Slashdot Mirror

← Back to Stories (view on slashdot.org)

Handling Viruses in an Uncontrolled Network?

Posted by Cliff on

An anonymous reader asks: "Recently I've gotten a (volunteer) job looking after a small (approximately 500 computer) network, located within a large block of student flats. We've been having numerous problems with viruses over a few years. They spread like crazy on our network, with 100megabit connections in every residents room. Every so often they 'go off' and start a flood, which of course takes the entire residence network down. I've tried desperately to educate users on the virus problem, but those that are the problem don't care - they ignore every warning they get and just buy a faster computer to compensate for their systems sluggishness. As we only need two or three ping flooding computers to bring down the network it's hard to keep our network up whenever a worm starts its payload. What solutions have Slashdot readers came up with this and similar problems?" "Keep in mind that I'm doing this on a volunteer basis, and that my own study time and personal life takes first priority. The residence isn't prepared to spend more money bringing help or a replacement in, which I can understand given that I pay them rent that I would prefer not to increase. I also don't have any control over the network infrastructure itself, just over our DHCP server. I can't force users to keep their computers safe, as I don't own the things - all it seems I can do is point them to the *FREE!* virus scanner and local Windows update mirror and urge them to protect their computer, and offer to help out those that need it - (although due to time constraints, personally helping out everyone in a 500 member network isn't a possibility).

I can also email off a request to have certain IPs dropped off at the switch, but those users have to come back online soon enough. Whenever someone is infected I try and sit them down and make them realize that keeping their computer safe is their responsibility, and they always seem very attentive whenever we're discussing when they get reconnected to the network, but soon after they'll be infected again."

11 of 579 comments (clear)

  1. DOOOMMMMED by Anonymous Coward · · Score: 4, Funny

    You are DOOOOMMMMMED.

  2. Simple. by Skudd · · Score: 5, Funny

    Write your own virus to send them massive payloads of anti-virus software. :P

  3. Uncontrolled Viruses by Anonymous Coward · · Score: 5, Funny

    Have you considered spankings? At least for the hotter co-eds. After all, they should know better.

    1. Re:Uncontrolled Viruses by Ziviyr · · Score: 2, Funny

      Thats funny, you're pretty fearless given the subject line...

      --

      Someone set us up the bomb, so shine we are!
  4. A recent Poll... by Shadow+Wrought · · Score: 4, Funny

    Regarding revenge might help you come up with, shall we say, colorful solutions to your problem. Either that or figure out a way to have all of their papers "lost" due to the virus;-) In this regards, I would suggest that you channel your inner BOFH.

    --
    If brevity is the soul of wit, then how does one explain Twitter?
  5. Re:Is this really that hard? by fembots · · Score: 5, Funny

    Is 1. "Profit!!" ??

    --
    Rock that crushes, Paper & Scissors that don't matter.
  6. Re:3 Strikes policy? by shadow303 · · Score: 2, Funny

    I prefer a different 3 strikes policy. If you cause a network-wide issue more than once, you get 3 strikes of a bat upside the head. Haven't had many problems with people causing the third issue.

    --
    I've got a mind like a steel trap - it's got an animal's foot stuck in it.
  7. Re:Is this really that hard? by MrAnnoyanceToYou · · Score: 5, Funny

    Ah... nah. I'd say,
    "1. Write short document stating that in 'reparation for virus damage' computers would occasionally be confiscated when they managed to infect multiple computers connected to the local network
    2. Notify them of this agreement and make them sign it
    3. When one of them has an infected machine that starts pinging the shit out of your network, give them a 'first warning'
    4. Point to document in step 1 kindly, in writing, and create yourself an Ebay account.
    5. Repeat
    6. Profit and learn to laugh evilly."

    --
    My little site.
  8. Re:Is this really that hard? by drudd · · Score: 3, Funny

    Unfortunately it appears you'll never get to step 6 due to the infinite loop of step 5.

    --
    Venn ist das nurnstuck git und Slotermeyer? Ya! Beigerhund das oder die Flipperwaldt gersput!
  9. Re:Sure it's an option by Darth+Cow · · Score: 2, Funny

    "I really hope that the software isn't required to be running to have access to the internet, because otherwise it would be screwing Linux users over big time." My school (Swarthmore College) uses the same McAfee Virusscan Enterprize. It works well to keep the network clean, and if you're running Linux it doesn't require you have to have it running. The system is in fact a bit buggy and there was quite a number of people who had trouble at the beginning of the year with the scan not determining that their computer was clean and protected, but it got sorted out fairly quickly and is far better than the alternative of having viruses take over the network. The system requires you to have the anti-virus running and be updated with the latest security patches from Microsoft to be let through (SP2 is not required though, for some reason). My friends and I have also figured out how to do some technical fiddling around with port blocking and the like that lets us not run the relatively clunky anti-virus and use our program, but McAfee works just fine for most people.

  10. Re:Sure it's an option by Hanzie · · Score: 2, Funny
    Job's a goodun if you're not fussed about people spoofing MAC addresses,

    Remember, this system is only to stop viruses. If they're clueful enough to run a spoofed MAC address, they probably have a clean system.

    You do remind me of an older job I had. There was a print server in accounting that really liked to surf porn at night...

    --
    ********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.