McAfee

Securing Your Computer

Securing Your Computer

This section provides information about all the software and instruction necessary to comply with the Desktop and Portable Computer Standard. The software on this page is intended for use by students, faculty, and staff at RIT. Inexperienced/non-technical users may want to check out our Digital Self Defense 101 Workshop, which explains the dangers of the Internet and RIT security requirements in greater detail.

Note: You do not have to use the specific software listed on this page. However, you should meet the requirements of the Desktop and Portable Computer Standard for your computer

Anti-Virus

RIT has licensed McAfee VirusScan software (available on the ITS Security & Virus Protection website) for use by students, faculty, and staff on  personally-owned computers. RIT-owned Windows computers will receive McAfee HIPS (Host Intrusion Prevention Software).

It is not necessary to use this particular anti-virus; if you prefer, you may use any of the following products.

Product

License
Company

ClamAV (Linux)

Free for personal use

Open Source

ClamXAV2 (Mac)

Free for personal use

Open Source

Norton Anti-Virus

One year paid subscription

Symantec

Trend Micro Anti-Virus

One year paid subscription

Trend Micro

avast! Anti-Virus

Free for personal use

ALWIL Software

AVG Anti-Virus

Free for personal use

Grisoft

Anti-Spyware

This should already be built into current anti-virus software.  A separate program is not needed.

Firewalls

Windows 7, Vista, XP, and Mac OS X all come with built-in firewalls; Resnet provides instructions on how to configure these built-in firewalls. If you do not want to use this firewall, RIT recommends the basic ZoneAlarm free firewall for Windows users Other firewall options may be provided by your Internet Service Provider. 

Patching/Updating

Regardless of what operating system you run, it should be up-to-date on all security patches; the easiest way to do this is to turn on the automatic update feature. Learn how to enable automatic updates for Windows and keep your Mac up-to-date automatically

Users of other operating systems such as Linux, Unix, etc., are also required to keep their operating systems up-to-date on security patches.

Software Applications should also be kept up-to-date. This can usually be done from within the program itself or through the vendor's website; some programs have an automatic update feature. Use the links below to find updates for Microsoft, Apple, and Adobe software.

ISO-Approved Private Information Management Software

  • Identify Finder (Windows, Mac)
  • Cornell Spider (Linux only)

Online Safety

Online Safety

Everyone connected to the Internet is a potential target. Use of anti-virus and firewall software is critical in protecting your computer online; however, simply protecting your computer is not enough. 

Web Browsers

Cyber criminals often target vulnerabilities in web browsers. Because Internet Explorer is the web browser used by most people, it has become a primary target. Using a different browser can reduce your risk while on the web. The table below lists alternative browsers:

Browser

Operating System

License

Firefox

Mac, Windows, Linux

Free (open source)

Chrome

Mac, Windows, Linux

Free

Opera

Mac, Windows, Linux

Free

Safari

Mac OS X

Free

Configure Settings

Changing the default security settings can help protect you while browsing.  Learn more here.

Update Regularly

It is important to keep your browser up-to-date on security patches. This can typically be done from within the browser, or directly from the vendor’s website. Check for updates at least monthly.

Note: If you use Internet Explorer with RIT Oracle Applications, you may not be able to use the newest versions of Internet Explorer are not certified for compatibility with Oracle at this time.

Use Limited Account Privileges

Learn more here.

Be Smart With What you Do Online

View our pages on Social Networking and Online Banking/Shopping.  Also look for posts on our blog about identity theft, online banking, and scams. 

Host Intrusion Prevention (RIT-owned/leased computers only)

Host Intrusion Prevention (RIT-owned/leased computers only)

Note: This requirement applies only to RIT-owned and leased computers. There is currently no requirement for personally-owned machines to run host intrusion prevention.

Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.

The following products have all been tested by the Information Security Office and approved for use on RIT-owned/leased computers.

Recommended Host-based Intrusion Prevention Software

Server

Program

Description

OSSEC

Open source intrusion detection (multiple platforms) (ISO-tested). Active protection feature must be enabled.

McAfee HIPS

Desktop and server intrusion prevention (Windows) (ISO-tested)

Bit9

Application whitelisting (Windows) (non ISO-tested)

Cimcor

Protects against unauthorized changes (Server and Network) (non ISO-tested)

Tripwire (commercial version)

Configuration assessment and change auditing (Desktops and Servers; VMware coming) (non ISO-tested)

Desktop

Program

Description

OSSEC

Open source intrusion detection (multiple platforms) (ISO-tested). Active protection feature must be enabled.

McAfee HIPS

Desktop intrusion prevention (Windows) (ISO-tested)

Comodo

Internet Security Suite (ISO-tested)

Online Armor - Tall - Emu

Firewall (ISO-tested)

E-mail us at infosec@rit.edu if you have any questions or suggestions.

Phishing

Phishing

Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending spoofed e-mails that appear to be from reputable companies. Phishing e-mails provide a link to a seemingly authentic page where you can login and reveal your username, password and other personal identifying information (PII)." Online scammers can then use this information to access your accounts, gather additional private information about you, and make purchases or apply for credit in your name.

General protection against phishing scams 

Safe practices

  • NEVER RESPOND TO A REQUEST FOR YOUR PASSWORD sent by e-mail, even if the request appears legitimate. RIT will NEVER ask for your password through e-mail.
  • Do not provide identity information, including credit card numbers, when you receive an unsolicited e-mail or phone call.
  • Do not open attachments in unexpected or suspicious e-mails or instant messages.
  • Do not click anywhere on the e-mail—even in what may appear to be white space.
  • Delete the e-mail or instant message.
  • If the e-mail or instant message provides a link to a site where you are requested to enter personal information, it may be a phish. The real link may also be masked. Move your mouse over the link and it may show a different address than the one displayed in the e-mail.
  • Be selective in what sites you provide with your RIT e-mail address.

Technical solutions

  • Use a limited or non-administrator account when opening e-mail and browsing the Internet. A limited account will help protect you against many malware attacks. Finance and Administration (and some RIT colleges) already protect their users by giving them limited accounts. 
  • Enable site checking on your browser.
  • Add an anti-phishing toolbar to your browser. Anti-phishing toolbars help detect and may block known phishing sites. ITS is providing McAfee anti-phishing tools to ePO-managed users.

Report a Phish

Report a phish by emailing spam@rit.edu.  You can forward phishing attempts to this email.

Resources to Help Identify and Avoid Falling for a Phish

Spear Phishing

Spear phishing targets a specific person or group of people (usually within a specific organization or government agency). Spear phishing e-mails are tailored to match internal communications at the target organization and may even include personal details.

Phishing in Instant Messaging

Although most phishing occurs through e-mails, fraudsters have begun using instant messaging to pose as government officials and trick people into revealing identity information.

Current Phishing Scams

Millersmiles.co.uk is an Internet community that archives phishing scams. Visit them to check if a particular e-mail or website has been reported by others, or report it yourself.

Anti-Phishing Tools

Internet Explorer 7.x and higher, Safari 3.2 and higher, and Mozilla Firefox 3.x and higher all provide some protection against phishing. E-mail clients such as Microsoft Outlook 2007 and Mozilla Thunderbird 2 also include anti-phishing features, such as disabling suspicious links and blocking pictures and attachments. As of August 1, 2009, all RIT-owned and leased computers must have some form of anti-phishing controls in place.

We recommend the following browser tools to help you identify suspicious websites:

  • The Netcraft Toolbar is a browser plug-in available for Firefox on Windows, Mac, and Linux. The toolbar helps stop phishing attempts by blocking known phishing sites and providing hosting information about the sites you visit.
  • The McAfee Site Advisor is a browser plug-in available for Internet Explorer and Firefox. Site Advisor warns you of websites known to have malicious downloads or links by checking them against a database at McAfee.

Note: You should not install this version of McAfee Site Advisor on any RIT-owned computer currently running McAfee ePO. More information can be found here.

Subscribe to RSS - McAfee