Bob Bartlett, Director, Enterprise Network Services & Security for The University of Chicago has posted the University’s “Policy on Windows Networking in the dorms.” It is illuminating, to say the least:
From: Bob Bartlett, Director, Enterprise Network Services & Security
To: 2004-2005 University House System residents
Date: September 8, 2004
Subject: Policy on Requirements for Computers on University House System Networks
As you may be aware, computers running Microsoft Windows are being broken into at a higher rate with each passing year. This is very much the case on corporate networks, but it can be an even larger problem for university networks, which tend to be more open to attack. The University of Chicago’s network is no exception. At Chicago, over 3,200 computers running some version of Microsoft Windows were broken into last year, and we estimate that the 2004-2005 school year will be even worse. Last year the most frequently compromised computers belonged to students in the University’s housing system, even though the computers in the housing system are a minority of the Microsoft Windows computers on the University’s network.
Networking Services & Information Technologies (NSIT) has done several things to try to mitigate the damage caused by worms and viruses that target Microsoft Windows, including blocking some traffic at the edge of the campus network. Unfortunately, in a network as large and as open as the University’s, this does little good. Once a single computer infected with a worm is brought inside the University’s network, the worm will run unchecked within the campus network. One compromised computer will turn into hundreds within a few hours.
The only two ways to solve this problem are to keep every Windows system on the network completely patched at all times or to put firewalls in front of every computer. While we strongly encourage all students to patch their Windows operating systems automatically at least once a day, NSIT has purchased a site license for ZoneLabs Integrity Firewall for Windows. This firewall will be distributed with the University’s Connectivity Pack v.11, and is available for download at https://firewall.uchicago.edu . There is no charge for this software.
Starting with the 2004-2005 school year, for both your protection and that of the rest of the campus network, we no longer permit computers running remotely accessible Windows Networking services to use the networks in the housing system.1 Since the University has made this software available at no cost to all students, a firewall which blocks Windows Networking traffic will now be required on all hosts in the housing system This applies to computers running all versions of Microsoft Windows, and some systems running Mac OS X (those explicitly configured to share files with Windows computers).
More info here.
MacDailyNews Take: Patch Windows at least once a day?! So, multiple times per day would be better? How about doing it hourly? This isn’t a joke, it’s a nightmare, and it’s sad. Is this really any way to live your personal computing life? For our Windows-only readers, it’s time. There most definitely is a better way. For information about smoothly adding a Mac OS X machine to your computing arsenal, please click here.
Related MacDailyNews articles:
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
BusinessWeek’s Haddad gets it wrong; thinks low market share spares Macs from viruses – August 28, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004