• How do I protect myself from computer viruses?
• What should I know about securing my personal computer?
• How will I know if the security of my computer has been compromised?
• Is there a group on campus that can assist departments with identifying system vulnerabilities & risks?
• What should I know about creating a good password?
• How do I know if I am on a "secure" web page?
• What campus polices, procedures or guidelines should I be aware of?
• What constitutes harassing or inappropriate mail and what can I do about it?
• How do spammers get my name and how can I protect myself?

• Install anti-virus/antispyware software on your computer
  Sophos anti-virus is available to all UA faculty, staff, and students free of charge, for use on systems located at home and at the university.
  Go to https://sitelicense.arizona.edu/sophos/ to download antivirus software and https://sitelicense.arizona.edu/counterspy/counterspy.shtml to download anti spyware software.
• Update your virus definitions regularly
  New virus identities (IDE) from Sophos are released almost every day. By applying these IDE files, you ensure that your system is fully protected between monthly updates. See the IDE FAQ page for further information, as well as information on how to perform an automatic or manual installation of the IDE files. Additionally, Sophos gives you the latest virus warnings and news by e-mail... subscribe to Sophos e-mail notification services.
• Use good judgment when opening strange e-mail attachments and/or files
  Never open an e-mail attachment from someone you don't know. It is wise to check with a known user if you receive an attachment from them that you were not expecting.
  The type of attachment can be a tip, as well. If you get an e-mail attachment that ends with two periods, such as .txt.doc, .xls.exe, or any combination of file extensions, DO NOT OPEN IT! To find out the real name of an attachment, right click on it and choose "properties". If the file has an .exe, .vbs, .com, .cmd, .pif, or .lnk extension, do not open it UNLESS you were expecting it or it was sent by a known (trusted) user and you have confirmed that they meant to send it to you.
• Backup your data
  The original file that's become infected or was destroyed can be restored if you have it backed up.

To top

The following seven computer security tips are recommended by the National Information Protection Center (NIPC);

• Use strong passwords. Choose passwords that are difficult or impossible to guess but easy to remember. Give different passwords to all accounts.
• Make regular backups of critical data. Backups must be made at least once each day. Larger organization should perform a full backup weekly and incremental backups every day. At least once a month the backup should be verified.
• Use virus protection software. That means three things: having it on your computer in the first place, checking daily for new virus signature updates, and then actually scanning all the files in your computer periodically.
• Use a personal firewall as a gatekeeper between your computer and the Internet. Firewalls are usually software. They are essential for those who keep their computers online though the popular DSL and cable modem connections but they are also valuable for those who still dial in.
• Do not keep computers online when not in use. Either shut them off or physically disconnect then from the Internet connection.
• Do not open e-mail attachments from strangers, regardless of how enticing the subject line or attachment may be. Be suspicious of an unexpected e-mail attachment from someone you do know because it may have been sent without that person's knowledge from an infected machine.
• Regularly download security patches from your software vendors.

Additional security tips from UA's Security Incident Response Team (SIRT);

• If you use Windows 95 or 98, disable the auto-execute function that automatically opens script files.
• Be wise about cookies. Some web sites require that your computer accept cookies before allowing access, but these little programs can reveal a lot of information about you. A good compromise: Keep cookies disabled and enable them only when necessary to visit a site you really need to see.
• If you use Windows and share files with other Windows users, be sure your computer's permission settings require them to enter a username and password before gaining access. Without this safeguard practically anyone can tamper with you disk drive.

More information can be found on UA's Security Office Basic Protection Tips Page.

To top

One way to identify suspicious behavior on your computer is to look for files and/or programs that you did not install, or for other behavior that is unexpected and out of the ordinary. If a program runs or opens by themselves (and didn't use to do so), you may be infected with a Trojan horse.

Another indicator that your computer may be infected or under attack is if the computer's speed becomes very slow all of a sudden. Your awareness of this performance change is important. We recommend you use an antivirus software (and a firewall, if you have one installed) to warn you of infections and attacks.

See FAQ 1 and FAQ 2 (above) for more information on what you can do to help prevent intrusion or infection of you computer.

See FAQ 4 (below) for more information on UA's Security Information Response Team (SIRT).

To top

The UofA has a team of specialists ready to help departments prevent attacks and to recover when they do occur. The UofA's Security Incident Response Team (SIRT) opened for business during the summer of 2001. The team's charge is to raise security awareness on campus and to assist departments with security-related issues.

The team offers UA departments a number of security-enhancing services, including:

• Vulnerability testing and network scanning. Using the same software tools hackers use, the team can try to break into your system — without causing any damage, of course.
• Security consulting and firewall analysis. A firewall is a specialized computer used to connect a local network to the Internet and guard against malicious traffic. Do you need a firewall, or will software-based security be sufficient in your setting? These folks can help you decide.

For more information on see Security Incident Response Team (SIRT)

To top

Every year thousands of computers are illegally accessed because of weak passwords. The following is a list of the things a user should not do:

• Write down a password on a sticky note placed on or near your computer.
• Use a word found in a dictionary. That's right, a dictionary. Any dictionary!
• Use a word from a dictionary followed by 2 numbers.
• Use the names of people, places, pets, or other common items.
• Share your password with someone else.
• Use the same password for more than one account, and for an extended period of time.
• Use the default password provided by the vendor.

Passwords are one of the first lines of defense that users have to protect their systems. Unfortunately, people are not accustomed to remembering difficult passwords consisting of numbers and weird characters. The ever-increasing number of passwords required to work in today's world only makes this problem worse. Many people have compensated for this problem by writing down their password and keeping that information in an unsecured area, like stuck to a computer screen.

One of the first things a hacker will attempt to do against a system is run a program that will attempt to guess the correct password of the target machine. These programs can contain entire dictionaries from several different languages. In addition to words found in dictionaries, these programs often contain words from popular culture such as science fiction movies and novels.

Hackers like to attack people's weaknesses. One of the major weaknesses is the reluctance to remember several, long, difficult-to-guess words such as passwords. Therefore, once one is chosen, the likelihood that the same password is used for several accounts is very high. This is similar to the problem with default passwords because users have a tendency to keep the same password for a long period of time, thereby allowing the attacker that much more time to gain access to a system.

Mix numbers and letters. Mnemonics and numbers in a word can be your best friend. A mnemonic is a formula or rhyme to help you remember. Examples of mnemonics are:

• My four children are wonderful when they're sleeping (m4cawwts)
• My anniversary is April 4 remember that date (maia4rtd)
• Ali Baba had forty thieves (abh40t)

Try substituting letters for numbers (or vice versa), such as : E equals 3, I equals 1, O equals 0 (zero), for equals 4, two equals 2, B equals 8, see or sea equals C, etc. For example:

• Use r3dj3llo instead of redjello (substitute the E's with 3's)
• Use Bcl1nt0n instead of bclinton (substitute I & L with 1's and O with zero)
• Use j0hn80y instead of johnboy (substitute the O's with zeros & the B with 8

It is important to remember though, that any password can be guessed if given enough time. Therefore, it is important to change your password within the amount of time it would take an attacker to guess it. For example, with the previous examples it may take an attacker 60 days on a very fast computer to guess them. In order to ensure your system's safety then, you must change your password before those 60 days come to an end.

See UA's Password Guidelines for more information on password methodology.

To top

Before you give personal information to a Web site verify that the page is secure. A secure site should have one of the following:

• A closed padlock which can be found in the lower left corner of Netscape 4.0 or greater and in the right corner for Internet Explorer 4.0 or greater.
• An "s" added to the familiar "http" (making it https)

A good example of this can be found at https://sitelicense.arizona.edu/

To top

The following security related policies/guidelines are just a few that UA campus community members should be familiar with:

• UA's Acceptable Use of Computers and Networks Policy
• UA's Online Access Agreement
• Student Right-to-Know - Crime Awareness and Campus Security Act of 1990
• Policy on Access to University Building Restricted Areas

The following privacy related policies are just a few that UA campus affiliates should be familiar with.

• University of Arizona's Policy on the Release of Student Information
• Guidelines for the Collection, Use and Release of Personal Information
• Data Access Policy
• Information Page on Public Records (maintained by Decision and Planning Support — DAPS)
• Access to or Disclosure of Personnel Records or Information (ABOR Policy 6-912) (PDF)

More information regarding policies, procedures, guidelines, and principles for the University of Arizona can be found at UA, State & Federal Policies.

To top

Examples of inappropriate e-mail include but are not limited to, SPAM, pyramid schemes, mass-mailings, marketing one or more products or services for sale, and chain-letters. Harrassing e-mail messages can be construed as messages that threaten or intimidate the recipient.

Read "Harassing and Inappropriate E-mail," by CCIT Account Administration, for details on what you can do.

More information on this topic is available on WHOA's resource page .

To top

Free services. Many Web sites carry paid advertising as a way to generate revenue. But many web-based services also require that you register, by supplying your name and e-mail address, before you can use their "free" services. Selling the information they collect is part of their business plan. And guess who buys that information? (The correct answer is "spammers").

Newsgroups. Think twice before posting to a newsgroup. Spammers often release information-gathering programs called "bots" to collect the names and e-mail addresses of people who post to specific newsgroups. Bots can get this information from both recent and old posts. And, since many newsgroups are special-interest communities, spammers can learn what you're interested in — which makes you a better target for spam.

Never reply to a spammer. Replying to spam — no matter how good the offer sounds — will guarantee that you get more spam, because you've shown yourself as susceptible. Also ignore any offer to "click here to be removed from our list." All your request does is tell the spammer the message arrived and that a live person is reading the mail at that address. Any repsonse increases your value to list-sellers.

Surf wisely. Be sure to look for the TRUSTe "trustmark" included on many commercial Web sites. This logo certifies that the site owners follow their published privacy policy. Every policy is different, so you'll still have to read each one carefully before divulging personal information. But at least you'll be reasonably certain the site owners won't sell your name if they've promised not to. Go to www.truste.org for more info on this service.

Use filters. Every e-mail program has some sort of built-in filtering system. Check your client's online help section for info on setting up filters. Filters aren't perfect, though, because you have to enter the spammer's e-mail address, and the addresses change often and are commonly disguised. Another good use for filters: blocking messages from one person who keeps sending you unwanted (but not spam) messages.

Let your postmaster handle it. You can forward any objectionable mail, including spam, to postmaster@email.arizona.edu if the mail comes to or through an email.arizona.edu account. The postmaster knows how to complain effectively and may even get the spammer's Internet connection terminated. This is a temporary solution at best, but it causes the spammer more pain than you can on your own.

Be sure to include the expanded header when you forward a message to the postmaster. The expanded header identifies every computer that handled the message before it arrived at your in-box. The postmaster needs this information to determine the origin of the message. Every e-mail client has its own way to expand headers; click the online help section to learn more.

In Eudora, for example, select the message by double-clicking on it in the inbox, then click on the button that says "blah blah blah" to expand the header.

More information on this topic is available on WHOA's resource page .

To top