Mcafee

Securing Your Computer

This section provides information about all the software and instruction necessary to comply with the Desktop and Portable Computer Standard. The software on this page is intended for use by students, faculty, and staff at RIT. Inexperienced/non-technical users may want to check out our Digital Self Defense 101 Workshop, which explains the dangers of the Internet and RIT security requirements in greater detail.

Note: You do not have to use the specific software listed on this page. However, you must meet the requirements of the Desktop and Portable Computer Standard for your computer.

Anti-Virus

RIT has licensed McAfee VirusScan software (available on the ITS Security & Virus Protection website) for use by students, faculty, and staff on personally-owned computers. RIT-owned Windows computers will receive McAfee HIPS (Host Intrusion Prevention Software).

It is not necessary to use this particular anti-virus; if you prefer, you may use any of the following products.

Product	License	Company
ClamAV (Linux)	Free for personal use	Open Source
ClamXAV2 (Mac)	Free for personal use	Open Source
Norton Anti-Virus	One year paid subscription	Symantec
Trend Micro Anti-Virus	One year paid subscription	Trend Micro
avast! Anti-Virus	Free for personal use	ALWIL Software
AVG Anti-Virus	Free for personal use	Grisoft

Anti-Spyware

Spyware is very difficult to detect. Unlike anti-virus software, it may be preferable to run multiple spyware programs.

The License for Spybot Search & Destroy (available on the ITS Security & Virus Protection website) is free for use by faculty, staff, and students on both Institute-owned and personal computers. Be wary of other anti-spyware products - many products advertised actually contain spyware themselves! Additional spy-ware products we recommend can be found below.

Product	License	Company
SpywareBlaster	Free for personal and educational use	Brightfort
Microsoft Security Essentials	Free for personal use on Vista and Windows 7	Microsoft
MacScan	Free (for Mac computers ONLY)	SecureMac

Firewalls

Windows 7, Vista, XP, and Mac OS X all come with built-in firewalls; Resnet provides instructions on how to configure these built-in firewalls. If you do not want to use this firewall, RIT recommends the basic ZoneAlarm free firewall for Windows users Other firewall options may be provided by your Internet Service Provider.

Patching/Updating

Regardless of what operating system you run, it must be up-to-date on all security patches; the easiest way to do this is to turn on the automatic update feature. Learn how to enable automatic updates for Windows and keep your Mac up-to-date automatically.

Users of other operating systems such as Linux, Unix, etc., are also required to keep their operating systems up-to-date on security patches.

Software Applications must also be kept up-to-date. This can usually be done from within the program itself or through the vendor's website; some programs have an automatic update feature. Use the links below to find updates for Microsoft, Apple, and Adobe software.

ISO-Approved Private Information Management Software

Identify Finder (Windows, Mac)
Cornell Spider (Linux only)

Tags:

Online Safety

Everyone connected to the Internet is a potential target. Use of anti-virus, anti-spyware, and firewall software is critical in protecting your computer online; however, simply protecting your computer is not enough.

Web Browsers

Cyber criminals often target vulnerabilities in web browsers. Because Internet Explorer is the web browser used by most people, it has become a primary target. Using a different browser can reduce your risk while on the web. The table below lists alternative browsers:

Browser

Operating System

License

Firefox

Mac, Windows, Linux

Free (open source)

Chrome

Mac, Windows, Linux

Free

Opera

Mac, Windows, Linux

Free

Safari

Mac OS X

Free

Update Regularly

It is important to keep your browser up-to-date on security patches. This can typically be done from within the browser, or directly from the vendor’s website. Check for updates at least monthly.

Note: If you use Internet Explorer with RIT Oracle Applications, you may not be able to use the newest versions of Internet Explorer are not certified for compatibility with Oracle at this time.

Use Limited Account Privileges

Limiting account privileges provides simple but effective protection when working online. Limited accounts allow you to do most daily activities but do not allow you to install software (only accounts with administrative privileges can install software on the computer).

Many attacks take advantage of administrative privileges to install malware on your computer. If you're using a limited account, attackers and malicious websites will not be able to install malware.

Smart Social Networking

Social media is great. Unfortunately, computer criminals think so too! They use these sites to distribute viruses and malware, to find private information people have posted publicly, and to find targets for phishing/social engineering schemes.

Protecting Your Information - Safe Practices

Keeping your information out of the wrong hands can be fairly easy if you adopt a cautious attitude. Here are some tips to make sure your private information stays private.

Don't post personal information online

Use built-in privacy settings

Be wary of others

Search for yourself

What Happens on the Web, Stays on the Web

Before posting anything online, remember the maxim "what happens on the web, stays on the web." Information on the Internet is public and available for anyone to see, and security is never perfect. With browser caching and server backups, there is a good chance that what you post will circulate on the web for years to come. So be safe and think twice about anything you post online.

Find out more about how information security affects you by becoming a Fan of the RIT Information Security Facebook page. Follow us on Twitter for updates on current security threats.

Smart Online Banking/Shopping Safely

Follow these tips and look for posts on our blog about identity theft, online banking, and scams.

Use a Secure Computer

Reseach the Company/Website

Research the Product/Service

Use Strong Passwords

Make Sure the Website Uses Encryption

Use a Secure Payment Method

Monitor Your Accounts

Tags:

Host Intrusion Prevention (RIT-owned/leased computers only)

Note: This requirement applies only to RIT-owned and leased computers. There is currently no requirement for personally-owned machines to run host intrusion prevention.

Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.

The following products have all been tested by the Information Security Office and approved for use on RIT-owned/leased computers.

Recommended Host-based Intrusion Prevention Software

Server

Program	Description
OSSEC	Open source intrusion detection (multiple platforms) (ISO-tested). Active protection feature must be enabled.
McAfee HIPS	Desktop and server intrusion prevention (Windows) (ISO-tested)
Bit9	Application whitelisting (Windows) (non ISO-tested)
Cimcor	Protects against unauthorized changes (Server and Network) (non ISO-tested)
Tripwire (commercial version)	Configuration assessment and change auditing (Desktops and Servers; VMware coming) (non ISO-tested)

Desktop

Program	Description
OSSEC	Open source intrusion detection (multiple platforms) (ISO-tested). Active protection feature must be enabled.
McAfee HIPS	Desktop intrusion prevention (Windows) (ISO-tested)
Comodo	Internet Security Suite (ISO-tested)
Online Armor - Tall - Emu	Firewall (ISO-tested)

E-mail us at infosec@rit.edu if you have any questions or suggestions.

Tags:

Phishing

Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending spoofed e-mails that appear to be from reputable companies. Phishing e-mails provide a link to a seemingly authentic page where you can login and reveal your username, password and other personal identifying information (PII)." Online scammers can then use this information to access your accounts, gather additional private information about you, and make purchases or apply for credit in your name.

General protection against phishing scams

Safe practices

NEVER RESPOND TO A REQUEST FOR YOUR PASSWORD sent by e-mail, even if the request appears legitimate. RIT will NEVER ask for your password through e-mail.
Do not provide identity information, including credit card numbers, when you receive an unsolicited e-mail or phone call.
Do not open attachments in unexpected or suspicious e-mails or instant messages.
Do not click anywhere on the e-mail—even in what may appear to be white space.
Delete the e-mail or instant message.
If the e-mail or instant message provides a link to a site where you are requested to enter personal information, it may be a phish. The real link may also be masked. Move your mouse over the link and it may show a different address than the one displayed in the e-mail.
Be selective in what sites you provide with your RIT e-mail address.

Technical solutions

Use a limited or non-administrator account when opening e-mail and browsing the Internet. A limited account will help protect you against many malware attacks. Finance and Administration (and some RIT colleges) already protect their users by giving them limited accounts.
Add an anti-phishing toolbar to Internet Explorer or Firefox. Anti-phishing toolbars help detect and may block known phishing sites. ITS is providing McAfee anti-phishing tools to ePO-managed users.

Spear Phishing

Spear phishing targets a specific person or group of people (usually within a specific organization or government agency). Spear phishing e-mails are tailored to match internal communications at the target organization and may even include personal details.

Phishing in Instant Messaging

Although most phishing occurs through e-mails, fraudsters have begun using instant messaging to pose as government officials and trick people into revealing identity information.

Report a phish

Current Phishing Scams

Millersmiles.co.uk is an Internet community that archives phishing scams. Visit them to check if a particular e-mail or website has been reported by others, or report it yourself.

Phishing Guides

Take the SonicWall Phishing IQ Test to see how good you are at identifying phishy e-mails!

Anti-Phishing Tools

Internet Explorer 7.x and higher, Safari 3.2 and higher, and Mozilla Firefox 3.x and higher all provide some protection against phishing. E-mail clients such as Microsoft Outlook 2007 and Mozilla Thunderbird 2 also include anti-phishing features, such as disabling suspicious links and blocking pictures and attachments. As of August 1, 2009, all RIT-owned and leased computers must have some form of anti-phishing controls in place.

We recommend the following browser tools to help you identify suspicious websites:

The Netcraft Toolbar is a browser plug-in available for Firefox on Windows, Mac, and Linux. The toolbar helps stop phishing attempts by blocking known phishing sites and providing hosting information about the sites you visit.
The McAfee Site Advisor is a browser plug-in available for Internet Explorer and Firefox. Site Advisor warns you of websites known to have malicious downloads or links by checking them against a database at McAfee.

Note: You should not install this version of McAfee Site Advisor on any RIT-owned computer currently running McAfee ePO. More information can be found here.

Tags: