Virus.unh.edu - The University of New Hampshire's Security Resource

Windows/Office Updates | back to top | print the following article Click here to print this article. Please note this will open a new window

Windows Update is the online extension of Windows that helps you to keep your computer up-to-date. Use Windows Update to choose updates for your computer's operating system, software, and hardware. New content is added to the site regularly, so you can always get the most recent updates and fixes to protect your computer and keep it running smoothly.

UNH Telecommunications provides a number of system-wide safeguards to prevent against many types of attacks. Incomplete or out-dated Windows Updates leaves your computer vulnerable to infection despite those efforts. With only a few unprotected computers connected to the UNH network, an infection can spread with alarming speed resulting in loss of information, slow connection speeds and eventual loss of all internet connectivity.

For instructions on how to run and configure Windows and Office Updates, click here.

Apple Updates | back to top | print the following article Click here to print this article. Please note this will open a new window

Security and operating system updates help shield your computer from vulnerabilities, viruses, worms, and other threats as they are discovered. Mac OS X has a Software Updates feature (Apple Updates) built into the system that you can use to download the latest security updates automatically on a schedule you choose.

While many people believe that they are safe simply because they are using a Mac, there are a host of browser and application updates that, not applied, greatly increase their risk.

For instructions on how to run and configure MAC Software Updates, click here.

Personal Firewalls | back to top | print the following article Click here to print this article. Please note this will open a new window

With the rise of worms like Nachi and Blaster and the release of the myriad of critical holes in generic Windows services, personal firewall protection has become an even more useful tool. There are a number of good, free personal firewall programs (most with for-cost improved versions.) Several commercial personal firewall programs are also very good. However, very often these programs can be confusing to the casual computer user, and some require “training” so as to learn what your computer considers normal vs malicious traffic.

It should also be noted that Windows 2000 and beyond has at least rudimentary personal firewall capacity built into the operating system. Mac OS X also has built in firewalling capabilities.

Please note that there are no personal firewall products currently on the supported products list. To view a list of suggested products, click here.

Browser Security | back to top | print the following article Click here to print this article. Please note this will open a new window

Along with Windows updates, it is important the you keep your Browser fully patched and current. If your browser has security holes in it, certain siteson the Internet that contain malicious code may be able to exploit these hles and deliver other harmful content to your computer. If you are running Microsoft Internet Explorer, it is a very easy process to obtain and install the necessary patches. Simply run windows updates and you will get them.

For instructions on how to run and configure Windows Updates, click here.

For any other browser out there, whether it be Netscape, Mozilla, Safari, Opera, or something else, keeping up with patches is just as important. Sometimes, in order to do this, you must upgrade your software to the newest version available. Please check with the manufacturer of your browser for more information on how to update your software.

Adware / Spyware | back to top | print the following article Click here to print this article. Please note this will open a new window

Today, probably without your knowledge or consent, your personal information is up for sale. This includes your name, address, date of birth, social security number, financial information, medical information, and buying habits. Spyware (also known as foistware and malware) is enabling the quiet exchange of data between your computer and anything else it connects to on the Internet, and it is a hot topic. Privacy advocates are up in arms, questioning the ethics and legalities of the current advertising and marketing practices. The majority of today's computer users are unaware that their activity on the Internet is not anonymous, that companies are violating their privacy with a variety of activity monitoring products and then selling their personal information; unless the general public wishes to see lifestyle profiling become a norm, education regarding the existence, detection, and removal of these invasive products is needed, along with a strong vocalization of consumer expectations of privacy in cyberspace.

There are many labels to describe spyware, including adware, scumware, drug dealer ware, Trojans, cookies, web bugs, and key logging. The terms adware and spyware are used interchangeably, although the term spyware has grown to encompass additional software and hardware products. Each of these 1000+/- products has its own unique characteristics and methods for spying on a computer user.

Spyware is a generic term and generally refers to any technology whose purpose is to collect personal information without the knowledge or consent of the user. There are three primary reasons that spyware exists: to gather marketing data, to hack, and to monitor people.

To view a list of suggested products, click here.

SpyWare - Detection
Along with an awareness of the variety of types of spyware products, users need to be able to recognize the computer symptoms that result from infections, as well as be familiar with the better known culprits-the hidden demons that are eavesdropping without the users' knowledge or consent. Computers that have spyware running typically exhibit any of the following symptoms:

browser crashes
computer instability
high CPU utilization
unexplained freezing
slowness
slow boot time
"blue screen of death"
illegal operation errors
signature lines change
pop-up/under advertisements appear when the user is online and offline
default homepage of the browser changes

SpyWare - Removal
An awareness of adware is not enough to protect a user-proactive steps must be taken. The first step is to check the current computer configuration to discover if any adware products are installed. Many utilities are available to counter the marketing, hacking, and monitoring activities but one product that is highly pushed and repeatedly recommended is Ad-Aware (http://www.lavasoftusa.com).

Ad-Aware is currently being supported on a temporary basis as an "anti-spyware" program. It can delete spyware and scumware that is added onto PCs during the installation of popular software products (some of which include Kazaa, Morpheus, etc.). These spyware programs interfere with a users ability to use Blackboard, WebMail and several other commonly used university software programs. Download is available at http://download.com.com/3000-2094-10045910.html.

The next step in eliminating spyware should be to delete all unnecessary cookies. Cookies can readily be located by performing a search on the hard drive, allowing a user to examine and delete them individually. Cookies always have a .txt extension and typically are 1KB or 2KB in size. They usually reside in a specific folder, and can be identified by the URL following the user's login name (example: username@www.kazaa[1].txt). Some cookies are required in order to access legitimate resources (i.e. Outlook Web Access, flight reservation information, online purchases, etc.) but the vast majorityis third-party installed to gather information about the user.

For more information regarding cookies and their proper removal, Microsoft has an excellent knowledge-base document:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;q278835&

SpyWare - Prevention
There are additional measures that an individual can implement to ensure privacy while on the Internet.

Users download and install applications with such confidence and trust that End User License Agreements, which contain statements in the "terms of use" about "ad-supported" software, are bypassed without a second glance. Users need to read the EULA in full in order to make an educated decision about downloading software.

Don't install new software without knowing how it behaves and how it treats your privacy. Before downloading or installing any software, search a spyware database on the name of the software or the compnay that makes it. Spychecker (http://www.spychecker.com) and TomCat Internet Solutions (http://www.tom-cat.com) are two companies that offer searchable databases of spyware products.

Maintaining up-to-date virus protection, configured to scan all downloads and e-mail attachments, is crucial to preventing infection and is an effective Trojan blocker. The current Virusscan software as well as current virus alerts can be found at this site.

A user should never respond to spam by using the "click here to unsubscribe" or "follow this link for removal from list" as this verifies that the spam was delivered to a valid e-mail address; users should delete spam without responding.

When completing online registrations or such, the optional fields should not be completed-only the 'required' ones.

A user should also turn off peer-to-peer file sharing on a computer if it is not needed.

SpyWare - Knowledge
Individuals need to be educated in order to make an informed decision about their privacy in cyberspace. Advertising-supported software is a viable business model which allows often struggling software developers to make money without requiring the end user to pay for the software. Spyware is not an illegal type of software. Companies disclose the nature of the information being collected and transmitted in their privacy statements. They count on the ignorance of consumer's to "agree" to the veiled language in the EULA, which gives them carte blanche to bundle spyware.

However, web bugs deceive both consumers and webmasters, without informing or obtaining the consent of either. Unfavorable press and attention from informed consumers does have an impact. Many companies are rewriting their privacy statements; others are changing their spyware practices to not distribute or to decrease the amount of spyware being distributed. Host companies are beginning to put the brakes on allowing this software to be distributed with their products. Sites such as Google are publishing statements that they do not allow pop-up ads of any kind, along with reasons that it may happen and a link to the Federal Trade Commission to file a complaint (No pop-up). The creator of an add-on program for AOL Time Warner's Instant Messenger recently agreed to remove a statistic gathering code that is embedded in AIM+ (Lemos).

Consumers drive the economy-their opinions and actions carry tremendous weight. It is crucial that the general public becomes knowledgeable about spyware and gains a clear understanding of the impact it may have in the future. There is a plethora of information available on the Internet, including guidelines on how to protect ones privacy, mechanisms to submit suspected spyware for analysis, and templates of letters to both spyware companies and the FTC. Web sites and discussion groups dedicated to debating these issues flourish, not just in this country but across the globe.

Users and Passwords | back to top | print the following article Click here to print this article. Please note this will open a new window

One area of computer security that is often overlooked is that of usernames and passwords. Typically, people like to make all of their passwords the same, set their computer to login automatically, or even set the password to be nothing at all. All of these are very dangerous habits to fall into, especially if you ar enot the only one who has access to your computer. Below you will find some helpful information about what you should be doing to keep your usernames and passwords secure.

Change Local Administrator Password - This is a special account that has the ability to control anything on the computer. It is strongly recommended that you change the password on this account immediately to prevent possible data loss and to prevent others from gaining unwanted access to your computer. Do not EVER forget this password. If you do, you risk losing all the information on your computer!

» click here for instructions

Up2Date Utility | back to top | print the following article

University of New Hampshire has a service to help campus clients protect desktop computers from viruses, and to facilitate communication with computer owners. This service is comprised of two integral programs:

Ecora Patch Manager is a free Windows patch updating service to which campus clients can subscribe. This is a “push” technology that updates computers in a pro-active way, as opposed to the “pull” technology available from Microsoft’s web site, which waits for you to reach out for updates. Ecora is managed by UNH employees. Click here for more information.

Note: The Ecora service is only equipped to "push" Windows Updates automatically to on-campus faculty and staff computers. Students may subscribe for the service and will receive e-mail notification when Windows Updates are available.

ePO (e-Policy Orchestrator) is an optional, free virus protection update service that, like Ecora Patch Manager, pushes virus protection updates to computers of clients who have VirusScan installed. ePO provides the same type of advantage as Ecora Patch Manager, when compared to the currently available mechanism for downloading virus protection updates in a passive manner. Click here for more information.

By signing up for the Up2date Service you will receive both of these programs providing the utmost protection possible to campus clients. In addition, if you subscribe to the Up2date Service and keep the updates current, you will not be charged the $30 per hour fee (one hour minimum) to have your computer cleaned at the Computer Service Center.

Click here for Frequently Asked Questions (FAQ) for the Up2date Service.

Click here to signup for the Up2date Service (both ePO and Ecora) and download the up2date agent.

VPN (Virtual Private Network) | back to top | print the following article Click here to print this article. Please note this will open a new window

VPN (Virtual Private Network) is a method of creating an encrypted tunnel for your network communications between a client machine and a remote network. In essence what this means is you can make your machine at home behave as if it were on the UNH network. All of your traffic between your machine and UNH is encrypted so it is as safe as can reasonably be expected.

Any maintenance that needs to be done which will impact service will be scheduled for 8-12 am. Service blackouts may occur during those hours. That does not include emergency maintenance. This is for systems used for external access to campus resources. Internal & Financial VPN system maintenance will be done during off hours whenever possible.

There are a group of servers that run the VPN system for the University community. Below is a list of each of these servers along with what function they perform:

Wolfe & Otis - are the public servers for off campus access.
Goodwin - is the Telecommunications server.
Fashalt & Longren - are the servers for the SafeNet network for internal(to USNH) access.
Panzer & Heydecker - are the servers for the SafeNet network for external(to USNH) access.
Stebbins & Cramer - are the administrative servers for the SafeNet network.
Brenner - is the ZS3 network server.
Durkin - is the public server for access from the Wireless LAN. (Durham Wireless, Manchester users should use Wolfe & Otis.)
Cather - is the InfoEd server.
Krasicki - Public server for students.
Horstmann - Public student server for access from the Wireless LAN. (Durham Wireless, Manchester students should use Krasicki.)

In the currently available VPN client (downloadable below) there exist 10 separate profiles. By choosing the one that is appropriate to you, all other configuration is automated. Those profiles are:

01-Public VPN - Use this if you are simply looking for access to the UNH campus network.
02-Public VPN - Wireless LAN – Choose this when using a wireless Ethernet device. (UNHM wireless faculty and staff users should use Profile #0 1)
03-SafeNET VPN - On USNH CAMPUSES - If you need to access the SafeNet network from on a USNH campus, select this. Only traffic destined for the SafeNet network will be routed through the VPN.
04- SafeNET VPN - Off USNH CAMPUSES – If you need to access the SafeNet network remotely, or need to access UNH campus resources, but are a SafeNet account, select this option. All traffic will be routed through the VPN.
05-SafeNet ADMIN VPN - For administrators of systems on the network only.
06-Telecommunications VPN - Is for access to the telecommunications (Staff 5) subnet.
07-InfoEd VPN - Use this to access to the InfoEd network.
08-Student Public - Remote access for students. (UNHM wireless student users should use Profile #09)
09-Student Wireless LAN - Full service, secure access for students from the wireless network.

Virtual Private Networking at the University of New Hampshire is entering its production phase. At present, funding has been allocated to start this project. However, it should be noted that our ability to maintain VPN access as a free service is contingent on our funding situation. Should the projects "free" status need to be changed, we will make notifications. In addition, Macintosh users will need to purchase client software. The only software we have been able to verify will function is Tunnelbuilder.

The VPN servers are authenticating against the AD active directory on campus. So unless otherwise told, use your AD credentials to authenticate. Also, if you have an existing Exchange account, you can use those credentials as well. If you have neither, you can request an AD account through the Help Desk by calling ext. 2-4242.