The Art of Computer Security: How You Can Protect Your Little Corner of the Network

Jon Miyake
Acceptable Use Policy Officer
miyake@uoregon.edu

The web of computer security is composed of firewalls, policies, filters, system scans, grumpy system administrators, overworked technical support people, patches, updates, antivirus programs, anti-spyware programs--and finally you, the beleaguered user.

Even when all these components work together like a well-oiled machine, complete computer security is not assured. However, if everything's running smoothly, the likelihood of your machine becoming compromised is relatively low. By making your little corner of the network secure, you increase overall network security for the rest of campus and the rest of the Internet.

Make Use of the UO's Security Resources

UO systems administrators do their part to protect the campus network by filtering problematic Internet traffic at the UO border, requiring secure passwords and enforcing the use of secure protocols and applications, scanning the network, and “defanging” or filtering email attachments on Gladstone, Darkwing, and Oregon.

The UO also provides several resources to assist you in keeping your computer secure:

1. a site-licensed antivirus program (Norton AntiVirus)
2. a UO Security CD (available in 151 McKenzie Hall)
3. Virtual Private Network (VPN) support for off-campus users
4. an online test to detect critical Microsoft security flaws (MS03-026, MS03-039, and MS 04-007) on your PC
   ( http://pctest.uoregon.edu/ )
5. the Computing Center's newsletter, Computing News
6. Microcomputer Services' security self-help site ( http://micro.uoregon.edu/security/ )
7. contacts for reporting UOnet-related abuse ( http://cc.uoregon.edu/abuse.html )
8. technical discussion lists such as uosecurity and deptcomp; to subscribe, see http://lists.uoregon.edu/listjoining.html
9. technical support (microhelp@lists.uoregon.edu)
10. the UO security group (security@uoregon.edu)

Other Things You Can Do

Here are some additional things you can do to keep your computer secure:

1. If automatic updates are available for your operating system and applications, use them.
   
2. Periodically check your software vendors' websites for updates to ensure that your system is being patched.
   
3. Reboot your computer regularly to ensure that patches take effect. You may already be doing this if you turn off your computer when you go home at night and turn it back on upon returning to work the following day. If you're not in the habit of turning your computer off daily, reboot once or twice a week to ensure that new patches are fully applied. Rebooting also keeps your computer happy by clearing cruft (electronic garbage) out of memory.
   
4. Even if you have a brand-new computer, get a copy of the UO Security CD from 151 McKenzie Hall and run it prior to connecting it to the network. As we learned during the July 2004 Blaster and Nachi virus outbreaks, not-yet-secured computers can be infected within 10 seconds after being connected to the network!
   
5. Use an antivirus program and keep it up-to-date. Your computer may have come with an antivirus product when you purchased it. Unless you specifically paid extra for it, this product is essentially a demo version and usually expires within three months after activation.
   
   For an antivirus program to be effective, it needs to be completely current. We recommend that you remove the antivirus program that came with your system and install Symantec's Norton AntiVirus, which is site-licensed at the UO (see http://micro.uoregon.edu/av/nav.html). This license permits you to access updated virus definitions--a critical feature when three or more new viruses are discovered almost every day. Once Norton AntiVirus is installed, activate its AutoProtect feature, periodically run LiveUpdate, and schedule routine scans of your computer.
   
   If you're not running a Microsoft operating system… Don't allow yourself to be lulled into a false sense of security just because you're not running a Microsoft operating system. Virus authors are perfectly capable of targeting other platforms--and will, as soon as these platforms become popular. No matter what operating system you're running, you need to keep it up-to-date and secure.
   
6. Use an anti-spyware product such as Spybot (http://www.safer-networking.org/), or Ad-aware
   ( http://www.lavasoftusa.com/software/adaware/ ).
   
7. Run a firewall product. At the very least, enable the firewall that comes with your operating system (e.g., Windows' ICF, Mac OS X's IPFW, Linux's IPTables/IP Chains). In addition, consider using a software firewall product (e.g., BlackIce, Symantec Internet Firewall, ZoneAlarm) if you are involved in high-risk activities such as running P2P applications (Gnutella, Kazaa, eDonkey, Bittorrent, and the like), downloading programs or games from the Internet, or using Internet Explorer, Outlook, or Outlook Express.
   
8. Don't click on or otherwise execute attachments that you are not expecting--even if they are from someone you know. There is no absolutely foolproof way of verifying that the attachments are benign.
   
9. Avoid Internet Explorer, Outlook, or Outlook Express. Although feature-rich, these programs have a track record of being viral vectors and/or enablers.

Microcomputer Services or your local technical support staff should be able to recommended alternatives that will meet your requirements. Some viable alternatives for Outlook/Outlook Express are Bat, Pine, Mulberry, and Eudora. Alternatives for Internet Explorer include Netscape, Mozilla, Firefox, and Opera.

If for some reason you absolutely must continue using IE, Outlook, or Outlook Express, please make sure you run Office and Windows updates frequently.

If you need further information about the security risks associated with these Microsoft applications, contact Microcomputer Services (microhelp@lists.uoregon.edu) or the UO Security Group (security@uoregon.edu).