Title: Free Tools for Safe Computing
1Free Tools for Safe Computing
D R A F T
- Ed Greenberg
- ASU College of Nursing
- Updated September 24, 2003
2CONTENTS
- A number of software tools and techniques to help
make your computing safer and less aggravating
are available free of charge to members of the
ASU community.
- Windows System Updates
- Handling E-mail Attachments
- Anti-Virus Software
- Spam Filtering
- VPN (Virtual Private Network) Client
- Personal Firewall
- Spyware Detection and Removal
- Secure Shell Telnet
3Windows System Updates
PRODUCT Microsoft Windows Update
PROVIDER Microsoft Corporation
WEB http//v4.windowsupdate.microsoft.com/en/def
ault.asp NOTES Ensures that your copy of Windows
XP (in this example) is up-to-date and contains
all the latest security and bug fixes.It is
essential that critical updates be applied as
soon as possible!Can be set to run
automatically or semi-automatically.
4Setting Windows Update options (Windows XP
example)
Right-click the My Computer icon and select
Properties.
Select update settings via The Automatic
Updates tab.
5Handling E-mail Attachments
- Many viruses, worms, and trojans are
transmitted over the Internet via attachments to
e-mail messages. - Malicious e-mail containing harmful attachments
can appear to have been sent from someone you
know, even when the e-mail has been sent from
someone else. (This is called address
spoofing.) - You should always be suspicious about downloading
e-mail attachments, even if the e-mail appears to
be from a trusted source.
6Anti-Virus Software
- PRODUCT NAI/McAfee VirusScan
- PROVIDER ASU Information Technology
- WEB http//www.asu.edu/it/fyi/comm/antivirus/vsin
dex.html - NOTES Protects your computer and the university
from the harmful effects of viruses. Virus
definitions must be updated regularly. VirusScan
can be configured automatically install
anti-virus updates on your computer. - ASU CON Information Systems has installed and
maintains VirusScan on all CON computers. Updates
are regularly applied by the CON network
administrator.
7Spam Filtering
- PRODUCT emma spam filtering service
- PROVIDER ASU Information Technology
- WEB https//webmail.asu.edu/emma
- NOTES Detects and quarantines spam before it is
delivered to your e-mail in-box.Mail is
screened for spam at the ASU Electronic Post
Office (EPO). Suspected spam is quarantined.
Mail judged to be legitimate is passed through to
your mailbox.Requires some monitoring of the
quarantine area to ensure that legitimate mail
isn't lost. Quarantined mail is deleted after 14
days.
8emma login screen
Log into emma with your ASURITE id and password.
9spam filtering settings
Spam filtering can be turned on for any of your
e-mail aliases.
10access list settings
You can black list addresses from which you
wish to have mail blocked.Mail from white-listed
addresses is passed through to your mailbox.
11spam quarantine area
This screen allows you review your quarantined
mail. You can choose to have selected items
delivered to your mailbox, or delete all
quarantined messages for each e-mail alias.
12recent message from emma
Recent e-mail worm attacks have created backlogs
at the EPO. This may result in delays in mail
delivery and/or some difficulty in accessing the
spam quarantine area.
13VPN (Virtual Private Network) client
- PRODUCT Check Point SecuRemote
- PROVIDER ASU Information Technology
- WEB http//www.asu.edu/it/fyi/comm/sw/serveracces
s/securemote.html - NOTES Secure/encrypted access to the ASU network
and administrative systems. Needed for login
access to selected ASU systems.Gary Smith has
prepared additional instructions for accessing
CON servers. See Additional Settings for
Connecting to College of Nursing Servers via
SecureRemote, distributed via e-mail on
8/15/03.A number of problems have been
encountered when attempting to install or use
SecuRemote. The CON Information Systems
Department is working with ASU Information
Technology to resolve these issues.
14SecuRemote Authentication (Login) Window
SecuRemote prompts you to enter your ASURITE ID
and password whenever you try to connect to a
secured service, e.g., HRMS, SIS, Advantage, or
the ASU Data Warehouse.
15Personal Firewall
- PRODUCT Kerio Personal Firewall
- PROVIDER ASU Information Technology
- WEB http//www.asu.edu/it/fyi/comm/sw/firewall/ke
rio.html - NOTES Allows users to protect personal computers
against hackers and unauthorized access.
Requires some "training" of the software when
it is first installed to selectively permit or
deny communication with other systems.
16Kerio Personal Firewall Status Window
This window displays all connections enabled
from/to your system.
17Kerio Personal Firewall Alert Window
Kerio Personal Firewall alerts you to incoming
and outgoing connection attempts to or from your
computer. This alert shows that the program
TINYINSTALLER.EXE on my computer has attempted to
connect to netblock-66-159-219-195.dslextreme.com,
port 80. Because I suspect that this program is
spyware, I deny the connection request.
18Kerio Personal Firewall Log Window
A log is maintained of attempted network accesses
to or from your computer.
19Kerio Personal Firewall Statistics
Statistics are compiled by Kerio. Note the large
number of blocked data packets.
20Spyware Detection and Removal
- PRODUCT Ad-aware
- PROVIDER Lavasoft
- WEB http//www.lavasoftusa.com
- NOTES "A program dedicated to scanning for and
removing advertising systems and
spyware.Spyware is programming that is put in
someone's computer to secretly gather information
about the user and relay it to advertisers or
other interested parties.Should be run
regularly, and spyware definitions need to be
updated periodically.
21Ad-aware startup screen
Press the Start button to begin.
22scan options
You can choose a scanning mode. I generally use
the default mode.
23summary of scan results
The scan found 24 objects, including 20 files and
4 system registry entries.
24detailed summary
The detailed list reveals several registry keys
and values and a number of rotten cookies.
25selecting objects for deletion
In this case, I selected all objects and deleted
them by clicking the Next button.
26warning pop-up
Youre given one last chance to change your mind
about deleting objects.
27Spyware Detection and Removal
- PRODUCT Spybot Search Destroy
- PROVIDER PepiMK Software
- WEB http//www.safer-networking.org
- NOTES Spyware detection and removal. Should be
run regularly, and spyware definitions need to be
updated periodically.Optionally, Spybot can
immunize your system against spyware downloads
(recommended). I suggest that both
anti-spyware products, Ad-aware and Spybot Search
Destroy, be installed, updated, and run on a
regular basis.
28Spybot startup screen
The startup screen gives you the choice of
scanning your system for problems,undoing recent
changes, or searching for updates to spyware
definitions .
29Spybot scan results(after running Ad-aware!)
The Spybot scan found two problems, a tracking
cookie and a registry key,after a full scan
with Ad-aware. This is why I advise using both
Ad-aware andSpybot to scan your system for
spyware.
30list of problems fixed
After clicking Fix elected problems, the items
are quarantined and are grayed out in the log
screen.
31immunizing your system against spyware
To prevent spyware from being installed on your
system, click the Immunize button in the
Spybot toolbar, and then click the Immunize
button in the center of the screen. Its also
recommended that you install the bad download
blocker for Internet Explorer.
32Secure Shell Telnet
- PRODUCT SSH Client
- PROVIDER ASU Information Technology
- WEB http//www.asu.edu/it/fyi/comm/sw/serveracces
s/ssh.html - NOTES Provides for a secure telnet sessions with
encrypted usernames and passwords.Mainly used
for login access to ASUs Unix servers rarely
needed by CON personnel.
33secure telnet session
SSH Secure Shell enables secure terminal and file
transfer sessions over an insecure network
utilizing secure encryption.