Eternal vigilance is the price of security

Just because those messages about a “movie,” “your application” or a “wicked screensaver” have stopped clogging your e-mail doesn’t mean that you can relax now.

The W32.Sobig.F virus, which flooded e-mailboxes worldwide with bogus messages from late July until Sept. 10, may have shut itself down, but it is only a harbinger of things that may come.

“Sobig.F is the fastest-spreading virus in history,” said Bob Barron, senior IT support specialist for Information Systems and Computing. Within five hours of its first spotting, it had invaded campus computers—an hour ahead of the defense, enough time to catch a few unsuspecting users.

Worms—viruses that infect computers on their own and often invade PC operating systems—are also spreading faster. “The lag between the time when a patch for a vulnerability is announced and when that vulnerability is exploited is getting shorter,” said Barron. For example, the recent Slammer worm probed 10 million computers and infected 75,000 within 10 minutes of its release.

This is why ISC now recommends that campus computer users update their virus definitions daily. Symantec Anti-Virus, Penn’s supported anti-virus software, is configured to update defnintions daily on this year’s PennConnect CD; if you already have it, ask your support staff about reconfiguring it to do this.

Users should also ask their support providers about automatically checking for critical Windows updates to patch holes in the operating system; those who maintain their own machines can visit the Windows Update web site at for more information.

Finally, Network Security Administrator Dave Millar reminds everyone that they should never just click on an e-mail attachment, even if it appears to come from a trusted source, as many common viruses now insert fake addresses in their message headers. Millar himself fell victim to this problem when he received a message purporting to be from a colleague from whom he was expecting a file via e-mail.

“When in doubt [about an attachment’s legitimacy], call the sender,” he said.

The first place to turn for news and tips on computer security is the Penn Computing Security and Privacy website,

Last story in sequence
Front page for this issue
Next story in sequence

Originally published on September 18, 2003