August 19, 2003
More Virus News--Sobig virus

Update your VirusScan today to detect a new email virus.

To update, right-click on the VirusScan shield in the lower right-hand corner of your machine. If it says 'Update now...' in the menu, select that option. If it doesn't offer you that option, open the VirusScan Console, double-click on AutoUpdate and select 'Run Now' or 'Update Now.'

Once you've updated your computer, you can scan for viruses by either right-clicking on the VirusScan shield and selecting 'On Demand Scan...' or opening the VirusScan console and telling it to Scan My Computer or Scan C Drive.

Additional information:
There is a new email virus making the rounds called w32/Sobig.f@MM. Sobig.f spreads via e-mail and sends mail to people in the address book of the infected machine. It 'spoofs' the From: address in mail it sends, meaning that when you receive an infected message it is most likely not from the person it says it's from.

Do not open attachments in your email that you aren't expecting or are from people that you don't know. In particular, don't open attachments that have the extensions .pif, .scr, .vbs, .exe.

This virus is now being detected at the Iowa State mailhub, so infected email sent to you after approximately noon today should already have had the virus removed from them (you should see 'Virus Detected and Cleaned' in the email header).

Final Note: If your computer is currently infected with the virus, you may not be able to access the network--part of the unversity's defense against spreading the virus any further. You will need to contact the Computer Support Hotline for help cleaning and unblocking your machine (515/294-1725).

Posted by dcoates at 01:58 PM
More Blaster News--Eudora Symptoms

If you have the W32.Blaster.Worm on your computer, you may see the following issues with Eudora:

--Grayed out windows
--Inability to open mailboxes (you can see the mailboxes in the list of mailboxes, but they don't open when you click on them)
--Inability to copy/cut/paste
--Inability to Find/Search in Windows

You may also have the Blaster worm if you're having trouble getting to anything on the Internet or having trouble cutting and pasting in MS Word.

If you have the worm, you will need to install the patch, if you haven't already.

Once you've installed the patch, you'll need to run a program to clean the worm off your computer. McAffee provides a cleaning program called Stinger. Download this program and run it on your computer.

To install the patch and run Stinger, you'll need to be logged in on your computer as Administrator.

If you have one infected computer in your office, it's likely that others are also infected, since the worm spreads through the network very quickly.

Remember, when you are logged in as Administrator, don't open Eudora, print this message (if you've received this as a mail message) before you log in as Administrator.

Links in this post:

Install the patch: http://www.extension.iastate.edu/mt/technews/archives/000552.html
Download Stinger: http://vil.nai.com/vil/stinger/
McAfee main site: http://www.networkassociates.com/us/index.asp

Posted by dcoates at 08:51 AM
August 14, 2003
Resetting Eudora Permissions

On many Windows 2000 computers, if you open Eudora while you're logged in as Administrator, the permissions will be reset on your email folders and when you log back in as yourself, you'll get 'permission denied' errors.

To prevent this from happening, don't open Eudora when you're logged in as Administrator.

To fix the problem once it's occurred:

1. Log into your computer as Administrator
2. Double-click on 'My Computer'
3. Double-click on the C: drive
4. Double-click on the 'Program Files' folder
5. Right-click on the 'Qualcomm' folder. Select 'Properties'. Click on the 'Security' tab
6. In the 'Qualcomm Properties' window, select Power Users under 'Group or User name' (If Power Users is not a choice, click 'Add' to add it).
7. Under 'Permissions for Power Users' Click on the checkbox to Allow Full Control. Click 'Apply'
8. Click on the 'Advanced' button. At the bottom of the window, click on the check box to 'Reset permissions on all child objects...' or 'Inherit from parents...'
9. Click OK. Click 'Yes' when asked for confirmation.
10. Click OK to close the 'Qualcomm Properties' window
11. Log off administrator. Log in as yourself and run Eudora.

If you have problems, contact the Computer support hotline at 515/294-1725

Posted by dcoates at 11:27 AM
August 13, 2003
Windows 2000, Patches, and Service Packs

If you have Windows 2000 on your computer and you try to install the patch referred to in yesterday's TechNews security alert, you may have received a message indicating that you need to have 'at least Service Pack 2 installed' to apply the patch.

Service Pack 3 (which includes Service Pack 2 features as well) can be found on the newest Scout CD which was sent to field offices in the July 11, 2003 transmittal packet.

To apply the Service Pack, log in as Administrator. At the login prompt, type ‘Administrator’ rather than your regular log-in and use the administrator password rather than your regular password. When you log in, be sure to change ‘Log onto:’ from IASTATE to the computer name (which will be identified on a drop down list by ‘(this computer)’).

Insert the Scout CD in your CD drive. Double-click on My Computer. Double-click on the Scout CD. Double-Click on the folder called 'Other'. Double-click on the folder called 'Win2000 Sp3'. Double-click on W2KSP3.exe. Follow the instructions for installation.

Once you have installed Service Pack 3, you can continue with the instructions for installing the security patch

If you have questions or problems, contact the Computer Support hotline at 515/294-1725.

Posted by dcoates at 08:34 AM
August 12, 2003
Security Alert--Windows RPC vulnerability

A serious security alert has been issued on a vulnerability in Windows and it is important to take the following steps now to prevent serious consequences to your machine and the Extension network.

A new fast spreading worm called BLASTER has been labeled a security threat for Windows 2000 and XP machines. The worm exploits a security vulnerability in the Windows DCOM RPC interface and, once installed, searches for other machines on the network to infect, compromising vulnerable machines and overloading networks.

To download and install a security patch for your system, you will need to do the following:

1. Log in as Administrator. At the login prompt, type ‘Administrator’ rather than your regular log-in and use the administrator password rather than your regular password. When you log in, be sure to change ‘Log onto:’ from IASTATE to the computer name (which will be identified on a drop down list by ‘(this computer)’).

2. Download the Windows 2000 patch or the Windows XP patch. (if you don’t know which operating system you’re using, right-click on My Computer and select Properties). The patch will take about 10 to 15 minutes to download.

3. Double-click on the patch and follow any instructions it provides.

4. Reboot your computer and log back in with your own username and password (be sure to change ‘Log onto’ from ‘(this computer)’ to IASTATE.

If you know other people in your office with Windows 2000 and Windows XP machines, please make them aware of this patch and the need to update their computers.

If you have questions or problems applying the update, contact the Computer Support hotline at 515/294-1725.

Additional information about this worm can be found at:

McAfee/Avert
Symantec
Microsoft Security Alert

Posted by dcoates at 01:47 PM
August 01, 2003
Windows 98 Support Will be Going Away

This message was recently sent by Floyd Davenport, ISUE Information Technology Officer, to ISU Extension staff:

We will no longer support Windows 98 after September 1, 2003. On July 1, 2003, Microsoft dropped support for the Windows 98 operating system.

This change is consistent with the minimum campus support standards found at http://www.iastate.edu/computing/standards/support-2003-10-01.html.

If you have a computer running Windows 98 and would like to upgrade to Windows 2000, please contact the Computer Hotline at 515-294-1725. In order to upgrade your operating system, you will need at least a Pentium II (333 MHz) computer with 128 Mbytes of memory. If you only have 64 Mbytes of memory, you can upgrade to 128 Mbytes.

The procedures for upgrading your computer to Windows 2000 are on-line at http://www.extension.iastate.edu/Comp/Support/win2000update.html. You will need to login using your "X1" account to view these procedures. You still need to contact the Computer Hotline to get a computer account name assigned (described in the procedures).

If your computer can not be upgraded to Windows 2000, you need to plan on purchasing a replacement computer at your earliest opportunity.

You can continue to use computers running Windows 98 with their existing applications, however, they may not be able to run new applications or upgrades to existing applications. Also, if your computer develops problems, we will not be able to support it.

I hope that we have just a few computers still running Windows 98. Over the last two years, we have made every effort to upgrade computers to Windows 2000 or to replace computers through the Group Purchase Program.

Please note that my intent is to provide ISU Extension the best support for its information technology needs. This requires us to periodically evaluate our existing technologies and to upgrade both our capabilities and our support services as warranted. Continuing to support the Windows 98 operating system will increasingly jeopardize both Extension's ability to effectively conduct business and our ability to sustain your information technology environment.

Questions concerning this announcement can be directed to Floyd Davenport at floyd@iastate.edu. Questions about the process for upgrading existing computers to Windows 2000 can be directed to the Computer Support Hotline at 515/294-1725.

Posted by dcoates at 03:45 PM