SEAS Information Security Tips
You may feel like "nothing I have on my computer is worth protecting, and they wouldn't bother with me anyway." But the truth is that a vulnerable computer can be the starting point for other attacks on our network. A hacker may not be interested in your computer specifically but rather may hijack your computer for use in remote proxy attacks such as a Distributed Denial of Service (DDoS), thereby becoming a threat to someone else's computer. Most attacks come from automated cracking programs which simply try to break into every machine on the Internet. When they break into one computer, they copy themselves to that machine so that it can try to break into yet more machines. So no one is choosing to break into your machine specifically, but your machine needs to be secure for the welfare of other computers on the network.
Below are some basic concepts and practices that will not only protect you and your data, but the whole Penn computing community. As an Eniac user, you are required to keep your account secure to protect the entire system.
1. Don't open email attachments, unless you are expecting them. Don't send email attachments using any of the extensions listed in the Answers article on Sending Prohibited Attachments, they will be interpreted as viruses and blocked. Email containing these types of attachments is automatically deleted and there is no way to recover it.
2. Lock your computer when you are away from your desk in the office, lab, or college house, even just for a minute. To lock a Windows machine, press ctrl-alt-delete and click the "Lock Computer" button.
3. Don't share your password with anyone. If you have a shared account, use a different password for it. Also, don't use the same password on different sites. For example, don't use the same password for your bank account and for your email. Don't write your passwords down. The best place to keep your passwords is in your head.
4. Install and run Antivirus software and keep it up-to-date. Penn provides site-licensed copies of Symantec AntiVirus to Penn users at no cost. Visit http://www.upenn.edu/computing/virus/ to download a copy. Once it's installed, be sure to run "LiveUpdate" to get the latest virus signature files on a regular basis.
To automate Symantec LiveUpdates:
- Right-click on the Symantec shield icon in the lower right corner of the display and select "Open Symantec Antivirus".
- Select Schedule Updates from the File pull-down menu.
- Put a check in the box next to "Enable scheduled automatic updates".
- Click the Schedule button.
- Under Frequency, click the button next to Daily.
- Select a convenient time for the updates to take place.
- Click OK.
5. Keep your operating system patches up-to-date. Run Windows Update regularly.
6. Don't let anyone modify your account or your computer, unless you trust them.
7. Make sure your system security settings are correct. Download and run Microsoft Baseline Security Analyzer. Microsoft released this as a response to the Code Red and Nimda worms a few years ago. It's designed to identify common security misconfigurations.
8. Remove bad software - Don't install spyware, peer-to-peer software, or "toolbars". Run Spybot Search and Destroy daily to detect and remove spyware. Update it weekly. (https://www.safer-networking.org/)
9. If someone gets a message with your address in the "From" line, this doesn't mean your account was broken into. Similarly, just because you get a bounced message from a message you never sent, doesn't mean your account was broken into. Delete these messages, they are spam.
10. Run the "Shields Up" scan, an Internet security vulnerability profiling free service. This scan will identify exposed areas on your computer that intruders could use to probe and hack into. Open ports make it easy for intruders to steal your personal information, credit card numbers, and so forth through your computer's insecure connection to the Internet. Do what you can to fix the security problems the "Shields Up" scan reports. There is a lot of helpful information on the site. Go to "Shields Up" Scan
11. Install a firewall on your computer. CETS technicians will install and set up a firewall on SEAS staff and faculty computers located in SEAS offices.
- Linux System Administration Best Practices
- Important Security Links
- ISC's Office of Information Security
If you have any questions about computer security, please send mail to firstname.lastname@example.org. Please be as detailed as possible.