[IS&T Security-FYI] Newsletter, February 22, 2008

Monique Yeaton myeaton at MIT.EDU
Fri Feb 22 13:17:06 EST 2008 

In this issue:

------------------------------------------------
10 Common Computer User Mistakes
------------------------------------------------

Technology may be changing at a lightning-fast pace, but one thing  
remains constant: users make mistakes with their computers.  
Sometimes, the mistakes are just slip-ups that could happen to anyone  
(ourselves included). But other times, an avalanche of issues is  
unleashed simply because a user didn't know any better. It may look  
like they've done something dumb, but if we haven't taught them  
better habits, we've done something even dumber.

To help your colleagues, students, friends, and family to understand  
what can lead to problems with their computers, share this list with  
them of what NOT to do:

1. Plug into the wall without surge protection.

A power outage or storm can interrupt the electrical circuit and can  
physically damage your computer and the data it holds. Even something  
as common as turning on an appliance that's plugged into the same  
circuit can cause a surge. Always use a surge protector. Some cheap  
surge protectors will only survive a single surge and may need to be  
replaced afterward. Ideally, use a UPS (Uninterruptible Power Supply)  
which has a battery that keeps power flowing, giving you time to  
safely shut your computer down.

2. Surf the Internet without a firewall.

Not having a firewall puts you at risk for viruses and attackers. All  
computers have built in firewalls that come with the operating  
system. Make sure it's turned on and properly configured. To learn  
more about desktop firewalls:
<http://web.mit.edu/ist/topics/security/firewall.html>

3. Neglect to run or update anti-virus and anti-spyware programs.

These programs can seem like a hassle to use, but they do work and  
will work even better if updated with the latest virus definitions.  
The malware that AV software detects, such as Trojans, worms,  
viruses, can not only wreak havoc on your system, but can spread via  
your computer to the rest of the network. Spyware can collect  
information from your system without you knowing. VirusScan, the AV  
software MIT recommends and provides free of charge, has anti-spyware  
functionality integrated. To learn more:
<http://web.mit.edu/ist/topics/virus/>

4. Install and uninstall lots of programs, especially betas.

The more programs you install, the more likely you are to run across  
ones that either include malicious code or that are poorly written  
and cause your system to behave improperly or crash. Even if you  
install only licensed, final-release commercial software, too many  
installations can cause your system to slow down over time because  
removing them does not always remove all remnants of their code.

5. Keep disks full and fragmented.

One of the results of installing and uninstalling lots of programs is  
that it fragments your hard disk. Over time, saving and removing  
files from your computer can cause data to be saved over various  
"clusters" on the disk, making it harder and harder for the computer  
to retrieve information for a file. It will slow down the program you  
use to open that file and generally slow down your computer. To fix  
this, you can use the disk defragmenter built into your operating  
system. If your disk is too full, you can use a disk cleanup tool to  
delete rarely used files and clear space on your disk.

6. Open all attachments.

It is tempting to open all attachments received in emails, but some  
can contain viruses. Those that run code, with extensions  
like .exe, .cmd, and others are extremely dangerous. Other files can  
contain embedded macros, like .doc or .xls files. Even plain text or  
graphic files (.txt, .gif, .jpg, .bmp) are not safe anymore because  
file extensions can be spoofed (faked). Only open attachments when  
they're from a trusted source or when you're expecting them.

7. Click on everything.

Clicking on links in emails and on Web pages can take you to Web  
sites that have embedded ActiveX controls or scripts that can perform  
malicious activities. Additionally, these links can take you to  
inappropriate content such as pornography, pirated music or software,  
or get you in trouble if you're using a computer at work. Think  
before you click a link. Also make sure the URL (web address) hasn't  
been spoofed. You can often find out the real URL by hovering over  
the link without clicking it.

8. Share and share alike.

It's nice to share but when you're on the network, sharing can expose  
you to dangers. One way to make sure you aren't sharing the files on  
your computer inadvertently with the world, turn off file and printer  
sharing**. This is especially a good idea if you're connecting your  
laptop to a public wireless hotspot. Also ensure that your account  
and the local administrative account have strong passwords (see weak  
passwords below). One other risk to sharing is copyright  
infringement. To learn more about copyright and safe file sharing:
<http://web.mit.edu/ist/topics/security/copyright/index.html>

9. Pick weak passwords.

Passwords protect access to information and administrative controls  
on a computer. If stolen or guessed, accounts can be compromised and  
computers can be taken over by a hacker. To learn more about choosing  
a strong password:
<http://web.mit.edu/ist/topics/network/passwords.html>

10. Ignore the need for a backup and recovery plan.

Even if all the above suggestions are followed, an attacker may still  
crash your system or your data may be corrupted or wiped out by a  
hardware problem. Or maybe your computer was lost, stolen, or  
destroyed in a fire or other catastrophe. This is why it is essential  
that you always back up your important information and have a plan  
for recovering from a system failure. Using a backup program with  
scheduled backups, like TSM, stores your data on a network server  
away from the computer itself. The data is the most important thing  
on your computer. The operating system can be reinstalled and so can  
applications, but it may be difficult or impossible to recreate your  
original data. To learn more about TSM and backing up:
<http://web.mit.edu/ist/topics/security/backup.html>

[Source of this article: TechRepublic.com]

*Here's how to turn off file sharing: In Windows 98 or ME, open the  
Network applet from the Control Panel, click on the File and Printer  
Sharing button, and uncheck both. Windows 2000 or XP users should  
right-click on Network Neighborhood and choose Properties. Find the  
network card (labeled Local Area Connection by default), right-click  
on it, and select Properties. Uncheck File and Printer Sharing for  
Microsoft Networks. Repeat for additional network adapters. On Apple  
computers, go to your System Preferences, select "Sharing" under  
"Internet & Network" and under the "Services" tab make sure the  
message says "Personal File Sharing Off" (default setting). If  
sharing only certain services, click them on in the list.

If you have questions or need more information on securing your  
computer at MIT, contact the Help Desk at computing-help at mit.edu.


=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

More information about the ist-security-fyi mailing list