Computer Security
and Maintenance
Why isn’t this
automatic?
Charlie Smyth
Manager of System Services, Crop Sciences
csmyth@illinois.edu
Lago Papallacta, Ecuador
Presentation and additional materials on my website:
www.cropsci.uiuc.edu/csmyth/techsupport.html
What, me worry?
Well, yes, you do need to worry -It’s your responsibility
Virus Protection and Regular Updates Required
• Campus IT policies require Virus protection, regular system and software updates, strong
passwords, and avoidance of peer to peer software and malware including spyware
(http://www.cio.illinois.edu/policies/index.html).
• McAfee VirusScan license/software is available free and includes personally owned
machines (download from CITES Webstore http://webstore.illinois.edu).
• CITES has AV for Mac which is quite good (Sophos) for a small charge.
• All operating systems have regular update services for bugs and security issues such as
Microsoft Update, Apple Software Update, and Linux updaters such as Redhat Up2Date
or yum (at least monthly and often automatic).
• Major software packages now include update procedures as well, some of them
“automatic” while most are “manual”
And here’s what you are trying to avoid:
•
Cookies and Spyware
•
Trojans/Keyloggers, “Malware” in general
•
Phishing and other social engineering scams
•
Vulnerabilities from outdated software
•
Pop-up Windows and compromised web sites
…. Warning: parts of this will be a live demo
PHISHING
Got this example today:
-----Original Message----From: ad.uiuc.edu support [mailto:netid@ad.uiuc.edu]
Sent: Tuesday, May 04, 2010 1:45 PM
To: Anyuser, Firstname Middlename
Subject: setting for your mailbox netid@ad.uiuc.edu are changed
SMTP and POP3 servers for netid@ad.uiuc.edu mailbox are changed.
Please carefully read the attached instructions before updating
settings.
http://groups.google.com/group/mailsv3/web/setup.zip
Check your Update Settings
• We recommend checking/updating virus “dat” files every 2 or
3 hours (change the default setting).
• Watch for changes in engine (automatic), patches, and
versions. Please do what Email announcements suggest.
• Microsoft Update site checks daily (default is 3am) though has
a standard 2nd Tuesday of the month update cycle and will
include MS software such as Office.
• Apple OS/X checks for updates daily, weekly, or monthly
(preferences) and includes a variety of patches to both the
operating system, Safari, ITunes, QuickTime, but not necessarily
other software. MS Office has separate automation and Adobe
is manual.
Safer Web Surfing
• Quit using Internet Explorer 6 or 7 – vulnerable
• Use Internet Explorer 8 only on very trusted sites (UI etc.)
and use with all the security features turned on.
• IE 8 may now be the most secure out there
• Google Chrome – a very interesting addition to the browser
wars, Flash is an issue, may have serious vulnerabilities
• Opera 9x (has a nice mobile app)
• Always make sure you have the latest Adobe Flash player
• Use Firefox 3.x with extensions:
Adblock Plus with filterset, NoScript, McAfee Site Advisor, Web of Trust,
GoogleCustomizer, and Location Bar
• Use a non-admin account
General Upgrade and Check
• Move from Windows Update to Microsoft Update. Go to
http://www.microsoft.com/updates
• Run the link and make sure that Office products get updated
There are several steps including a “Genuine
Validation” tool procedure that you have to grind
through to get this installed but it’s worth it.
• Verify that Mac OS/X is updating, set to daily, and that virus
software is functional and updating.
• Update software packages regularly – this is a major source of
virus/Trojan infection (see resources given below)
Microsoft Windows Issues
• All Windows platforms generate a preponderance of temp
files that are not deleted.
• Files are fragmented on various disk drive devices.
• Windows Registry gets bloated and corrupted.
• Solution: Use CCleaner at least monthly if not weekly
Demo settings and use…
http://www.ccleanerbeginnersguide.com/
This replaces “EmptyTempFiles”
and then run a defragging program
See “Degunking” steps below
Additional Demos
• McAfee VScan 8.7 settings
• Spybot and Malwarebytes
• MS Chkdsk and OS/X Disk Utility (Verify)
• Device Drivers and software updates – Secunia PSI
• Other Updaters (Adobe, Apple, Java, Logitech, Lenovo)
• Advanced issues such as “degunking” by killing start up
processes
Check Anti-Virus Status
OK! /Degunk
1.
2.
3.
4.
5.
6.
7.
8.
Install/Run CCleaner
Run Chkdsk (/F)
Defrag
Update to current AV levels
if necessary
Update OS as appropriate
Install/Run MalwareBytes
Install/Run Spybot
Update/upgrade remaining
software (use checklist/PSI)
Hosed!
Check Anti-Virus Status
Hosed!
1. Get bootable Anti-Virus CD, boot computer from it and
run AV software. Hope it cleans up any issues
2. Boot to safe mode and run MSConfig and turn off all
startup items (MSconfig is a command line utility that lets
you control startup)
3. Restart computer and install/run Malwarebytes followed
by CCleaner and the defragmentation procedure
4. Run MSConfig again and activate all appropriate startup
software; reboot
5. Install latest AV software with patches and updates; run
complete scan
6. Perform remaining standard update steps (Previous Slide)
Where to Go?
• Microsoft Security Information
• Firefox Extensions: PC Magazine
Ziff-Davis media has lots of stuff
•
•
•
•
Antivirus Websites: McAfee.com
My web page: www.cropsci.illinois.edu/csmyth
CITES Security: www.cites.illinois.edu/security
Campus Network info: status.illinois.edu