Patience
Helping people is a joy. But sometimes people get flustered, and when they get flustered, I swiftly get impatient. A problem because when I get impatient I get less helpful. Impatience works contrary to my stated goals and weighs heavily on my later thoughts. So how about we try this again?
...Internet turned off..."worm-virus"...wrong name...patch CD...
Alright, I can't give you a certain answer because I don't have access to that information, but I'll tell you what I can. It's a little complicated. Do you remember when you registered your computer at the beginning of the semester?
...
Yes, the dynamic IP thing. When you filled out that form, it asked your computer for a number that uniquely identified it. The form took your name, phone number, and that number and stored them together. When we detect a machine sending infectious packets, we turn off the port connected to that machine. We then call the person who registered the machine with that unique number. We apologize for this, but we do it to protect other people from getting infected.
...
I understand that seems conflicting. This is just how I've been told it works. I can't tell you why it would be like that. But, if your port is turned off, your machine is probably infected. If we called her, her name was on the registration for the computer whose port was turned off. Maybe the database is messed up. It's also possible that both of your computers are infected.
...
Uh huh. Well, if you're running Windows XP or Windows 2000 and aren't patched, you'll likely get infected eventually either way. So it'd be best if you can check out a CD, you both can use it, and then we'll be sure neither of you are infected nor will get infected. Anyway, our network staff has left for the day, so no one's port is going to be turned on or off till Monday.
...
I'm sorry I can't do more for you. We are open our regular hours this weekend if you need access to a computer.
My frustration with existing network policies only contributes to my impatience whereas it should only contribute to my empathy.
If I understand things properly, and I often don't, the switches we have could be made to simply filter any UDP traffic and any TCP traffic destined for port 135 originating from an infected machine. After all, we do this sort of filtering to them before they're registered. The only logic against this that I've heard is that these machines are fundamentally broken, and therefore need patching to become fixed. But if they don't hurt anyone with excessive traffic, I don't see what harm they could do. Should we care if they're broken if we can't tell from outward behavior? Once more, all of the recent infections have been from Welchia which patches the vulnerability it exploits to become installed. Blaster is dead and was minimally harmful to the host machines at that.
Of course, I don't know what good writing this up has done until I have to deal with another irate person. They're few and far between.