Is my College Sys Admin full of Himself?

[Earendil]

So my college is implementing some new system this will force us to authenticate ourselves and our computers every 24 hours if we want to use the network/internet.

I fired off an email to the Sys Admin asking what all this involved, and what he meant by the fact that he was going to have to "scan Linux and OS X machines" because they couldn't use some new software they were implementing. I also made a casual off handed *joke* about how he could just leave us MacOS guys alone until the first true virus was actually released, and then do to us as he pleased. He didn't catch the humor, and fired this email back at me...

As a computer nerd I am sure you realize that just because the Mac OS is not the hot target that the windows.* There are still viruses and spyware written to attack Macs.* We already have had Professors on this campus with Macintosh viruses.* As network administrator it is my responsibility to protect the network.* It is my responsibility to ensure that due diligent is taken to protect the network.

If you do not want us to scan your computer then you do not need to connect to my network.* The choice is yours.* As for what we will scan for is: that you are running the Antivirus and for current Mac OS X security holes such as:

Multiple MacOS X vulnerabilities
Summary : Various flaws in MacOS X
The remote host is running a version of MacOS which is older than 10.3.4.
Versions older than 10.3.4 contain several flaws which may allow an attackerto execute arbitrary commands on the remote system with root privileges.
Solution : Upgrade to MacOS X 10.3.4
Risk Factor : High

Some Mac viruses in the wild are:* Frankie, nVIR, MacSimpsons@mm, INIT 1984, MacOS.MW2004.Trojan, FontFinder, Steriod, AutoStart9805, …..*


Now as much as I know not to piss off the Sys Admin, I'm a CS major with a Mac, and feel it my duty to piss him off at least once before I graduate.

Anybody know what all those viruses are? I was pretty sure that MacOS X had no "viruses in the wild" and only had a hand full of "proof of concept" viruses that were created by the Anti Virus software companies to get us to buy the software.

If I'm going to piss of the Sys Admin, I want to do it intelligently ;-)

~Tyler

 

[morkintosh]

If I'm going to piss of the Sys Admin, I want to do it intelligently

Then I would advise that you not intentionally piss him off. While setting 10.3.4 , frankly 10.3x, as a limit seems absurd he is right that it is his network. Sounds to me like he has a bit of a God complex, and wouldn't take kindly to you messing with him. So unless you are willing to go without a network while you plead your case to his boss after he locks you out, I would just let it alone.

 

[edesignuk]

Yup, your sys admins may think they are gods, but sadly for you, they are. Don't piss 'em off.

 

[puckhead193]

Sounds like this dude is a "donkey" At my school we have this thing called Perfigo. It only "works" on pcs. What it is soposed to do is scan your computer for viruses etc. and if you have one it wonlt let u on. BUt since i'm smart and have a Mac, i odn't have hto do this. the only thing i have to do is log on but it does't download/scan anything.... its such a waste of time and effort, it never works the way its soposed.
And this guy doesn't seem like a computer nerd just an @$$ who doesn't know anything about computers, esp Macs

 

[jeremy.king]

Inform him anyone could use the Symantec database...

and a quick google would find that

1. Frankie = an old virus that attacked mac emulators - so its not even a mac virus
2. A couple are trojan horse programs and don't even qualify as a virus.

Google each one, plenty of info out there.

Also, get real medieval on his ass and remind him that the school (most likely) owns the network and all the equipment. He is simply a manager of said network, therefore it does not belong to him.

Surprising to find there are so many uneducation network admins out in the wild.

 

[Earendil]

*cough* I'm joking somewhat. I mean, obviously he already took my email the wrong way, and is a bit pissed off and so his Superiority Complex is showing through. I plan on writing him back and apologizing for the misunderstanding, but I would like to add comments on the Viruses that are "In the wild", because these Sys Admins need every bit of Apple Education they can get. But perhaps he is right, and there are 7 viruses out there ready to stomp all over my computer if it weren't for his blessed protection...
I would just like to know one way or the other.

~Tyler

 

[PlaceofDis]

personally i would just remain calm and try not to piss him off simply because he does have the power to cut you off from the network, and right now that means he has a leverage over you that you have no way to balance out, no matter what 'facts' you can throw at him

 

[applemacdude]

Some Mac viruses in the wild are:* Frankie, nVIR, MacSimpsons@mm, INIT 1984, MacOS.MW2004.Trojan, FontFinder, Steriod, AutoStart9805, …..*[/i]




~Tyler

Sounds like "viruses" from the days of os 7 back when disinfectant still existed....

 

[Earendil]

Here is what I've gathered so far-

---
Frankie: only affects the Aladdin emulator on the Atari or Amiga.
Doesn't infect or trigger on real Macs or the Spectre emulator.
Infects application files and the Finder. Draws a bomb icon and
displays 'Frankie says: No more piracy!"
---
Init 1984: Infects system extensions (INITs). Works under Systems 6
and 7. Triggers on Friday 13th. Damages files by renaming them,
changing file TYPE and file CREATOR, creation and modification
dates, and sometimes by deleting them.
---
7.1 Mac-specific system and file infectors:
AIDS - infects application and system files. No intentional damage.
(nVIR B strain)


Still looking around for more info...

 

[hob]

within 7 days of registering on the network at my uni acommodation, I was disconnected.

I talked to people in the corridor and they were still all online, so I popped down to the IT Tech Support desk and asked what was up...

"Sorry, you'll have to make an appointment" I was told...

"*sigh* OK, so when?"

"Well It's a good thing you came in today"(wednesday)"because tomorrow's the last day you can get one!"

"OK, how's 2PM?" (I like my lay-ins )

So I have a good 24 hours offline, and pop back at 2.

"Yeah, hi - are you rasheed?" (I'm a big white guy...)

"Ummm... nope!"

"Oh, ok..." (she looks at some notes) "so we think you have a virus?"

"I'm on a mac"

[blank stare]

"Apple mac?.... Ooohhh Esssss Tennnn?.... We don't get viruses..."

"Oh, well are you running the virus protection?"

I just smiled and nodded my way through 5 minutes... basically they thought I had a virus cos i'd done a coupla port scans so I could get some services up and running...

Ah well, you're not alone mate...

Hob

 

[Earendil]

More on the list:

System 9
So far this worm that SARC is calling "MacSimpsons@mm" doesn't do anything more destructive than move the contents of your "Sent Items" folder to the "Deleted Items" folder.
We should note that this particular script will apparently only work with Internet Explorer, Outlook Express, and Entourage.

---

MacOS.MW2004.Trojan is a Trojan horse that targets the Macintosh OS X. It masquerades as an installer of Microsoft Word 2004, named "Microsoft Word 2004 OSX Web Install."

When launched under OS X, it attempts to delete the user's home directory (/Users/<current user name>) and all of its contents. The actual number of deleted files depends on the user and file permissions (see the "Technical Details" for more information).

---

7.3 Mac Trojan Horses:
FontFinder - supposed to lists fonts used in a document, but
actually deletes folders.

---

Steroid is a Control Panel device (cdev) that loads at startup. It masquerades as a Control Panel that claims to "beef up" the QuickDraw speed on certain Macintosh computers, but instead destroys the directory of the hard disk.
Type:
Trojan Horse
Number of infections: 0 - 49

---

last but not least:
AutoStart9805, effects Mac OS X.
If a victim-user only browses a malicious web-page;
Browsers start automatically download a compressed disc-image file which includes a malicious program.
Archivers --such like Stuffit Expander-- automatically expand the compressed file, and mount the disc-image.
Mac OS (QuickTime) executes the malicious program included in the disc-image. It depends on QuickTime settings.
These 3 processes are done full-automatically, and end in an instant.

The vulnerability which we found is based on 3 vulnerabilities, and is generated by many software's complex relations

---

So he's smoking crack. There are only two "issues" that he listed that effect OS X, Both are trojans and not viruses, and one of them is a proof of concept, not "in the wild". Worse yet, if I remember correctly, the one Microsoft Word trojan may have even been a hoax? The only info I can find on it is from the Semantic web site.

Anyhoo...
Thanks for the "don't piss off the sys admin" advice. I'm sure he could cause me many many problems, but I'm not so sure he could take away my internet access for any extended period of time, as long as I comply with his demands. I'm at a very very small school, as a student I think this may give me a bit more power that if I were at a giant university

But, apology letter being sent, with a little info.
And to those that think this guy can't be educated, you are probably right. But I think the point of his email was to put me in my place. By doing a little research and making a slight comment in response to his virus list, I believe it can be shown that I at least know what I'm talking about when I make jokes.

~Tyler

Edit:
And there is only one virus, the OS9 one, that could possibly effect his precious network. So while it's nice that he is looking out for me and my Mac, he doesn't have to be an ass about it

 

[zulgand04]

yeah their all like that, where i go if you have a problem with your computer all they do is load macafee. Dosn't actually fix 90% of the problems. They also have a bunch of stuff blocked to stop P2P, funny thing is we can still use P2P networks with a lil work around but can we use legal services like iTunes nope. Does that make any sense not to me.

-Neal

 

[AppleMatt]

I can't stand people like that. I know you won't, and I know it's wrong to, but that's the ideal opportunity when I'd push all their buttons.

This is a major factor of why I spent most of my lessons at school outside "thinking about my behaviour".

I can't stand the high and mighty thing. It's my button.

AppleMatt

 

[Dr. Dastardly]

There are NO viruses that affect OSX. NONE!

But it is still possible to carry a virus on your Mac and then later send that unwittingly to PC network and infect all those on it. Viruses just look for certain Windows operating system files to corrupt, and if your on OSX it will not be able to locate the files becasue they dont exist.

Although it is unlikely that you would even have a windows virus on your machine without you knowing about it, it is possible to infect other PC's with a virus via a Mac.

But come on Init 1984!? He cant do a little bit of research?

 

[Mertzen]

You shouldn't piss him off too much .. you'll probably do that when you pull a few GB a day over his network ..

 

[Earendil]

There are NO viruses that affect OSX. NONE!

But it is still possible to carry a virus on your Mac and then later send that unwittingly to PC network and infect all those on it. Viruses just look for certain Windows operating system files to corrupt, and if your on OSX it will not be able to locate the files becasue they dont exist.

Although it is unlikely that you would even have a windows virus on your machine without you knowing about it, it is possible to infect other PC's with a virus via a Mac.

But come on Init 1984!? He cant do a little bit of research?

I didn't even think it was possible for me to get, and carry a windows virus, as the windows virus would still have to navigate OS X to get its self back out again. It was my understanding that once a virus written for Windows hits an OSX machine it basically becomes permanently dormant as it is unable to do ANYTHING in this environment. Am I wrong?

~Tyler

 

[5300cs]

As a computer nerd I am sure you realize that just because the Mac OS is not the hot target that the windows.* There are still viruses and spyware written to attack Macs.* We already have had Professors on this campus with Macintosh viruses.* As network administrator it is my responsibility to protect the network.* It is my responsibility to ensure that due diligent is taken to protect the network.

If you do not want us to scan your computer then you do not need to connect to my network.* The choice is yours.* As for what we will scan for is: that you are running the Antivirus and for current Mac OS X security holes such as:

Multiple MacOS X vulnerabilities
Summary : Various flaws in MacOS X
The remote host is running a version of MacOS which is older than 10.3.4.
Versions older than 10.3.4 contain several flaws which may allow an attackerto execute arbitrary commands on the remote system with root privileges.
Solution : Upgrade to MacOS X 10.3.4
Risk Factor : High

Some Mac viruses in the wild are:* Frankie, nVIR, MacSimpsons@mm, INIT 1984, MacOS.MW2004.Trojan, FontFinder, Steriod, AutoStart9805, …..*

What a little Tin Hilter. Let him know it's the SCHOOLS NETWORK NOT HIS. You could also remind him that if Apple had m$s market share, he's be out of a job.

Did you call yourself a 'computer nerd' or did he just come up with that? Why not foward his email to the Deans Office and complain?

 

[AppleMatt]

I didn't even think it was possible for me to get, and carry a windows virus, as the windows virus would still have to navigate OS X to get its self back out again. It was my understanding that once a virus written for Windows hits an OSX machine it basically becomes permanently dormant as it is unable to do ANYTHING in this environment. Am I wrong?

~Tyler

If a virus was for example contained in a macro in a word document, you could add bits to that document with no effect on your PowerBook, take it to college to print it off and thereby infect their computers when opening it.

It's possible for macros to affect Macs, which is why Office can be set to pop a warning, but I've never seen it happen.

AppleMatt

 

[sahnert]

sounds like Whitworth College, no?

 

[Earendil]

If a virus was for example contained in a macro in a word document, you could add bits to that document with no effect on your PowerBook, take it to college to print it off and thereby infect their computers when opening it.

It's possible for macros to affect Macs, which is why Office can be set to pop a warning, but I've never seen it happen.

AppleMatt

But a virus contained in a Word Doc in the form of a macro wouldn't be a real virus by definition as I didn't think Word macros could self propagate? Wouldn't the Word doc have to piggy back on another self propagating virus?

 

[hcuar]

sounds like Whitworth College, no?

It sounds like every NWA i've ever met. They have a hard time accepting that some of the users may be pretty smart, perhaps smarter than themselves. (Not to affend any NWA on the forum. )

 

[bubbamac]

As someone above said, the sys admin person isn't a god - but might as well be, because of the position he/she holds.

Regardless of who actually owns the system/network, they administrator will have the authority to run it how he/she wishes - and you'll have to work within those bounds, or not work at all.

If they want to scan your computer, let them, as long as it's not going to harm it. Sounds like it won't. You're not going through any more hassle than the average Windoze user to log on, and a lot less in the rest of your computing.

Sounds harsh, I don't want it to, but just deal with it. There are bigger fish to fry.

 

[rnizlek]

Agree totally. There is an amusing story I tell about the network admin at my school.

We used to be an all Mac school until one of the administrators and a teacher or two made a push for PCs. Now we are about 2/3rds eMacs and 1/3 Dells.

The Mac admin is actually a pretty chill guy, but the PC admin has a short fuse. I had a PC file on my mac that was infected with a pretty much harmless PC virus (unknown to me) and burned it to a CD for a friend who promptly "tried it out" on a school Dell when I was logged into my account. The next day, the network admin runs in the room, and raises a quivering finger at me.

"YOU!" he yells.
I looked shocked, I didn't thing I had done anything.

"YOU!" he bellows again.

"AT 8:21 AM YESTERDAY MORNING YOU INFECTED THAT COMPUTER WITH A VIRUS ON YOUR FLASH DRIVE!"

"NO FLASH DRIVES! NEVER AGAIN! NEVER AGAIN!"

The administrator promptly left the room as quickly as he arrived.

I was a bit shocked, as the infection occured from a CD-ROM not a flash drive, I wasn't even on the computer (but logged on) and he failed to ask any questions before accusing my in front of a class of 20 students.

Needless to say, I complained to the administration and an administrator told me he "applogized for the misunderstanding." Since then, he's actually come to me for advice on computers once or twice. Imagine that.

A running joke in our class the rest of the semester was "Flash drives! Never again!"

Some network administrators are just out of control, what can I say...

 

[mactropy]

I'd have to agree with some of you guys in here that you shouldn't piss the admin off, but I also believe that common courtesy is necessary and important. The admins at my workplace (a university) are all very helpful and approachable people.
I don't think that the network is 'his', since 'you' pay your general fees as well as tuition that in turn (with some state money) pay for 'his' job.
It's unnecessary maybe to make him aware of that (I'm sure he is) but I have to say that I would be really pissed if someone would treat me that way. But then I'm teaching at the university and that probably involves a double-standard.
"Treat the professors nicely, kick the students' ass."

 

[Thomas Veil]

Everything else aside...does the college know that their Sys Admin can't write a coherent, grammatically correct sentence?