How to Stop a Virus or Worm that is Out of Control: A large private university has over 30,000 students taking online classes. These students use a variety of systems and network connections.
The instructor of this university are being routinely hit with the Klez32 (specially, in this case, the W32/Klez.mm virus) is a well-known and documented virus.
It uses Microsoft Outlook or Outlook Express to spread. It grabs a name randomly from the address book, and it uses that name in the header.
The worm part of it then uses a mini-mailer and mails the virus to all of the people in the address book. When one of these users opens the file, the worm attempts to disable their antivirus software and spread to other systems.
Doing so opens the system to an attack from other viruses, which might follow later.
You have been appointed to the IT department at this school, and you have been directed to solve this problem. Take a moment to ponder what you can do about it.
It you think the best solution would be to install antivirus software that scans and blocks all emails that come through the school’s servers, you are right.
You should also inspect outgoing email and notify all internal users of the system when they attempt to send a virus-infected document using the server.
These two steps—installing antivirus scanners on the external and internal connections and notifying unsuspecting senders—would greatly reduce the likelihood that the virus could attack either student or instructor computers.