Another busy year ahead?

It is not only the staff at RMIT Labs who have been busy, virus writers worked hard too.

commentary It is not only the staff at RMIT Labs who have been busy, virus writers worked hard too.

As we begin a new year, I would be lying if I said "it seemed like just yesterday" when we first opened the doors 17 years ago. The preceding 16 years have been no picnic -- enjoyable, yes, but certainly a lot of hard work.

We are not resting on our laurels, wherever they might be. The staff here are constantly training up to meet the new IT challenges as they arise so we can provide the magazine and our other clients with the levels of expertise that they demand.

Kire Terzievski, for example, will be extending his knowledge of Load Test Automation tools with further training with Mercury-based tools and other vendors' products. We realise that with any software package it is not just performance, there is a human component that must be considered and to this end we are able to carry out usability and accessibility testing.

We were also looking for ways to improve our IT security credentials so Matt Tett decided he would leapfrog most of the training courses available and go straight to the top for his Certified Information Systems Security Professional (CISSP). The topics you must be familiar with for this include Access Control Systems, Cryptography, and Security Management Practices. Those three topics do not sound like much but they cover an incredibly broad range of sub topics. For example: which provides greater security -- a three-metre high three strand barbed wire fence or a 2.5-metre high concrete fence? Every aspect of security is covered.

Matt gave himself very little time to study for his six-hour-long exam, and we thought he may have bitten off more than he could chew. But the Lab is pleased to say that it now has a resident CISSP. While on the topic of security, I was not surprised when the top 10 "menace" lists of most of the antivirus companies included Sasser.

If you think that the virus problem is on the decline, think again.
We were quite lucky last year in that none of our configured test rigs actually contracted this virus, but that does not mean it was not a damn nuisance. When I say we did not contract Sasser, it might be a little misleading, because we did pick it up during the initial configuration of a few of the test rigs when they were live on the network, but never after we had completed the patch updates.

I read with interest that one network engineer claimed it was still impossible to install the base Win2k OS on a system and complete the patch update over the Internet. Invariably the system would contract Sasser before the patching was anywhere near complete. Using a packet sniffer, the engineer detected hits by Sasser up to three times a minute.

Now while Sasser was a pain, apparently Netsky and, to a lesser extent, Bagle were even more troublesome. Sophos claimed that Netsky variants accounted for a little more than 40 percent of all viruses reported to Sophos last year.

If you think that the virus problem is on the decline, think again. Sophos detected more than 10,700 new viruses in the year 2004 to December -- a significant growth. So what is the outlook for 2005? Well, let's just say that if I had stocks in antivirus companies I would not be selling them this year.

Finally, I had to finish off this column with a swipe at Telstra, yet again, because when I checked the status of my ADSL application it stated that it was "on hold until 11 November 2011". I thought this was a little too long to wait. Telstra commonly responds to any ADSL requests with a "worst case scenario" when many applications are actually processed in a few weeks. I'm pleased to say my service was apparently activated on Christmas Eve but must add that I am not pleased I was not notified in any way.

Steven Turvey is lab manager of the RMIT IT Test Labs. He can be reached at

This article was first published in Technology & Business magazine.
Click here for subscription information.