Information technology news and advice
Workstation/Desktop/Laptop Security
Lately there is more and more concern regarding computer security. Currently SOM is working on the secure desktop standards. Meantime I would like to give you some advice on how you can rather easily make your computers more secure.
Windows XP and 2000 operating systems have many so called security holes and practically every week a new one is discovered. Microsoft carefully watches the situation and systematically releases security patches to cover these vulnerabilities. This is why it is essential to regularly perform the Windows Update procedure that may be run automatically from XP or should be done manually from 2000, at least weekly.
It is recommended to update your XP installation to Service Pack 2 (SP2)
Windows Update function is available from the START button and shows there in the upper part of the menu.
Currently VCU offers the SOPHOS antivirus to the faculty and staff. SOPHOS provides both for virus and the spy protection. Download is restricted with the VCU eID. As from June 1, 2008 the Version 7 will be installed through regular updates.
One computer should operate only one antivirus system, otherwise there may occur a conflict between them. If you install the XP SP2 update, this comes with its own antivirus program. This program MUST be turned off through Win-XP/SP2 Security Center in the Control Panel -- our advice is in favor of the Symantec Antivirus protection.
On some computers SOPHOS turns out to be a very heavy load slowing down the machine. It may be recommended in such case to install a more light-weighted free antivirus program AVG.
Win-XP/SP2 installs a rudimentary firewall for intrusion protection. This protection may be considered sufficient, yet a better result may be achieved if you install a free firewall program ZoneAlarm that is considered to be the best product of this kind. ZoneAlarm protects not only from intrusion attempts but also prevents the viruses that may reside on your computer to send offensive packets outside of your computer. ZoneAlarm also additionally protects against viruses in email attachments.
Instructions on ZoneAlarm installation may be found from the link "Firewalls and ZoneAlarm Guide and Tips" on the Info Technology Update page of the DOIM Website.
If you install ZoneAlarm, you MUST turn off the Windows firewall in Win-XP/SP2 Security Center in the Control Panel.
Some websites you visited or email messages you received may plant on your computer so called spyware -- programs that are watching what you are doing on your computer, what websites you visit, what files you have on the computer, what music you play. They even may highjack you commands to the web browser and display for you websites you never intended to visit. This all violates the confidentiality of information on your computer and slows down its operation.
First, you should turn off the spying features built in the Win-XP operating system. This is done with the XP-Antispy program the link to which is placed on the Info Technology Update page of the DOIM Website. It is a very simple and well documented free program.
Second, you should install on your computer one or more spyware scanners that operate similar to the virus scanners.
By default, when you install SOPHOS Antivirus provided by the University, you will have a very good anti-spy protection.
The first one of the additional programs is Adaware SE Personal that you may download free from http://www.lavasoft.de (The link may be found on the Info Technology Update page of the DOIM Website)
The second is SpyBot S&D that is available free from http://www.safer-networking.org/en/download/index.html
These two programs should be used for complementary scans of your computer once a week (or depending on you web browsing practice).
Microsoft offers now a pretty good antispy program Windows Defender that uses the technology from an acquired company Giant. It may be used as a single antispy protection if you do not wish to install third party programs for this purpose, or you may use it for additional layer of protection. Microsoft Windows Defender runs with automatic self updates and checks for attempts to plant spies on your computer.
Please be careful in using antispy programs. They may give false positive results marking some of your useful applications as spyware. In such cases uncheck the programs you are sure are not planted spies and do not delete them.
You will be amazed how many spies you will find on your computer after the first scan! Their number will be between a hundred and several thousand.
Please do not forget to run antispy scans at least once in a week!
VCU installed several layers of protection against spam in the incoming email. Currently about two thirds of mail reaching VCU is filtered out as spam. This system has practically zero level of false positives which means that the true messages are not marked as spam. Yet the other side of this property is a high rate of spam messages that are missed by the detection system. If you are still receiving an annoying number of spam messages, you may install additional mail filtering program that will mark undetected by VCU spam messages as such.
A good free system for this purpose is SpamPal Spam Eliminator. This program works with any email client that you use on your computer. (The link may be found on the Info Technology Update page of the DOIM Website)
You should also have in mind that the compressed ZIP files which someone may be sending to you are not allowed by the VCU email spam filters and are removed from delivery. Please DO NOT send ZIP files to your correspondents and warn them not to send these to yourself.
Because of the spam filtering and blacklisting of possible spammers performed by many entities involved in the Internet communications, you cannot be anymore sure that a message you sent someone has been actually delivered and not trashed somewhere in the process of being delivered.
Please always take measures to ascertain that your CRITICAL email has been received at the other end. The confirmation requests sent by some email programs are not sufficient for this purpose.
Many websites generate numerous unwanted pop-up screens. To prevent these, a few applications were developed that prevent visitors from such annoying experience. Yet modern web browsers now incorporate tools to block unwanted pop-ups. This is done in such browsers as Mozilla, Firefox and Opera.
It is not desirable to have several different pop-up blockers in different applications because this may lead to breaking navigation and display of some websites. You should select one product that controls unwanted pop-ups. In my experience, both Opera and Mozilla pop-up blockers do a decent job.
It has been said many times and by different people that using Internet Explorer for web browsing is a very dangerous experience. This is why the use of Internet Explorer is not recommended by the US Department of Homeland Security (DHS). There are much more secure and functional alternatives that are also free -- Mozilla (Firefox) and Opera browsers.
As Internet Explorer version 6 became an updated and very inefficient and insecure application, Microsoft attempts to develop a modern web browser that would have the features present in more advanced browers Opera and Firefox described below. This summer IE Version 7 has been issued and turns out to be a very clumsy program much inferior to Opera and Mozilla Firefox. Some important application used in VCU (Banner and others) do not work with IE7. The update to IE7 is not recommended. If you were cheated by the Windows Update application to install IE7, you may uninstall it through CONTROL PANEL via the Add/Remove Programs icon, which restores IE6.
You should have by now abandoned the use of Netscape 4. Using Netscape 7 is not recommended either because its any latest version is simply an out-dated version of Mozilla loaded with commercial add-ons.
The simplest browser to use is Mozilla Firefox available for free from http://www.mozilla.org . Firefox easily imports all settings from Internet Explorer including bookmarks (favorites) and address book.
The true power of Mozilla Firefox is released when installing and using numerous extensions-addons.
A more sporting and flexible browser Opera may be downloaded and used for free from http://www.opera.com .
These two browsers offer increased speed and convenience of use with their TABBED browsing. This is particularly convenient when you have, for example, a listing delivered by a search engine to your search query. When reading this listing, you click on the selected links and they will be downloaded and opened as tabs in the background WHILE you are still reading the initial listing!
Unfortunately, some of the websites indulge in browser discrimination. They allow only visitors who use Microsoft Internet Explorer. To visit such places, if you must, there is no other way but to use Internet Explorer. This is the only case that justifies the use of this browser. Mozilla Firefox has an "extension" that allows user to immediately view such sites in Internet Explorer. Yet you should have in mind that such places will be most frequently loaded with viruses specifically targeted on the vulnerabilities of Internet Explorer.
You may continue using your old Netscape 4 as an email program if you are used to it. It is secure and adequate.
A more modern program for email, that is much similar to Netscape 4, is included in the Mozilla suite of applications or distributed separately as Mozilla Thunderbird. This program has an inbuilt self-learning spam filter that is very efficient and excludes the need of an external spam blocker. Mozilla Thunderbird may be used to access and manage the Lotus Notes email for the faculty and staff on the VCU server (with @vcu.edu addresses)
The users of Lotus Notes should be reminded that they need to turn off the capability of this program to execute malicious code that may be included in email messages. They should also change the default for calling browser when clicking on the link embedded in a message. This default needs to be replaced with the installed default browser -- Firefox or Opera. Calling Internet Explorer is dangerous! Please see the detail here.
The use of Outlook and Outlook Express is discouraged although by now Microsoft plugged many of the security holes in them. These email programs are the targets of virus and malware mongers which may lead to big problems in your computer. If you still intend to use this program, please check regularly that its capability to execute malicious code in messages is still turned off -- it has a tendency to occasionally turn itself on.
