Educause Security Discussion mailing list archives
Re: Mandating format/reinstall...
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Fri, 10 Sep 2004 09:30:53 -0500
Well, "questions" was a misnomer. Below is the message we're using for korgo, as an example. The person must respond indicating that all of these things have been done, or they aren't unblocked. M. -- Mark S. Bruhn, CISSP, CISM Chief IT Security and Policy Officer Associate Director, Center for Applied Cybersecurity Research (http://cacr.iu.edu) Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu ***Your access to the IU network is being blocked to protect the network.*** Network reports indicate that the computer listed in the subject line is infected with a virus or worm (in this case, Korgo.V). This virus provides hackers full access to your computer. In these cases it is necessary to completely rebuild the computer to clean all traces of the virus from your computer and to protect you from future compromises. When you are finished and wish to have your access to the IU network re-enabled, please reply back to us and outline what actions you took. You must take all actions listed in order for us to re-enable your access. Please ensure you take ALL of the following steps: Please note: If you live in on-campus housing (residence halls or Greek housing), steps 3-5 should be completed using the Get Connected CD. 1. Backup your personal files. If you don't do this step, you will lose all of your data when you perform step #2. [http://kb.iu.edu/data/akvi.html] 2. Perform a clean install of Windows XP. Make sure you use a different password for the Administrator account when setting up Windows. [http://kb.iu.edu/data/aksz.html] 3. If you have installed Windows XP as the operating system, follow the instructions outlined here [http://kb.iu.edu/data/albz.html] to enable your firewall. 4. Apply the current patches to the operating system (these are available on the IUWare Security CD). [http://kb.iu.edu/data/amkr.html] 5. Install anti-virus software (also available on the IUWare Security CD). [http://kb.iu.edu/data/agzf.html] 6. Change your IU network ID password. [http://kb.iu.edu/data/aclx.html] Also, if you didn't select a different administrator password during windows setup, you should change it before you connect to the network. [http://kb.indiana.edu/data/anro.html] If you have any questions about these instructions, need help obtaining the IU Security CD or new operating system software, or would like assistance with the process, please consult with your departmental computer support staff. If you do not have a departmental computer person to assist, please call the UITS Support Center at 855-6789 (IUB) or 274-4357 (IUPUI). Email: ithelp () iu edu DO NOT CALL OR EMAIL US TO OBTAIN SUPPORT; WE ARE NOT A SUPPORT UNIT. Please contact the Support Center for assistance. Thank you for your immediate attention to this important matter. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Mandating format/reinstall... Tim McGovern (Sep 10)
- <Possible follow-ups>
- Re: Mandating format/reinstall... Bruhn, Mark S. (Sep 10)