Presentation on theme: "Help! My Computer Is Driving Me Crazy! Dealing with spam, popup boxes, computer viruses, spyware, and adware Mark Branom 650.725.1717"— Presentation transcript:
Help! My Computer Is Driving Me Crazy! Dealing with spam, popup boxes, computer viruses, spyware, and adware Mark Branom 650.725.1717 firstname.lastname@example.org May 24, 2005
Topics Computer Security Protecting Against Computer Viruses Dealing with Spam Dealing with Pop-up Ads and Banners Dealing with Spyware / Adware / WebBugs (Malware)
Computer Security Computer security tips and mandates for Stanford can be found at: http://securecomputing.stanford.edu Make sure your password/passphrase is easy to remember but hard for others to guess. Some suggestions for good ones are at: http://unixdocs.stanford.edu/passwords.html Stanford primarily uses host-based security to protect the University network and computing systems. This means that every computer and system connected to the network needs to be protected against hackers and viruses. Make sure your computer is patched against security holes. Download and install the BigFix Patch Management Software: http://www.stanford.edu/services/bigfix/ You can also update your computer manually Windows users go to http://windowsupdate.microsoft.com Mac users go to http://www.apple.com/support/downloads
Computer Security: Encrypting Passwords Always use PC-Leland, MacLeland, SSL (Secure Socket Layers), or SSH (Secure SHell) whenever you send your password across the network. These tools encrypt your password and will help prevent its theft. You can get PC-Leland, MacLeland, SecureCRT, and SecureFX from the Essential Stanford Software website: http://ess.stanford.edu
Note: This is particularly a problem for wireless network connections! -- TCP/IP LOG -- TM: Mon Sep 6 00:01:16 -- PATH: elaine1.Stanford.EDU=> elaine2.stanford.edu DATA:(255)(253)^C(255)(251)^X(255)(251)^_(25 5)(251)!(255)(251)"(255)(251)'(255)(253)^E :VT100(255)(240)(255)(253)^A(255)^Amarkb : g(127) tGtBatU : logout password Computer Security: Sniffer log -- No encryption SUNet ID
TCP/IP LOG -- TM: Sun Sep 5 16:51:19 -- PATH: elaine1.Stanford.EDU=> elaine2.Stanford.EDU STAT: Sun Sep 5 16:51:26, 73 pkts, 128 bytes DATA: (255)(253)(159)(255)(251)^_(255)(253)^A(255)(253)^C( 255) (251)%(255)(251)&(255)(250)^_ :P:^X(255)(240)(255)(250)%:(255)(240)(255)(253)&(255)( 250)&^E(255)(240)(255)(250)&^A^A^B(255)(240) : Samson(255)(240)(255)(250)^X Computer Security: Sniffer Log of Same Transmission Using PC-Leland
Computer Security: Locking Your Computer When You Take a Break Windows Users 1) Log into PC-Leland 2) Click PC-Leland (or right-click PC-Leland) 3) Choose Lock PC Macintosh Users Require password to wake the computer from a screen saver: 1) Open System Preferences. 2) Click Security. 3) Check the box Require password to wake this computer from sleep or screen saver. 4) Close System Preferences. To have your screen saver turn on when you put your mouse in a particular corner of the screen: 1) Open System Preferences. 2) Click Desktop and Screen Saver. 3) Click Screen Saver. 4) Click Hot Corners… 5) Click the pull-down menu in the desired corner and select Start Screen Saver. 6) Click OK. 7) Close System Preferences.
Protecting Against Computer Viruses Most people already have anti-virus software on their computers. Symantec AntiVirus is available at no cost to Stanford users at the Essential Stanford Software page: http://ess.stanford.edu/ Your anti-virus program is only as good as the last time it was updated with the latest virus definitions. These are needed to identify and screen for the newest viruses. To update your virus definitions, run LiveUpdate. Set LiveUpdate to update the anti-virus definitions daily. Schedule at least weekly scans of your computer (daily is better). Instructions for installing Symantec AntiVirus, checking for new viruses, scheduling LiveUpdate, and scheduling scans of your computer are at: Windows Users: http://www.stanford.edu/dept/itss/ess/pc/docs/sav/index.html Mac Users: http://www.stanford.edu/dept/itss/ess/mac/docs/nav9/index.html
Spam Spam is any unsolicited email that you receive. Tips for preventing spam: Do not reply to spam! Some junkmail messages urge you to send an “unsubscribe” reply to get off their list. This is a common ploy for harvesting email addresses. Instead of getting off their lists, you’ll be added to others (your email address may even be sold to other direct marketers), and you’ll find yourself getting more spam than before. Don’t use complete email addresses on web pages or newsgroup postings. jdoe AT stanford DOT edu Contact John Doe
Dealing with Spam http://email.stanford.edu/antispam/ Anti-Spam Filter -- Identifies incoming spam and tags it If spam still makes it through, you can help improve the filters by sending the spam to. Spam Deletion Tool -- Catches and discards tagged spam messages before they enters your inbox. Email filtering -- If you configure your email program to shunt tagged spam headed for your inbox to a “trash” or “antispam” folder instead, spam can become manageable. Header before the filter identifies and tags spam: Subject: Get What You Want From: eDiets Motivation Header after: Subject: [SPAM:####] Get What You Want From: eDiets Motivation
Dealing with Pop Up Ads and Banners Banner ads have become universal as a form of advertising on the Web. These are usually narrow graphics, sometimes logos, sometimes animated signboards, about an inch and a half high and about 4 inches long. Pop Up ads are usually small windows that pop up either when a link or linked item is clicked, or by some automatic stimulus. Pop Up ads can appear either on top of or behind open browser windows. Pop Up and Banner Ad Blockers (warning -- these can cause trouble with some web-based applications such as Kronos or ReportMart): Webwasher (blocks both Pop Up and Banner ads): http://www.webwasher.com (Windows only) AdSubtract (blocks both Pop Up and Banner ads): http://www.adsubtract.com (Windows only) Google toolbar (blocks Pop Up ads): http://toolbar.google.com (Windows only) Safari (blocks Pop Up ads): http://www.apple.com/safari (Apple OS X only) Netscape 7 (blocks Pop Up ads): http://www.netscape.com (Mac/Windows) Firefox (blocks Pop Up ads): http://www.getfirefox.com (Mac/Windows)
Dealing with Spyware / Adware / WebBugs (Malware) Spyware Any technology or programming on your computer that covertly gathers information to sell to advertisers or to others. Spyware is installed without the user's consent (if you give consent for a company to collect your data this is no longer considered spying, so read online data disclosure statements carefully before consenting). Spyware can steal your privacy or even your identity. Adware Any software that contains advertisements. Some adware includes code that tracks user’s personal information and passes it onto third parties, thus making it spyware (see Web Bugs). WebBugs Web bugs are usually small, invisible graphics that are embedded in web pages and HTML email. They are used by advertisers to gather and track information about users and their activities on the Internet. Answers.com definition and example of Web Bugs: http://tinyurl.com/7xg5f Electronic Frontier Foundation’s definition and examples: http://www.eff.org/Privacy/Marketing/web_bug.html
How do you get spyware? Spyware applications can sneak onto your machine when you: open spam email (even by simply viewing it!) visit a website click a pop-up window use a file-sharing service (e.g., Kazaa, BearShare, Grokster, Gnutella) download "free" utilities, games, toolbars, media players, etc. The download process is often unannounced, so that you will remain unaware that your computer has accepted spyware -- a “drive-by download.” Some places you can pick up spyware: Gator ( http://www.gator.com ) will try to trick you into installing the spyware programs; if you say “no,” it asks “are you sure?” CometCursor ( http://www.cometcursor.com ) installs a cute cursor, but then tracks your computer information and sends it to the company. Connect2Party and TheDialer silently disconnect your modem, then reconnect using an international long-distance number or 900 number.
Symptoms That Spyware Is on Your Computer You have a modem and your phone bill includes expensive calls to 900 numbers you never made. Your browser’s default search tool changes unexpectedly to a search tool you’ve never seen before. Your anti-spyware or anti-virus software stops working. New items appear in your Favorites or Bookmarks. Your system runs slower than it used to. Pop up advertisements appear when your browser is not running. Your browser’s home page changes to something unwanted.
Avoiding Spyware Install and run anti-spyware applications. Remember that your anti-spyware application is only as good as its definitions, so keep them up to date! SpySweeper ( http://ess.stanford.edu ) Stanford University has a site license. SpyBot ( http://www.safer-networking.org ) Free, but the tool is developed and maintained by a single individual. Ad-Aware ( http://www.lavasoft.com ) Only legal to use on home machines; do not use it on work computers. Avoid peer-to-peer file sharing services (e.g., Kazaa, BearShare, Grokster, Gnutella). Do not open spam email. As mentioned before, web bugs can be embedded in contaminated HTML email, and if you open a contaminated email message, the bug is launched. It is not safe to open unsolicited email. Don’t install anything without understanding EXACTLY what it is. Read the end-user license agreement carefully. Browser settings can help protect your computer. In Internet Explorer, set the Internet Zone to at least Medium. Deny the browser permission to install ActiveX controls. Firewalls can also be used to help prevent hackers and other nefarious intruders from attacking your computer -- the firewall that comes with Windows XP SP2 is a good one.
Resources Stanford-licensed software at the Essential Stanford Software (ESS) site -- http://ess.stanford.edu Computer Security: Secure Computing at Stanford -- http://securecomputing.stanford.edu BigFix Tool -- http://www.stanford.edu/services/bigfix/ Good Passwords -- http://unixdocs.stanford.edu/passwords.html Windows OS Updates -- http://windowsupdate.microsoft.com Macintosh OS Updates -- http://www.apple.com/support/downloads Spam: Stanford’s Anti-Spam Website -- http://email.stanford.edu/antispam/ Spyware: Anti-Spyware Software: SpySweeper -- http://ess.stanford.edu Anti-Spyware Software: SpyBot -- http://www.safer-networking.org Anti-Spyware Software: Ad-Aware (home machines only) -- http://www.lavasoft.com Pop Up and Banner Ad Blockers: Webwasher (blocks both Pop Up and Banner ads) -- http://www.webwasher.com (Windows only) AdSubtract (blocks both Pop Up and Banner ads) -- http://www.adsubtract.com (Windows only) Google toolbar (blocks Pop Up ads) -- http://toolbar.google.com/ (Windows only) Safari (blocks Pop Up ads) -- http://www.apple.com/safari/ (Apple OS X only) Netscape 7 (blocks Pop Up ads) -- http://www.netscape.com (Mac/Windows) Spyware Software: SpySweeper -- http://ess.stanford.edu SpyBot -- http://www.safer-networking.org Ad-Aware -- http://www.lavasoft.com (only for home machines, not work computers)