: skip to content : Home : Uni : Students : Research : Community : News : Events
150 years of Achievement: image of university student
Faculties : A-Z Directory : Library
  • IT Security Links
    • University IT Security News
-----------

IT SECURITY BULLETIN - MAR 04

IT SECURITY BULLETIN - MAR 04
======================
It would be appreciated if this information can be communicated
to students and staff through appropriate means, such as notice
boards or linked through web information services. The web address
of this article is:
http://www.infodiv.unimelb.edu.au/it-security/31-03-2004.html

1. Updates on Recent Malicious Software Activity
-------------------------------------------------------------
There has been an unprecedented number of malicious software
unleashed in the first quarter of 2004. While the University
has not been affected by a flood of virus-generated emails, a
strain of virus/worm has been causing disruption to services.

University servers have been experiencing large volumes of logon
attempts by infected computers. Infections at the University have
taken hold largely through weak passwords as well as computer
software not being adequately updated.

Section 2.3.5 of the IT Security Policy addresses the issue of
passwords for authentication. The IT Security Policy is available
at:
http://www.infodiv.unimelb.edu.au/it-security/docs/itsecpol.pdf

Guidelines for password construction are noted at:
http://accounts.unimelb.edu.au/passwords.html

Recently, a malicious software has been available which actively
destroys data on PCs. One case of this has been detected in the
University.

2. Updates to Winzip on SoftDist
-----------------------------------------
Following the announcement of a vulnerability in Winzip, an
upgrade to Version 9.0 has been made available on SoftDist.
IT staff in departments have access to softdist which is
accessible via FTP at:
softdist.its.unimelb.edu.au

The complete software package for version 9.0 will be made
available on SoftDist when it is received from the supplier.

3. Article on Email viruses
--------------------------------
As part of the continuing education effort toward IT Security,
an article on email-borne has been written for staff and students.
Please encourage students and staff to view the article at:
http://www.infodiv.unimelb.edu.au/it-security/ebist.html

Comments on this and other resources accessible at:
http://www.infodiv.unimelb.edu.au/it-security/
can sent to George Ng at:
georgeng@unimelb.edu.au

4. Microsoft Baseline Analyser
-------------------------------------
Microsoft has released an enhanced analyser:
Microsoft Baseline Security Analyzer V1.2
which will check Windows computers for security issues, provide
links to more information on findings, and steps for resolution.
One of the features checked is whether strong passwords are used
(please refer to the first item in this article).

The analyser is a bit technical unfortunately. More information
and links to the analyser are available at:
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
top of page

Contact Us : Disclaimer & Copyright : Privacy