IT cleans up after virus floods server

Eliminating viruses from 3,513 computers is a huge job for Northern Kentucky University’s Information and Technology Department.

The recent wave of viruses and the security risks posed by students who bring their own computers to campus make the responsibility more difficult, say Information Technology officials.

At the start of the school year, anyone who logged onto a school’s network using their personal computer could have introduced one of many viruses that have overwhelmed IT departments across the United States, according to a recent CNN report.

The Blaster Worm virus caused tremendous congestion in the the data network of NKU earlier this semester.

“Think of our campus as a ‘super highway’ with about 20 lanes of traffic,” said Bert Brown, associate director of Information Technology.

“The 20-lane highway can handle large volumes of traffic [even when most virus related traffic occurs]. The problem occurs at the ‘off ramps,'” he said.

“If you want to send a file to a printer, for example, that ramp may be clogged with traffic so that your print job cannot get to the printer,” he said.

Faculty and staff systems are protected by Norton AntiVirus software, which detects and eliminates most viruses, Brown said.

Even if a computer does not contract the virus, however, it can still be indirectly affected by problems created by the virus. Brown said the worm virus, for example, caused slower Internet access across campus.

“So even if you don’t have the [worm] virus on your computer, you are affected by its results,” Brown said.

Every computer on campus, whether owned by the university or an individual, must have an Ether card in order to connect to the university’s data network, which is separate from the general public’s Internet service.

The card also plays an instrumental role in locating viruses.

IT Assistant Manager Bob Weber said the department uses a “sniffer” tool called Etherpeek to monitor and capture network traffic.

“We put a filter into the sniffer to search out any Windows PC that has one of the current worms,” he said.

“This sniffer reports which PCs are infected and gives us the MAC address of that PC,” he said.

IT Manager Jennifer Taylor said Etherpeek provides the department with conclusive evidence of which computers are infected and spreading the virus.

The data network is about six years old and has been hit by other well-known virii in the past, namely Code Red and Nimda, Weber said.

It has also been regularly upgraded to handle increases in quantity and quality of network traffic.

Taylor said the wave of virii also caused scheduling problems for the IT department.

“We had approximately six members of the networking staff and 13 service technicians, (which includes eight part-time student employees) who did nothing for days except work on critical problems relating to the viruses,” she said.

There are eight full-time IT technicians who service NKU’s computers. “[That’s] a staggering 439 computers per technician,” she said.