Approximately 100 Tufts University computer systems have already been infected with Mydoom, a computer virus that has been spreading throughout the world since Monday afternoon.
Director of IT Infrastructure Lesley Tolman said that the virus "went into the wild sometime [Monday] afternoon and we had safeguards in place by 9:30 p.m."
The worm amasses e-mail addresses from the host computer and then randomly generates subject lines for e-mails sent to the hosts' entire address book The virus contains itself in an attached file which is then spread to anyone who opens the file.
The University has thus far fared much better through the Mydoom epidemic than with other viruses such as August's Blaster worm. Tolman attributed this to Tufts "having additional tools in place."
Director of University IT Support Services Kathleen Cummings said she expanded on the protections that the University used. The strategies include server-side virus protection, client-side virus protection for all machines connected to the LAN, and "for students and stand-alone machines we offer a desktop solution," Cummings said.
In an e-mail to Tufts faculty, Tolman warned that "it is crucial that all desktops update their virus protection to detect the Mydoom worm."
Once a computer has been infected, it is quarantined from the Tufts Network. It is then barred from network connection until a member from Tufts On-Line has officially inspected the computer.
Tolman said that "computers are quarantined to prevent additional infection. They pose a threat to the network."
Tufts On-Line technicians can perform this service either by appointment in-residence, or students can bring the infected computer directly to the office.
According to Tufts On-Line, it is necessary only to delete the executable file, rather than reformat the entire hard drive.
According to CNN, virus experts believe that the worm may be part of a competition between the UNIX and Linux operating systems. The worm launched a Denial of Service attack on the website of SCO Group, which owns UNIX.
Cummings maintains that the best way to prevent attacks is through education. "We have created training classes, pamphlets and on-line information about what to do -- and not do -- to help insure a safe computing environment."
Another prevention method Cummings suggested was not to open files from unknown senders. However, Mydoom often uses e-mail addresses that are known to the recipient.
Tolman commented on this, advising faculty to contact the sender first and confirm they sent an attachment.
TCCS has not yet communicated with students about the Mydoom virus.
More from The Tufts Daily
