at risk from the virus? 

A: Unlikely. A few pieces of personal software could be infected, like MS-Project.

Q: Does it happen often? 

It happened last year a few times when we had email problems.

Q: Enough people around the world got this virus that it made international headlines.  Is this a historically significant event? 

A: To show the magnitude: 200,000 machines, mostly servers, second largest global attack ever, very fast. It took only fifteen minutes from inception to Grinnell’s infection.

Q: Will viruses continue to damage the internet periodically, or are the techies of the world getting better at dealing with them? 

A: Techies are getting better but this will continue since hackers are smart techies too.

Q: We heard that networks would have been immune to the virus if everybody had downloaded a particular update to the software that the virus exploited. If that’s true, why didn’t Grinnell have an updated version? 

A: Variety of reasons. For example, some (non-Microsoft) vendors that use the Microsoft SQL or Microsoft SQL DE as one of the underlying pieces in their software applications have not certified their applications to work with the latest (patched) versions of SQL or SQL DE.  Another problem: some software vendors have embedded SQL DE in the server applications and there is no indication of this when you purchase, install, use/manage or look at the documentation for the application. The first indication of the presence of the MS piece for dozens of products was the virus infection itself. Surprise! Finally, the MS patch does not work as slick as MS suggests. In some cases the software vendor has to give personal assistance to the user for the MS patch to install. 

Q: Is there anything users can do to help prevent viruses from spreading?

A: Set their Windows 2000 and Windows XP machines to auto-update security software from the web.

News | Arts | Reviews | Features | Opinion | Sports | Staff | Archives | Email the Editor | Email the Webmaster