Information Technology Services

• Staying Safe and Secure With Your Computer
• Create a Secure Login
• Protect Your Computer
• Be Selective with Features
• Don't Share
• Keep Your Computer Healthy
• Stay Legal
• Accidents Happen

Safe computing is mostly about prudence, preparation, and prevention. We have seen a large number of computers on our network compromised lately (both personal and NDSU systems). The followingsuggestions are intended to help students, faculty, and staff become more aware of safe computing issues.

The Internet is a powerful resource, but the same features that make it powerful also provide the means for misuse. Your "network neighbors" are now all over the world, and, if you are not careful, they may have complete access to your system. While there really is no "100% secure" Internet-connected computer system, it is possible to take a few simple steps to be more secure than you would be otherwise.

Of course, you might say, "I don't have any top secret information on my computer." However, you don't want to lose what you do have, and you don't want to be responsible for illegal activity on your computer. "Infected" computers can

• infect other systems,
• take down entire businesses or networks,
• be used for illegal or terrorist activities against others,
• be used as repositories for illegally obtained software and pornography,
• and have information corrupted or deleted.

Hundreds of computers can be taken over in seconds. Remember that you, as an owner of an account or computer, are responsible for any and all activity using your access information. You can save yourself a lot of grief by following some basic rules for safe computing.

If you have any questions about any of these items, please contact the ITS Help Desk at 231-8685 (Option 1), via e-mail at NDSU.helpdesk@ndsu.edu, or in IACC 150.

There are no dumb questions, and what you learn from your friends may or may not be true. With a little prudence, preparation, and prevention, you can enjoy great computing. Don't be a victim. It is better to be safe than sorry.

The first step in safe computing begins with your login ID and password. A few simple precautions will go a long way to prevent you from being a victim of a computer break-in:

1. Always set up all accounts (user IDs or e-IDs) that require good passwords. Do NOT allow a password to be empty or blank. We see many break-ins of Windows 2000 and Windows XP machines because the machine was installed and set up with a null (blank) administrator password. There are hacker tools that can find these and compromise them in seconds. Don't be an easy target.
2. Use GOOD PASSWORDS! Do NOT use words that could be looked up in a dictionary or are simple--programs can "guess" those in seconds. When possible, use special characters, digits, mixed case, etc. Your password should be at least 6 characters long. One recent study showed that 40% of the users surveyed used the word "password" as their password! Don't be obvious, be mysterious. Do not share your password. If you think someone else knows your password, change it.
3. Remove or disable all guest and other accounts you do not need. Change all the initial passwords that might have come with your system. Many computer systems are delivered in an "insecure" state. Be secure.

Having antivirus software is not enough. Not only does it need to be installed, but it also should be working correctly and updating automatically.

1. Make sure every computer that you are responsible for has antivirus software installed and configured correctly.
2. All antivirus software should be automatically updated with the latest virus definitions at least once a week. All NDSU students, faculty, and staff can use FREE antivirus software and set up their computer to automatically update the virus definitions. You can even use the software on your home computer.
3. Be suspicious of messages or e-mail, EVEN if you seem to know the sender. Many modern viruses forge e-mail From: and To: addresses to try to trick you into doing something you would not normally do. It only takes once to be infected with a computer virus. Critical patches or security updates are NOT sent unsolicited in e-mail! If you get mail from Microsoft or another supplier which claims to have an attached program, patch, or virus remedy, you should assume it is a hoax or virus. Most legitimate programs and patches are made available at well known Web sites or FTP servers from which you must download them.
4. There is personal "firewall" software that will allow you to control who can connect to your computer. However, it can be rather complicated to set up and even more difficult to interpret the alerts. You may think you are under attack when in reality the connection is a normal part of some program or protocol you have installed.

Modern computer systems come with lots of bells and whistles. Many of the common computer attacks use features you may not even know you have.

1. Turn off any unneeded services or features (e.g., Web servers, remote access).
2. Do not needlessly open "network shares" to allow others to access your system. Once a person has access, they can do just about anything. If you do require outside access, be sure it is really secure.
3. Beware of buddies who tag along. Freeware may have other software to give people direct access to your machine without you knowing it. Do not accidentally turn your machine into a server for illegal software. Be careful of the software you install and check it out BEFORE you install it. Some tag-along software such as "CommonName" may not damage your machine, but you may no longer be able to access some Web sites.
4. Be selective in handling e-mail. Indiscriminately sending chain letters, jokes, etc. to everyone in your address book can not only clog the network, but you might lose the respect of the recipients. If you get an offer that seems too good to be true, it probably is. Many scams try to entice you to participate by "only" giving them your bank information, e-mail address, or personal information, or by requesting a "small" investment of money with the expectation of getting a windfall later.
5. Don't let strangers onto the network! Do not install wireless access points. They may allow "wardrivers" to use your network access without your knowledge and you may be held accountable for their actions. Networking equipment like wireless access points, DHCP servers, and advanced routers may also cause major network disruptions. If in doubt, be sure to contact the Help Desk at 231-8685, Option 1, if you have network configuration questions or before you connect something new to the network.

Many exploits use "social engineering" to get you to do something you normally wouldn't do. Social engineering is basically trying to talk you into doing something you would not normally do if you knew what was going on. In regards to computers, don't "give in" and don't ever share.

1. Do not share your password or allow someone else to use your account. Never give out your password to anyone except authorized, known IT staff. IT staff try to avoid having to know user passwords but may need them to debug a problem with you. But only comply when YOU have initiated the contact and are confident of whom you are talking to. Never send the passwords in e-mail; e-mail can be passed around and "live" for a long time. Your password is personal, so keep it to yourself.
2. Don't be enticed to open an attachment or visit a Web site from an unexpected e-mail, especially those with large attachments. For example, the Klez virus claims to have a fix for the Klez virus, but if you run it, you will get the Klez virus. Confused yet? Klez also sends the virus as an attachment that it claims is undeliverable e-mail that you sent and asks you to open the attachment to see the original e-mail (really the virus). The viral e-mail may even come from someone you know well, but, if you don't expect it or if it looks odd, check it out first by contacting the "sender." Remember that it is very easy to "forge" e-mail addresses.
3. Be very careful about others using your computer. Will they be as careful as you are? Programs like Kazaa, IRC, and even instant messaging and chat rooms are notorious for exposing computers to viruses and compromise.

Good hygiene and good health are also important for computers and require continuous effort.

1. Keep the critical patches for your system current. Many break-ins are using "vulnerabilities" which are well known and have been patched by the vendor months or years ago. While installing updates may be non-trivial, it is important to get help and check for updates. Some vendors have Web sites to simplify the process (e.g., for Microsoft Windows and using MS IE, visit http://windowsupdate.microsoft.com ). Remember to have good current backups of critical data on your computer before making any changes.
2. And we can't say it enough--make sure your antivirus product is automatically updated regularly. Check it often to make sure the updates are still being received.
3. Don't give away the farm! If you sell or give away your computer, you should remove all your personal data and uninstall proprietary programs licensed only to you. Most computers come with the operating system installed and perhaps some other applications, but licenses vary. The safest thing to do would be to completely "scrub" the disk(s) using special programs because deleted files can often be recovered.

Following the rules and being responsible is also a part of safe computing.

1. Know and respect the licenses and terms for the software you use. Violations of terms can bring big fines, especially for an institution like NDSU. This has happened to other schools.
   • If you install software with a limited trial, be sure to remove it or pay for it when the time is up.
   • Be aware that some software can be used for free for personal use (on your own computer), but require a full purchase if used on an NDSU system. Remember that software licensed to NDSU or the NDUS still may require payment and/or registration for EVERY copy installed.
2. Respect copyright and trademarks. Trademark and copyright owners are becoming especially vigilant to violations on the Internet and use sophisticated tools to seek out offending sites. If you have any questions, contact a lawyer or the NDSU Designated Agent for the Digital Millennium Copyright Act at copyright.abuse@ndus.nodak.edu .

Just as in life, there is no 100% safe computer. Computer security is relative. Taking a few simple steps can greatly enhance your security. You must be on the watch for bad things that might happen no matter how careful you are.

1. Back up all your critical data often. The safest way to recover a compromised machine is to erase (reformat) the disk and reinstall everything from scratch using program install disks and restoring backed-up data. Keeping all your data and document files in one directory (and subdirectories) and backing that up often on CD-ROM, Zip drive, or on the network will make it easier for you to get your data back. Official NDSU data should be saved on network servers which are backed up daily--hard drives on your computer are not. If you do back up data yourself, be sure you have it on your "calendar" and do it regularly.
2. Know your computer and be alert to changes in its behavior, unexplained files or messages, or seemingly random activity not connected with your use. That cool music program you installed might have made your computer a server for hundreds! Computers at universities are especially targeted because of the relatively high bandwidth Internet connections and powerful computers. Be curious. Check out something that seems odd or unusual.
3. If you are actually infected with a computer virus or your computer is taken over by someone else, be sure you not only restore it to use but make it more secure than it was. Try to figure out how it was compromised and close those loopholes. You don't want to be an easy target for every person with dubious motives!
4. If you think your computer is compromised or is acting suspiciously, you can unplug the network connection to make sure the problem will not affect other systems or the network itself. ITS may also block access to the Internet or local network if we have had reports of suspicious activity or complaints of attacks from that machine. Access will be restored once the problem is understood, and, if necessary, the machine will be cleaned and secured.