Students worry about campus network security

Freshman Megan Skopelja has no idea what happened to her computer, but she knows it doesn't work anymore. \nWhen a virus rendered her Webmail and IU network services useless two months ago, Skopelja retreated to her dorm's computer lab to do her work.\n"It's a pain in the ass," Skopelja said. "I can't do work out of my room. I can't use the brand-new computer I bought two weeks before we came to school."\nSkopelja is not alone. Student computers campuswide are beset by viruses and hackers. A large part of the problem stems from their unfamiliarity with basic prevention steps. \nA recent report by Educause, an organization that encourages information technology awareness, surveyed 435 colleges and found that a change in user behavior could prevent most security breaches of university networks.\nStill, some students merely rely on the University Information Technology Services to solve their computer-related problems.\n"I'm computer illiterate so I'm probably going to take my (computer) to (UITS) because they can just fix it," Skopelja said. "But that sucks, though, because then I have to carry the tower over there. I'm gonna' look stupid."\nDave Monnier, lead security engineer for Information Technology Security Office, said the size and Internet accessibility of IU's network makes maintaining network security difficult.\n"College networks traditionally have been very attractive targets for intrusions due to their available network bandwidth and number of machines connected to the network," Monnier said.\nViruses can range from minor nuisances such as stubborn pornographic pop-ups to crippling infections resulting in data-loss, Monnier said. Hackers could even steal network users' credit card information or use their computers to mount an attack on the network, he added. \n"In even worse scenarios, criminal charges could be brought against the computer owner if it appears their computer was used in an attack against other computer systems," Monnier said.\nFreshman Elizabeth Riveire's computer fell victim to a virus embedded in a friend's AOL Instant Messenger profile. Now, a porn site has replaced her home page, and all her attempts to change it back have failed. The virus also added a link to itself in her AIM profile.\n"It makes me feel kind of vulnerable because it wasn't really something I could control," she said.\nRiveire said she received a software bundle at freshman orientation that she thinks might fix her problem. However, she said she does not know how to use it or where to seek assistance for doing so.\nFreshman Alyssa Worth's computer suffered a similar fate. She, too, began experiencing trouble after she clicked on a link in a friend's AOL Instant Messenger profile.\n"It completely took over my computer," she said. "My entire screen was covered with porno ads."\nWorth's computer became inundated with pop-up advertisements that forced spontaneous shut-downs. She said she runs various anti-virus programs repeatedly to merely keep the pop-ups at bay.\n"I spent half a day working on trying to get all of it off my computer," she said. "I had a paper due that day and I couldn't write it until the last minute before class. That was terrible."\nLike Riveire, Worth said she lacks experience with anti-virus software.\n"I'm not very informed on how to (set up anti-virus software)," she said. "I don't really know how to use computers very well."\nMonnier said researchers and students can face severe consequences in the wake of a security breach.\n"It can mean hours of wasted time spent recovering lost data or verifying the integrity of work already done," he said.\nBut IU has fought back with substantial advances in network security. Monnier said UITS is better equipped than ever to detect attacks and reveal their sources. To head off security breaches before they even happen, UITS scans for potential network vulnerabilities and corrects them, Monnier said.\nBut without educated students and faculty, IU networks will remain prone to viruses and hackers. \nMaintaining up-to-date operating system and program patches is crucial, Monnier said. Students and faculty can visit manufacturer Web sites to download the most recent software.\nUsing modern attack software, hackers can access a system by rapidly entering words from a dictionary into the password field. Monnier said choosing a password containing both letters and numbers prevents hackers from accessing systems as well. \nFinally, installing anti-virus software will hamper e-mail and peer-to-peer network security breaches, he said.\nThanks to IT awareness initiatives, Monnier said he believes the state of IT security is looking up.\n"Five years ago, the average user may have known nothing at all about IT security," he said. "Today, most every user is familiar with terms like 'virus' and 'worm' and 'hacker.'"\nWhile IU's awareness campaign has made an impact, some students still aren't getting the message. Worth has phoned UITS twice and remains unaware of why her computer still shuts down sporadically.\n"Obviously, I still have problems," she said. "I really don't know what to do."\n-- Contact staff writer Mike McElroy at mmcelroy@indiana.edu.