Information & Library Services » security

Windows XP/Vista: Turning on Automatic Updates

rrichar2 — Thu, 01 Sep 2011 13:53:25 +0000

To join the Bates Wireless Network you need to turn on your Windows Automatic Update. This is highly recommended for all Windows XP/Vista machines regardless of internet connection for best security practices.
A. On a Windows XP machine:

Double click on My Computer
Double click on Control Panel
Double click on System

B. In the System control panel:

Click on the Automatic Updates tab
Click the radio button, Automatic (recommended)
Click Apply, then OK

Updating Anti-Virus Programs

rrichar2 — Thu, 01 Sep 2011 13:17:44 +0000

Bradford Persistent Agent grants temporary internet access to allow updating of Sophos anti-virus software definition files. Click the link to obtain the free download of Sophos for Mac or Windows, distributed to all students, staff, and faculty of Bates College for their personally owned computers.
This does not include Windows Updates.

(If you do not have an internet connection, contact Help Desk Services at helpdesk@bates.edu or 207.786.8222)

A. Sophos:

Right Click on the Blue Shield icon for Sophos in the system tray
Left Click on Update Now
Updates will be downloaded from the Bates server and installed on the computer. A restart may be necessary to apply all updates.

Requesting Your S/MIME Certificate

rrichar2 — Thu, 01 Sep 2011 17:01:42 +0000

Open Firefox
NOTE: If you have already configured a master password in Firefox, skip to Step 4.
From within Firefox select Options from the Tools menu (or Preferences from the Firefox menu if you are using Mac OS X); click the Security tab; Click the Change Master Password button
Enter the password, confirm it and click the OK button.
NOTE: Use the password quality meter to ensure that this is a good quality.
Go to: https://transact.bates.edu/crs and log in using your network username and password.
Click the Request a certificate button and follow any on-screen instructions.
Check your e-mail for instructions from Comodo (the certificate authority we use for SSL certificates)
NOTE: DO NOT click on the button in the e-mail unless you are positive that doing so will open Firefox.
Copy the URL from the Comodo e-mail (the one below the button) into your Firefox Web browser.
Enter your e-mail address and the password provided in the instructions from Comodo, then click Submit & Continue, enter your master password if prompted and follow any on-screen instructions.
NOTE: At this point the new certificate should be loaded into the Firefox cryptographic device. Now you need to export the certificate from Firefox so that it can be imported into Thunderbird.
From within Firefox select Options from the Tools menu (or Preferences from the Firefox menu if you are using Mac OS X); click the Advanced tab; click the Encryption sub-tab; click the View Certificates button; click the Your Certificates tab
Select your new certificate (the one from USERTRUST) and click the Backup button
Name the file client-certificate.p12
Enter your master password
Choose a strong password for the backup file, click the OK button, and click the OK buttons on the remaining two windows.

Protecting Yourself On The Internet

rrichar2 — Wed, 31 Aug 2011 20:36:52 +0000

A. Cookies:

Cookies are little pieces of information that web sites store on your computer.

B. Common scams:

“phishing” Banks and major e-commerce sites will never ask you for credit card or account information. Even if the communication or web address looks valid. If you are unsure, contact the company first before responding.
If it sounds too good to be true, it probably is.
Pop-up messages. Use a browser that blocks unknown Pop-Up’s like Firefox or if you use Internet Explorer, install and use the pop-up blocker in the Google Toolbar.
Firefox: http://www.mozilla.com/en-US/firefox/

Google Toolbar: http://toolbar.google.com/googlebar.html

C. Double-check the URL:

Some phishers use foreign character sets to create URLs close enough to fool users into thinking they’re on the real site.
Make sure the site you’re logging on to is really www.paypal.com and not www.paypäl.com.

D. Instant Messages:

IM is not secure. Don’t type anything in an IM you wouldn’t want posted on a bulletin board next to the highway.
Messages are saved on the host servers for a period of time, and may be accessed by others.

E. Online shopping:

Use a major credit card, not a bank card to buy things online. A credit card is more vigilant about fraudulent purchases than a bank card.
Consider opening a PayPal account if you want to use Ebay or shop at questionable websites, to protect your banking information.
Review bank statements and verify if there are any questionable transactions. If there are, contact your credit card company and bank as soon as possible.
Try and keep to major, well regarded web sites.
Make sure that you use secure transactions when entering personal information and credit card information.
the url will start with https:// rather than http:// if the site is secure
Read all information carefully before pressing the submit button. Sometimes a check box can offer to opt you OUT of receiving sales or marketing email.
Look for the privacy policy. Some companies will sell their contact lists to everyone and actually state their in their Privacy Policy. Look at the small print.

F. Web viruses:

One way of spreading Internet viruses other than email is to have a user click on a button on a webpage that will download the virus code to the user’s computer and automatically run the virus code, infecting the computer. These buttons are also put inside email messages. Sometimes the button is labelled “Unsubscribe me from this mailing list” or “To unsubscribe from this list, click here”. DON’T click the button.
Even if this is not a virus trap, many mailing list companies take any response to their message as proof that they have reached a “live” email address. This may mean that you get put on more mailing lists and get more SPAM messages.

Protecting Your Information

rrichar2 — Wed, 31 Aug 2011 20:34:59 +0000

A. At the office:

Never give your Bates password to anyone. It can be used to look at confidential information beyond email.
Log out or reboot your computer if you leave it on over night.
Log out of email after you are done or even better, reboot the computer especially if it is a shared computer.
Lock your computer if you are stepping away from your desk for any long period of time. [windows = press control/alt/delete simultaneously, macintosh, please consult locking Macintosh help sheet.
Use a paper shredder to destroy sensitive paper communications.

B. Passwords:

Should be 6 or more characters long. A mix of letters and numbers at the very least. Preferrably including a special character like !@#$%^& if the system in question will accept them.
Not easily figured out like birthdays, pet’s or children’s names, phone numbers, social security numbers or license plates.
Don’t use the same password for every internet site you visit… if it is compromised, you’ve lost security everywhere.
Don’t use your current Bates password on systems outside of Bates. Feel free to recycle an old one that was wickedly difficult to type, but that you still remember.
Memorize all of your passwords. Don’t keep a copy in your purse or wallet. Please don’t tape your password to your monitor, or to the bottom of your keyboard, or keep it in the top drawer of your desk.
DO change your Bates related passwords to match your current Bates password.
(Dreamweaver, Bates Gmail, Google Calendar, Sophos Updater)

C. General tips:

Don’t carry your Social Security card in your wallet or purse.
Buy a cheap paper shredder and destroy sensitive documents that you would otherwise just throw away.
Be very careful of Social Engineering. Unless you make the initial contact, do not give out any personal information especially credit card numbers, Social Security numbers or passwords over the phone.
If you feel you need to give someone your information (Social security number, mother’s maiden name, PIN, password) then call the organization at a number that you looked up or that is in the statement that they mail to you.
Request from the major businesses that you work with that they do not share your name and address with their business partners.
If you own a non-Bates laptop, password protect it and record all Serial Number information in case of theft.
When throwing away or donating an old computer, make sure the hard drive is erased and all sensitive material is deleted

Protecting Your Computer

rrichar2 — Wed, 31 Aug 2011 20:32:40 +0000

A. Administrative password:

Put a secure administrative password on own computer (Some viruses are now set to guess passwords and login to your computer. They guess admin, passwd, Rover, Fluffy, manager, iloveyou…)

B. Firewall:

Windows XP has a firewall that can be turned on to keep others from using your computer when it is on the Net.
You might also consider a hardware firewall.

C. Spyware:

This is probably the most common cause of computer slow-down. If you install filesharing software or even AIM software, spyware can be installed on your computer and cause problems.
Run free software to fix spyware, like
Spybot: http://www.spybot.com/
or
Ad-aware: http://www.lavasoftusa.com/software/adaware/

D. Viruses:

The importance of installing anti-virus software and keeping it up-to-date cannot be stressed enough. Bates provides free virus protection software:
[SOPHOS for Windows][SOPHOS for Mac OS X]
Virus software companies send out updates constantly. Have your virus checking software set to automatically update the virus definitions.
Your virus checking program will not work properly if the configuration is not set correctly. Have it set to check all files, check zip files, to warn you and quarantine corrupted files.
Viruses don’t just travel via email anymore. There are security updates for your computer that can help, but viruses can still find their way onto your computer.
New computers often come with a trial version of virus protection but you often have to purchase a subscription to keep the virus definitions up-to-date.

E. Security Updates:

Keep your Windows computer up-to-date by visiting:
http://windowsupdate.microsoft.com
Have Windows updates download and install automatically:

Macintosh: Changing Keychain Login to New Network Password

rrichar2 — Wed, 31 Aug 2011 23:16:27 +0000

Annual network password change can necessitate changing your keychain login password in order to unlock the file on a macintosh that stores all saved passwords and certificates. If the two passwords do not match, the computer will give an error message indicating that a saved password cannot be accessed.

A. To locate and change the keychain login password:

Open the Applications folder from the harddrive (A)
Open the Utilities folder, then Keychain Access (B)
Next open your home folder
Followed by Library > Keychain
Expand Keychain to see login.keychain. Opening the file will display all passwords and certificates stored there.

NOTE: If you never save passwords (login.keychain file is empty), simply delete this file after changing your network password. It will be recreated the next time you login, and will synch automatically with the new password.

B. To manually change the login keychain password:

Open Keychain Access from Applications Folder
Under Edit, choose Change password for Keychain Login
Enter old password (A)
Enter new network password (B)
Confirm new password (C)
Click ok (D)

Locking a Macintosh Screen

rrichar2 — Wed, 31 Aug 2011 19:15:24 +0000

When you step away from your Macintosh, it is advisable to have the screen locked, so that the Mac prompts the next user for a password to show the desktop after a screensaver has been on, or after a sleep period. This assures user security to files and open programs.

A. To apply this locking process for Mac OSX:

Under the Apple to System Preferences
Click on Security
Set a master password
NOTE: This master password does not have to be the same as your network/e-mail password.
Also have a checkmark in Require password to wake this computer sleep or screen saver

You can click the lock symbol to prevent changes.