UNH Computing & Information Services Security Log File

Service Interruption

Updates on unexpected system problems

Scheduled Downtimes

Upcoming system downtimes

August 2005 October 2004July 2004May 2004March 2004January 2004 November 2003September 2003August 2003July 2003June 2003 December 2002August 2002June 2002April 2002March 2002February 2002January 2002

System Changes

Planned system changes

Security Log File - August 2003

CIS Computer Virus Advisory - 08/19/2003 - 1:30 pm
At this time the UNH Exchange E-mail system and the CIS Unix e-mail system is filtering the "SoBig" virus, automatically stripping out a virus attachment. You may receive an e-mail with the subject lines like RE: Thank you, RE: Details, RE: Your application. The e-mail contains a notice saying the original attachment is believed to be infected by a virus.

After deleting the e-mail CIS advises you to download the latest virus protection SuperDat file at http://www.virus.unh.edu. If you have any questions or concerns please call the Help Desk and Dispatch Center at 862-4242.

August 18, 2003 - UNH Campus Advisory - UPDATE
TCS is now recommending that users may install SP4 on W2000 pro. Problems experienced were due to TCP port 88 being blocked by the firewall, which is no longer being blocked. The problem caused machines to be unable to login into the AD domain. SP4 installations should now function normally.

Word/Excel/Outlook Performance Issues Fix - 8/13/03
Clients are reporting a variety of performance issues, such as the inability to copy or move files, and the inability to open Microsoft Office programs and/or files such as Excel and Outlook calendar items. In each case, these computers have not been infected with the Blaster worm, however applying the Windows patch on the CIS web site (http://www.virus.unh.edu) has resolved the problems.

UNH Campus-Wide Windows RPC Hole Virus - 08/12/2003 - UPDATE 4:57pm
CIS has created packages for the various Windows operating systems to repair/protect campus computers from the lovsan/blaster virus. Please visit http://www.virus.unh.edu to download a repair package that will update your Microsoft Windows computer to protect it from further attack, as well as update your virus software. If you are accessing this web site from a home computer, you will need to log into the campus VPN first. If you do not have the VPN client installed on your computer, please go to: http://www.unh.edu/computer-security/vpn.html.

UNH Campus-Wide Windows RPC Hole Virus - 08/12/2003 - UPDATE 2:09pm
CIS is systematically identifying computers on campus that have been infected with the lovsan (aka blaster) virus. We are attempting to contact the users of these systems to have them taken off of the UNH network. We are also packaging utilities to distribute to clean these systems. In addition, we will be providing the Windows and Virusscan updates via download for all users to ensure that they have the latest security patches.

UNH Campus-Wide Windows RPC Hole Virus - 08/12/2003
UNH Campus Microsoft Windows Computers are presently being affected by an RPC hole virus. One of the symptoms is computers randomly shutdown or reboot repeatedly. This does not necessarily mean that your computer is infected, but we recommend that you have the appropriate virus protection and Windows service packs and patches installed before continuing to use your machine. For directions please go to: http://www.virus.unh.edu/threat.asp?virus=lovsan. Please make sure that you install the Windows security patch first or you may be reinfected.

Protection against Lovsan (aka MS Blaster worm) requires a patch for your Windows operating system. (as well as the regular VirusScan update)

If you use an AD account, you can get the Windows update by going to START->RUN, and typing \\br1\data. Click OK, open the Shared folder, and open the Security Patch folder for your OS (Windows XP 32-bit will fix most XP systems). Double click the only file in this folder.
If you do not login with an AD account you can get the patch: Windows Patch

August 1, 2003 - 4:15 pm CIS Computer Virus Advisory
A virus, discovered this afternoon, pretends to be an e-mail from admin@unh.edu and comes with a subject line of "your account oqoorgo". The email states that there is important information related to your e-mail address and advises to read an attachment for more information. At this time the UNH Exchange E-mail system and Cisunix e-mail system has virus protection in place that will automatically strip out the virus attachment.

To learn more about this virus visit http://www.f-secure.com/v-descs/mimail.shtml or call the Help Desk and Dispatch Center at 862-4242.

CIS Help Desk
CIS Center
Durham, NH 03824
Phone: 603.862.4242
Online:CIS Questions Mailbox