[WEB4LIB] Re: two questions on viruses

Fri Jan 7 11:42:35 EST 2005

If these OPACs are running a flavor Windows, 99% safe sounds a bit high to me.
The biggest variable is how secure are your PCs and your network? If I have
access to a floppy drive and your BIOS checks the floppy drive before booting
from the hard drive, that's one way to infect the computer. Another way is if
your desktop security allows me access to a command line or into the fiel
systems of the PC. If I can get access that way, I can likely get into IE and
bypass any restrictions on visiting sites. Also, there are a number of worms
that take advantage of Windows networking to spread themselves from PC to PC.
That means if one PC in your organization gets infected, it's possible to
infect every PC. Disabling File and Print Sharing on the PC can help cut down
on that possibility.

Among the steps we've taken on our OPACs to help keep them secure is to do the
following:

1) OPAC PCs are in a locked cabinent and the OPACs themselves don't have a
floppy or CD-ROM drive. The BIOS is set to boot from the C:\ drive and the
option to boot from a floppy has been removed from the boot up options.

2) The desktop security doesn't allow any access to a command line or the file
system.

3) We've used the security settings to limit which applications can be run. IE
is blocked from being run.

4) We use K-Meleon for the browser. IE isn't a secure option. PWB is better.

5) File and Print Sharing is disabled on the OPACs.

If you are only using the OPAC for accessing the catalog, I would explore
installing Linux in place of Windows (again, assuming you are using Windows).
While you still need to secure the browser and the OS, it eliminates the
possibility of having to deal with the many Windows-specific worms that are out
there. A good anti-virus system will catch most viruses and worms. But if you
can cut out the majority of the threats by running Linux, it will make your
setup even more secure.

Andrew Mutch
Library Systems Technician
Waterford Township Public Library
Waterford, MI

Kevin Devine wrote:

> To answer your first question, the answer is that the computer is 99%
> safe.  Do the machines have disk drives, CD-roms or USB support
> enabled.  If so, a patron could bring in a virus potentially from those
> sources.
>
> In answering your second question, executables are not like books,
> putting two together is not a sum of the parts.  Think of it more as
> mixing cake mix and ground beef together and then cooking it.  The end
> result is not a hamburger and a cake...
>
> Hope this helps,
> Kevin Devine
> Euclid Public Library
> www.euclidlibrary.org (yes, I know the homepage has an issue in Firefox...)
>
> John Fitzgibbon wrote:
>
> >Hi,
> >
> >Some of our PCs make the library catalogue available (a web site) and
> >only the library catalogue available to the public. It is not possible
> >to access any other web site or run any Office program on these PCs. Can
> >these PCs become infected by a virus or worm? There is no anti-virus
> >software running on them.
> >
> >Secondly, I read that a virus attaches itself either to the beginning or
> >end of a program and launches itself when that program is run. As an
> >experiment, I took two programs, Notepad.exe and NoteTab.exe: I copied
> >them into one file using a DOS command. The result is a much smaller
> >file than the sum of its parts which does not launch the two programs in
> >quick succession, as I expected. Any ideas on why this might be so?
> >
> >Regards
> >John
> >
> >John Fitzgibbon
> >
> >Galway Public Library
> >Island House
> >Cathedral Square
> >Galway
> >Ireland
> >
> >p: 00 353 91 562471
> >f: 00 353 91 565039
> >w: http://www.galwaylibrary.ie
> >
> >*******************************************************************
> >Tá eolas atá príobháideach agus rúnda sa ríomhphost seo
> >agus aon iatán a ghabhann leis agus is leis an duine/na daoine
> >sin amháin a bhfuil siad seolta chucu a bhaineann siad.
> >Mura seolaí thú, níl tú údaraithe an ríomhphost nó aon iatán
> >a ghabhann leis a léamh, a chóipáil ná a úsáid.
> >Má tá an ríomhphost seo faighte agat trí dhearmad,
> >cuir an seoltóir ar an eolas thrí aischur ríomhphoist
> >agus scrios ansin é le do thoil.
> >
> >This e-mail and any attachment contains information which is
> >private and confidential and is intended for the addressee
> >only. If you are not an addressee, you are not authorised
> >to read, copy or use the e-mail or any attachment.
> >If you have received this e-mail in error, please notify
> >the sender by return e-mail and then destroy it.
> >*********************************************************************
> >
> >
> >
> >