Network Security Systems Cheap Bulk Computers I.T gear – Buy Bulk Laptop in Auckland, Manukau, Penrose, Papatoetoe, Henderson, Mount Wellington
For Computer Parts and Bulk sales – Please contact us
Network Security Systems:
Anti-virus Software
What is it?
Anti-virus software protects email, instant messages, and other files by removing viruses and worms. It might also quarantine infected files, to keep a virus from spreading on your computer, and can repair infected files so you can use them without fear of damaging your computer or spreading a virus to others.
What risks are involved?
If your computer isn’t fortified against the most recent viruses, you leave your system wide open for every bug, worm, and virus floating around the Internet. These debilitating bugs and viruses can cause your computer to malfunction. They might make your computer vulnerable to identity thieves and hackers.
What can I do to protect myself?
Install anti-virus software on your computer and run daily updates. The campus provides free anti-virus for staff and faculty work computers, and recommends free anti-virus software for student and home computers. See the Software License Coordination website.
How do I know if I have anti-virus software on my computer?
A computer with a properly installed anti-virus software will generally prompt you to update the program every once in a while. If your computer doesn’t ask you to update virus definitions, you might not have properly installed virus software. Some common antivirus packages include Sophos, McAfee, and TrendMicro.
Confidential Data Storage
What is it?
Confidential data is any information you don’t want others to obtain without your permission, including (but not limited to) your Social Security number, home address, phone numbers of friends/family/colleagues/students, your driver’s license or bank account numbers, a list of your passphrases, your home address or phone numbers, your employee ID number, digital images, word documents containing personal text, etc. Most people store confidential data of some kind on their computers within Word files, address books, or application settings.
What risks are involved?
If unauthorized persons gain access to the confidential information you are storing, they could alter the information or use it to commit identity theft.
What can I do to protect myself?
- Only store confidential information on your computer if it is absolutely necessary.
- Store confidential information on portable media, such as a CD or flashdrive. Secure the portable media in a locked cabinet when it is not being used.
- Encrypt files containing confidential data. Encryption is available on some operating systems. Refer to your operating system help center for instructions.
- Physically secure your computer (laptop or desktop) to the desk where it sits. For about $30, you can buy a simple cable lock (similar to a bike lock) at any tech-supply store that will deter and usually prevent theft.
- Set your computer to ask you for an account passphrase at login. If someone is sneaking onto your computer, this tactic will prevent them from gaining access to your files. For instructions on setting passphrases, refer to your operating system help center.
- Be sure to disable the “Guest” account, as use of this account is likely to be untraceable.
Data Backups
What is it?
To back up your files, simply create a second copy of your important documents somewhere other than your computer’s hard drive.
What risks are involved?
If you don’t back up your data, you might lose it. Your files could disappear due to a virus, computer crash, accidental keystroke, theft, or external disaster.
What can I do to protect myself?
- Back up critical and essential files on a daily basis and non-critical files on a weekly or monthly basis. You can back up your data to a CD, to an online backup service (for a small monthly fee), flash drive, USB key, or to a server, if you can get access to one from your Internet Service Provider or commercial vendor. Some companies offer automatic backups when you buy their programs.
- Keep all your critical files in one place so you can easily create a duplicate copy.
- Store your backup media (CDs, disks, backup server, etc.) in a safe, secure place away from your computer, in case of fire or theft.
- Periodically test the capability to restore from the backup media. An unreadable backup is not worth much. To ensure that your backup files are reliable, simply upload the files to your computer.
- Faculty/Staff: Check with your department’s Technical Support Coordinator (TSC) to find out if he or she runs regular backups of departmental computers.
How do I choose an online backup service?
For help choosing one that’s right for you, review 10 Questions You Should Ask Before Using an Online Data Backup Service.
Back to top
DNS Security Enhancement
What is DNS?
DNS stands for Domain Name System. DNS servers are a critical part of the campus network infrastructure and the Internet because they allow information on the Internet to be available when you enter a URL in your Web browser. UC Davis disabled one capability of the DNS servers –recursive DNS–to help improve security.
What is recursive DNS?
One example of recursive DNS is when someone who subscribes to an ISP (e.g. Comcast) configures their computer to use the UC Davis DNS servers rather than their ISP DNS servers to access the Internet.
How do I know if I’m using the UC Davis DNS servers?
If your DNS configuration uses 169.237.250.250 or 169.237.1.250, you are using the UC Davis DNS servers.
Why are my DNS server settings blank?
Most ISPs provide DNS server information automatically, so you won’t see anything in the DNS server settings even though your computer is properly configured. Check with your ISP to be sure.
What security risks are involved in recursive DNS?
- Cache poisoning: An attacker could redirect users who are trying to reach one site, say a bank site, to a malicious site without their knowledge. For more information about this type of attack, seehttp://www.secureworks.com/research/articles/other_articles/dns-cache-poisoning/.
- Recursive DDoS attacks: An attacker can send streams of DNS queries to caching servers. As all of these servers answer the queries, the victim host is targeted with a massive distributed denial-of-service attack (DDoS). For more information, seehttp://www.us-cert.gov/reading_room/DNS-recursion033006.pdf.
Back to top
Email Attachment Restrictions
What are email attachment restrictions?
To help prevent the spread of viruses, the campus prevents certain attachment types from entering the campus email system. If someone sends you an email message with a file attached and that file is one of the restricted file types, you will not receive the attachment. You will still receive the email message.
How will I know if attachments are removed from email messages I send/receive?
Recipients will receive a message clearly stating that an attachment was removed, the name of the attachment, why the attachment was removed, and options for resending the attachment as an unrestricted file type. However, senders of restricted file types will not receive notification that the attachment was removed.
Is there a list of restricted file types?
Yes. See Attachment Restrictions page.
What can I do if a file type I want to send is on the restricted list?
Consider renaming the file to an unrestricted file type. Or, use Web-based file-sharing, or removable media (e.g., a flash drive).
Does this mean that all attachments I receive will be safe?
No. Use caution when opening email attachments. Do not open attachments you were not expecting or from senders you don’t know. Attachment restrictions reduce, but might not eliminate, the number of virus-infected attachments that reach the campus.
Back to top
Email Virus Filtering
What kind of email virus protection does UC Davis offer email users?
The virus filtering software detects and deletes known viruses attached to all the incoming and outgoing email messages processed through the central campus email servers.
Who benefits from this email filtering service?
Everyone who sends or receives email through the central campus email servers.
Why is email virus filtering necessary?
Not only are viruses annoying, they can corrupt essential data stored on your computer, thereby compromising the integrity of your computing system. Because 87 percent of viruses originate or transmit themselves via email, the campus considers email filtering an important part of computer security.
How does the virus filtering system work? What do I have to do?
As an email user, you don’t have to do anything to benefit from this service. Here’s how it works: When you send an email, it always travels through an email server, where it is routed to the recipient (the person to whom you’re sending it). The servers with this filtering software will act as “checkpoints,” searching all incoming and outgoing email messages for known viruses.
What happens if I send a virus-infected email message?
If a known virus is attached to your message, the software on the server will detect it and delete it, protecting the recipient of your message from receiving the virus. As the sender of the infected message, you will receive a short message notifying you of the virus attached to your outgoing message.
What should I do if I get a notification message that I sent a virus-infected email?
- Be aware that the message and any attachment in question will not have been sent to the intended recipient.
- While the virus infection will be removed from the email, the infected computer from which the email originated will continue to be infected until virus removal efforts are complete. Check for virus conditions on your computer by running anti-virus software.
- Since certain viruses are clever enough to forge sender names, you might not actually have a virus on your computer. Contact the IT Express Computing Services Help Desk at 530 754-HELP (4357) or your department’s TSC for advice.
How do I know if my email goes through the central campus servers where this virus-scanning occurs?
If you have been receiving email at an “@ucdavis.edu” address, you will automatically benefit from this filtering service. If you receive email at an address that contains the name of a department (such as “@dept.ucdavis.edu”), your email processes through a separate department server.
My email doesn’t go through the central campus servers. How do I find out what kind of protection my department email server provides me?
Contact your department’s Technology Support Coordinator. If you don’t know who your TSC is, visit the TSC directory to find out.
What else can I do to keep my personal computer virus-free?
The email filtering system will catch viruses in your email, but it is up to you to make sure your computer is protected. The best way to do this:
- Configure your computer to seek virus definition updates from your anti-virus software vendor on a daily basis. For more advice, contact the IT Express Computing Services Help Desk at 530 754-HELP (4357).
- Do not open any attachment to an email that has a suspicious subject line, file name, or message. Remember: Some viruses can forge themselves to appear as if they are from someone you know; therefore, the “from” line alone cannot be trusted.
Back to top
Encryption Basics
What kinds of information should be encrypted?
Restricted information such as:
- Identity information (Social Security numbers, California Driver’s License or identification card numbers)
- Financial account information (checking, savings and credit card account numbers)
- Student record information (grades, financial aid information)
- Medical record information (diagnoses, treatment information, identity information included in medical records)
Why should I protect restricted information?
Several federal and state laws, and several UC and UC Davis policies, require you to. Failing to protect restricted information can have serious consequences, including financial penalties for you, the campus and the university.
What is encryption software, and what does it do?
Whole-disk encryption software garbles information stored on computers so that it cannot be understood if it is accessed without using the passphrase (or key) that you use to un-garble (or decrypt) the information. If your computer is lost or stolen and you have encryption activated, people who try to access information on the computer won’t be able to read it.
Back to top
Firewalls
What is a firewall?
A firewall acts as a protective barrier between your computer and the Internet, monitoring all incoming and/or outgoing traffic and allowing only the network traffic you permit. Firewalls come in the form of software, which nestles itself between your operating system and your network card. They also come in the form of hardware; for many home and small office users, it is a simple router device that sits between your computer’s network jack and the wall connection. You can customize the level of protection the firewall gives you, setting it to filter information flow from specific domain names, addresses, or types of network traffic.
How does a firewall work?
Hackers search the Internet in a way akin to dialing random phone numbers. They send out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these random calls. If your computer doesn’t respond, hackers won’t know it’s there.
What are the risks of not having a firewall?
If your computer, like most, is automatically set to enable file-sharing or to keep network ports open while you are online, you could be susceptible to a variety of attacks. If you don’t have a firewall, which will monitor ports to stop unwanted traffic from slipping through, you have to know how to manually close ports, and disable file-sharing, in order to control risky traffic from coming in to your computer.
What do I need to know before installing a firewall?
- A firewall is not the single solution to computer problems. As with other computer security measures, malicious programs disguised as friendly ones can circumvent a firewall.
- Like any add-on to your computer, a firewall can interfere with other applications on your system.
- Firewalls might prevent campus vulnerability scanners from alerting you to a problem on your computer.
- Depending upon which department and network you belong to, there may be restrictions on the use of personal hardware firewalls/routers.
- If your computer comes with basic firewall capability, or if you are thinking of installing a firewall, you should contact your tech support person first.
- Faculty and staff should consult with their department’s Technical Support Coordinator (TSC) before installing a firewall. Students can contact the IT Express Computing Services Support Desk, 530-754-HELP (4357).
Does UC Davis have access to a discount on firewall products?
Campus departments may purchase Juniper firewall products through CDW-G at a discount. To receive this discount, purchases must be made via UCD Buy. For additional information, contact IT Professional Services .
Identity Theft
What is identity theft?
Identity theft occurs when personal information is obtained by unauthorized individuals who then use that information to commit a crime such as fraud or theft.
Who is at risk for identity theft?
Everyone. Careful management of personal information, identification, and passphrases can help minimize your risk.
What are the risks?
Victims of identity theft often have to spend time and money cleaning up their personal and financial records. In the meantime, they may be refused loans, housing or cars, or even get arrested for crimes they didn’t commit.
What is the campus doing to protect my personal information?
No matter what your affiliation with the campus, your personal information resides on at least one campus computer system. The campus minimizes the number of systems on which personal information resides, and mandates a high level of security on these systems. Individuals will be notified if their information is obtained via a security breach.
How can I protect my personal information?
- Order a copy of your credit report from each of the three major credit bureaus – Equifax, Experian, and TransUnion. Make sure it’s accurate and includes only those activities you’ve authorized. California residents can order one free copy of their credit report from each bureau annually. For more information on how to obtain your free credit report, visithttps://www.annualcreditreport.com/cra/index.jsp.
- Place hard-to-guess passphrases on your credit card, bank, and phone accounts. Keep your passphrases and PIN numbers secret. Don’t share your Kerberos passphrase!
- Use a shredder when discarding documents containing personal identification.
- Don’t send personal information via email.
- When shopping online, make sure the site is secure by looking for the padlock icon in the corner of the page that asks you to input your personal information.
- Don’t keep personal information stored on computers unless necessary and encrypted.
- Ask about information security procedures in your workplace.
IRC Bots
What are they?
IRC is short for Internet Relay Chat. IRC appears in software such as AOL Instant Messenger, Yahoo! Messenger, and ICQ.
A bot, or robot, is automated software set to perform certain functions. Many programs feature bots, which are not always malicious programs. An example of a peaceful IRC bot is a digital chat room moderator that boots and bans users who flood the channel with spam. Over the years, however, many malicious IRC bots have integrated themselves into popular programs, and are proving to be a growing security risk.
What risks are involved?
A malicious bot could record everything you type in your IM program. Should you mention sensitive information, such as credit card or bank account numbers, you are at risk for identity theft. Bots can also create “back doors” on your computer, giving hackers quick access to your system.
What can I do to protect myself?
Malicious bots tend to be both partnered with unofficial modifications to the IRC and integrated into spyware applications. To avoid these bots, never download an unofficial addition to a legitimate program, and be sure to:
- Run an anti-spyware program weekly
- Virus-scan all files weekly
- Download and install the latest operating system patches
- Enable Windows Firewall and/or buy a third-party firewall program
How do I know if I have an IRC bot on my computer?
You might not notice the presence of some bots. Others might slow your computer, or show symptoms similar to those of spyware and viruses.
Securityspace.com offers a free malicious IRC bot vulnerability test for registered users (registration is free) athttp://www.securityspace.com/smysecure/catid.html?id=14841.
Passphrases
Are passphrases really an important part of security? Yes, strong passphrases can prevent unauthorized people from accessing: the information you store on your computer; the applications you use that allow you access to others’ information; and services you use online (e.g. banking and shopping).
What is a strong passphrase? Strong passphrases are difficult for other people, even people who know you well, to guess. Most of us choose passphrases that we can easily remember, which usually means a word, phrase or name we use in our daily lives. These are weak passphrases, because anyone who knows you could probably guess them.
How do I create a strong passphrase? To create a strong passphrase, use a mix of uppercase and lowercase letters, numbers and symbols. The strongest are 12 characters or longer. Avoid repeating characters (e.g., aaaaaaa) or using sequences (e.g., abcdefg).
How do I know if my passphrase is strong? To check the strength, go to http://computingaccounts.ucdavis.edu and select the Test passphrase strength option.
Phishing
- What is “phishing?” “Phishing” (pronounced “fishing”) refers to a form of fraud that attempts to acquire sensitive information (usually your username, also called login or loginID, and passphrase/passphrase). There are many variations, but the most obvious characteristic of a phishing message is that it instructs you to provide sensitive information either by replying to the message, or by clicking on a link and entering the information on a web page. There is no legitimate reason for anyone to request a password/passphrase or other sensitive data via email, and you should never respond to any such message.
- What should I do if I think I might have responded to a phishing message? Call the IT Express Computing Services Help Desk at 530-754-HELP (4357) immediately if you think you have provided your passphrase or other personal information in response to a phishing scam.
- What if a message, which seems to come from someone at UC Davis, asks me to confirm my login ID and passphrase? UC Davis will never ask you to do this via email or telephone. Call IT Express at 530-754-HELP (4357) if you are unsure about the validity of an email from a campus address.
- How do I know if a message is a phishing scam? Phishing messages often:
- Instruct you to supply your account information, including your password/passphrase, by email or by clicking on a link in the message and then entering the information via the web. This is never a legitimate request.
- Have a “From:” line that sounds (and sometimes is) legitimate, but the message itself is vague.
- Contain a threat if you do not supply the information, such as having your account deleted.
- Have spelling and grammatical errors. Legitimate messages aren’t always perfect, but with careful reading many scam messages become obvious.
- Use a generic salutation rather than using your personal name.
- Print and post this Don’t Let Phishers Play You flier to remind you what to look for.
- What can happen if I reply to a phishing scam? If you send them the information they request, they could use your email account to send millions of spam messages, open accounts under your name, or commit other fraud.
- How can I prevent my campus computing account from being compromised?
- DO NOT respond to phishing scams in any way. It’s that simple. Just don’t answer. Don’t click on links in the message. Delete the message immediately.
- Be suspicious of messages requesting personal or account information.
- Be suspicious of messages threatening to close or suspend your account if you don’t respond with the information they want.
- Check the authenticity of email messages by calling a company phone number known to be genuine.
- See Cyber-Safety Basics for information about protecting yourself and your computer from other cyber-attacks.
- See 10 Things Everybody Should Know about How the Email World Works for more tips about email.
- Read even more about phishing at www.us-cert.gov/cas/tips/ST04-014.html.
- Why doesn’t the campus just block phishing scams like we block spam? We employ multiple layers of the latest and best anti-spam, anti-virus, and anti-phishing technology available. Unfortunately, these systems cannot block all malicious email.
- I’ve never replied to a phishing scam, but have been getting spam emails from my own email address. How does this happen? These emails result from a very easy spammer technique called “spoofing.” All spam has a spoofed (or forged) “From” address. Unfortunately, there is no way to prevent the use of someone else’s “From” address in email. If you receive more than five spam messages from yourself per day, contact the IT Express Computing Services Help Desk at 530-754-HELP (4357).
- What happens to compromised accounts? When UC Davis identifies a compromised account, the account is locked immediately. If your account is locked, you must go to one of six passphrase reset locations in campus computer rooms, prove your identity, and change the passphrase. Click here for more information.
For Technical Support Coordinators, Managers and MSOs
Information and Educational Technology (IET) has developed resources to help you spread the word about phishing scams to faculty and staff in your departments. To access these resources and learn more about IET’s anti-phishing efforts, seehttp://security.ucdavis.edu/phishing.
Software Patch Updates
What is it?
Patch updates “fix” flaws in your operating system, the basic program that runs your computer (e.g.Windows 8 or Macintosh OS X). Patches are released as needed by your operating system vendor (such as Microsoft or Apple), and should be installed as they become available.
What risks are involved?
Computers with unpatched operating systems are vulnerable to hackers and viruses.
What can I do to protect myself?
- Windows users: Set your computer to download operating system updates on a regular basis. Look in your Control Panel and find System or Automatic Updates. You can also find Windows updates in the Tools menu in Internet Explorer, or by visiting Microsoft’s Web site at http://windowsupdate.microsoft.com/.
- Mac OS X users: Consult the “software update” pane in the System Preferences utility to manually or automatically schedule updates.
What is UC Davis doing to protect me?
UC Davis provides resources to assist you in protecting your computer.
- The IT Express Help Desk will help you configure settings for automatic updates or help you with manual updates.
- Announcements are posted on TechNews and the Computer and Network Security website when new patches are released.
- Technical Support Coordinators (TSC) are available for faculty and staff in departments across campus.
Spam Filtering Basics
What is spam?
Spam is unsolicited commercial email, or that junk mail that you get in your email inbox.
What is spam filtering?
Spam filtering helps reduce the amount of spam you receive in your email inbox. This can be done a number of ways.
Does UC Davis filter spam?
Yes, UC Davis uses techniques to identify and filter spam, and enables you to customize spam filtering for your campus email account.
How does the campus spam filtering service work?
UC Davis employs several different methods for identifying spam. These methods work together to assign scores to potential spam email messages. The scores assigned are based on lists of characteristics of known spam messages.
Does every email message receive a spam score?
Most do, but not all. Messages scoring 4 or lower are more likely to be legitimate email messages.
Can spam filtering accidentally delete legitimate messages?
Spam filtering is not 100% accurate, so you might want to check your UCD spam folder for false positives. Through Geckomail or MyUCDavis, click UCD-spam from the list of folders on the left. Your UCD spam folder is not accessible from an email client (such as Outlook) unless you use IMAP.
Can I change the way the campus filters spam to my email account?
Yes, you can customize the way the campus filters spam to your email account by visitinghttp://email.ucdavis.edu/secure/spamfilter.php. You can change the point at which spam is filtered to your UCD spam folder and when it is automatically rejected. You can also create allow and deny lists.
I have my campus email redirected to a non-UC Davis email account. Will the campus filter my email before it is redirected?
No, email is redirected before it is filtered.
My email is redirected to a departmental account at UC Davis. Will the campus filter my email before it is redirected?
No. Not unless your department’s system administrator or Technology Support Coordinator is using the campus scanning and tagging service. Nonetheless, consult your administrator, as they might have local filtering.
How will these measures affect class mailing lists or other address lists that go to UC recipients?
List owners who have configured their lists to filter spam should see less spam get through. People posting from off-campus might have difficulty if they’re routing mail through blocked mail servers, but that would be just as true if they were trying to mail an individual on campus–the fact that the addressee is a mailing list rather than an individual is not a factor.
Does UC Davis provide specially tailored filtering rules that I can use with my email program, as an alternative to using the central campus spam filtering utility?
UC Davis not provide specific spam-filtering rules, but does provide instructions for setting up spam filtering on campus-supported email programs. You may access these instructions and learn more about spam filtering options by visiting the Campus Spam Filtering page.
What can I do if spam filtering set-up instructions are not available for my email program?
Most email programs let you set up filters. You should consult help resources for your program to see what anti-spam measures they offer.
If all messages with a high score are sent to a spam folder that is only accessible through MyUCDavis and Geckomail, how can I make sure that the spam filter is not sending legitimate email to this folder if I never use MyUCDavis or Geckomail?
The folder will be visible to any IMAP client; Geckomail is merely one example of an IET-supported IMAP client. If a user has an email program configured to connect to their server via IMAP, then no change in behavior will be required. Those who have configured their email program to POP can change that configuration to IMAP. For more information about POP and IMAP configurations, see The IT Express Knowledge Base article on POP and IMAP.
Spam: Allow/Deny Lists
What are allow and deny lists?
Allow and deny lists let you further customize the campus spam filtering service. All email originating from addresses on an individual’s deny list is prevented from reaching that individual’s inbox. All email originating from addresses on the individual’sallow list is permitted to reach that individual’s inbox, even if it would otherwise have been marked as spam and filtered away from the inbox.
Why implement Allow/Deny Lists?
No single spam filtering measure filters 100% of spam. Allow and deny lists add an extra layer of protection against spam. Legitimate email messages from news lists, or subscriptions to professional online magazines or other publications, can be filtered as spam (a “false positive”). By placing the sender’s email address on their allow lists, recipients of these types of messages ensure that they will not be filtered as spam.
How do I create allow and deny lists?
Go to http://email.ucdavis.edu/secure/spamfilter.php.
Can I change allow and deny lists at any time?
Yes, and changes to accept and deny lists are effective immediately.
Can I add @ucdavis.edu addresses to my allow and deny lists?
Yes.
Can I add a domain to an allow list?
Yes. If you receive email from a particular domain (@ucdavis.edu, for example) that you do not want the campus spam filters to scan (and possibly send to your UCD spam folder or delete), you can add it to your allow list. This will ensure that you get all email from that domain.
Can I add a domain to a deny list?
Yes. If you receive email from a particular domain (@ucdavis.edu, for example) that you always want the campus to send to your UCD spam folder, you can add it to your deny list. This will ensure that no email from that domain will reach your inbox.
Sample Spam Settings*
|
|
Reject Spam** |
Aggressive** |
Cautious (Campus Defaults) |
Deliver All Mail |
|
Filter spam |
Yes |
Yes |
Yes |
No |
|
To UCD-spam folder |
None |
5 |
5 |
None |
|
Summary |
No |
Yes |
Yes |
No |
|
Delete Spam |
5 |
10 |
15 |
15 |
|
What you can expect if you choose these settings. |
All spam scoring 5 or above will be rejected automatically. No email will be sent to your UCD-spam folder. |
Most spam will be rejected automatically, but some will be stored in your UCD-spam folder. |
Most spam will be either rejected or sent to your UCD-spam folder. |
You will receive all spam scoring less than 15 that is sent to your email account. |
|
Who might want to choose these settings? |
Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder. |
Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder |
Most of the campus community will find that these settings provide the greatest level of accuracy with the least amount of spam delivered. |
Individuals who want to receive all email that is directed to their email account, regardless of whether it is spam. |
|
Other considerations |
Set up allow lists to exempt certain email addresses or domains. Set up deny lists if you repeatedly receive spam scoring less than 5 from a particular address or domain. |
Set up allow/deny lists to further customize your email filter. |
Set up allow/deny lists to further customize your email filter. |
Set up spam filtering using your email program’s junk mail or spam control features. |
*You may want to make incremental changes to these settings until you find your desired combination. Messages receiving a score of 4 or lower may be legitimate email messages, so please use caution when filtering or deleting messages with very low scores.
** Please be aware that the more aggressively you filter spam, the more likely you are to receive false positives.
Spyware
What is it?
Spyware is software that gathers information about your web-surfing habits for marketing purposes. Spyware “piggybacks” on programs you choose to download. Tucked away in the fine print of user agreements for many “free” downloads and services is a stipulation that the company will use spyware to monitor your web habits for business research purposes.
What risks are involved?
Spyware takes up memory and space on your computer. It can slow your machine, transmit information without your knowledge, and lead to general computer malfunction. You may choose to keep certain spyware programs on your computer in exchange for the free services that accompany them, but you should be aware of how that might affect your computer.
What can I do to protect myself?
- Closely read user agreements for free programs before clicking, “I accept.” Watch for allusions to spyware and adware in user agreements.
- Regularly scan your computer with an anti-spyware program.
Viruses
What are they?
Malicious small programs that easily replicate themselves, infect your computer, and often spread to others’ computers via email attachments or network traffic.
What risks are involved?
Virus programs can delete files, format disks, attack other computers, or slow your system. They can also create “back doors” that allow hackers to run programs on your computer or gain access to your files.
How do I know if I have a computer virus?
A computer infected with a virus might suddenly act in unexpected ways. For example, it might take longer to access files or to start up programs, or it might lock up often. You might also notice uncommon sounds being played from your speakers, a variety of images popping up on the screen, or problems starting your computer. All are signs that your computer could be infected with a virus.
What can I do to protect myself?
- Install anti-virus software on your computer and run daily updates. Find free software for faculty and staff work computers, and recommendations for free anti-virus for student and home computers, on the Software website.
- Install “patches” at your operating system’s website to keep your computer fortified against possible attack.
- Mac users: http://www.apple.com/support.
- Windows users: http://v4.windowsupdate.microsoft.com/en/default.asp.
- Do not open email attachments with suspicious subject lines, file names, or messages. Some viruses can appear to come from someone you know–therefore, the “from” line alone cannot be trusted.
- Viruses can come to you in links sent via Instant Messaging, email attachments, infected disks, freeware, shareware, or file-sharing.
What is UC Davis doing to protect me?
Virus filtering software checks every incoming and outgoing @ucdavis.edu email message for viruses. Widely recognized viruses will automatically be filtered out of your incoming email. New viruses can sneak through until the filter is trained to recognize them, which usually takes no more than 24 hours.
Wireless
What is it?
Wireless networks let you get online from almost anywhere people congregate, including UC Davis.
What risks are involved?
Because wireless access points don’t require a user to plug into a port, the networks are often more difficult to monitor and secure. Many off-campus wireless areas won’t require you to sign in with a username and passphrase. If the network is not secure, and you’re using it to buy things online or log on to Internet applications, it’s not difficult for someone to record your keystrokes and steal your identity.
What can I do to protect myself?
- When on campus, use moobilenetx. See http://wireless.ucdavis.edu/ for more information.
- Restrict your online shopping to wired connections or secure wireless connections.
- Don’t open programs that contain identifying information while you’re on a wireless network. In fact, don’t keep your Social Security number, driver’s license number, or bank account numbers anywhere on your computer, period.
- Keep your computer secure: Apply operating system patches when they are released by the software manufacturer, and keep your anti-virus program up to date. Other computers sharing the wireless connection could be infected or compromised, and might attempt to spread viruses or hack into other computers attached to the wireless network.
- Disable file-sharing so that other people can’t help themselves to files on your computer. For instructions, refer to your operating system help center.
Ten questions to ask about application security systems
1. Does it inspect application communications or just packets?
Twitter adds autoplaying videos
Twitter has moved well beyond its foundation of 140-character messages. The site will now host videos
READ NOW
To reliably identify application-layer threats, a security appliance must “see” the same communication stream as the application it is protecting. This means the security device must perform a full deconstruction of the HTML data payload, as well as track the state of each application session. It is technologically impossible to analyze application behavior through simple inspection of IP packets, either individually or reassembled into their original sequence.
2. Does it detect and defeat encrypted application attacks?
Virtually all Web applications that process confidential customer or corporate information use Secure Sockets Layer encryption to protect both the confidentiality and integrity of data while in transit. However, SSL also provides hackers with a useful tool to evade detection because it’s impossible to detect attacks that are strongly encrypted. Therefore, application-layer security can be performed only if SSL-encrypted traffic is decrypted into its original clear text form prior to inspection.
3. Does it protect the application infrastructure and users?
Application security involves protecting all elements of an application infrastructure (e.g., server operating system, application program and back-end databases), as well as users of the application. Protecting the application program and application data isn’t sufficient. Trust relationships with users must also be closely guarded to ensure the continuing business viability of the application. For example, an application security product should thwart the hijacking of user sessions.
4. Does it defeat zero-day attacks?
Zero-day attacks come in two varieties: attacks exploiting vulnerabilities in custom applications, and attacks aimed at vulnerable packaged applications for which a patch has not yet been released. An application security solution must detect and defeat all forms of zero-day attacks. Using attack signatures or event correlation will fail to protect against zero-day attacks. A positive security model that understands and enforces correct application behavior in real time is the only viable defense for zero-day attacks.
5. Does it cloak application infrastructure elements?
Many attacks against Web applications are custom-crafted and designed to exploit security vulnerabilities in the application infrastructure. Effective reconnaissance can help the hacker focus his attack methodology, target a smaller number of potential security weaknesses and craft more damaging attacks. At a minimum, a Web application protection solution should provide the following cloaking capabilities to mask details of the application infrastructure.
Remove all unnecessary server response headers
Rewrite all application URLs
Remove HTML comments
Encrypt cookie names and values, URLs and hidden form fields
6. Does it prevent the leakage of sensitive corporate or customer data?
The objective of many Web application attacks is to steal sensitive customer data such as credit card numbers, account IDs and Social Security numbers. An organization can never be completely assured that all avenues to application-layer attacks are blocked. Preventing the leakage of sensitive data in application server responses requires the following capabilities:
Inspecting the entire stream for the presence of sensitive data objects
Precision matching of data objects. For example, credit card numbers should be tested for validity before real-time action is taken.
Transforming matching data objects. For example, reflect only the last four digits of a customer’s credit card number for verification purposes.
7. Does it block benign traffic?
Web application security is typically deployed to protect an organization’s most business-critical systems. False positives that block benign and legitimate traffic are intolerable in these environments. For example, mistakenly blocking a brokerage transaction for a large trading partner may cost an organization tens of thousands of dollars, or more. To eliminate false positives, an application security system must:
Perform true application-layer traffic inspection
Maintain full communications context
Possess a semantic understanding of all application data
WHAT READERS LIKE
Short Take: Apple Music, Siri integration and other WWDC thoughts
Teams prep for DARPA Robotics Challenge Finals
Insights into the Apple Watch
8. Does it rationalize the Web infrastructure?
Application security is typically deployed in a Web demilitarized zone (DMZ), directly fronting protected application servers. In many enterprises, the DMZ may already be heavily populated with numerous single-function devices, such as load balancers, SSL acceleration devices, application proxies and TCP connection offload appliances. A well-designed application security solution should subsume the capabilities of point products residing in the DMZ. Reducing overall box count improves application performance and infrastructure reliability. Typical functions that should be performed by an application gateway include:
SSL acceleration
Noncaching application proxy (i.e., rewriting application URLs)
Web I/O acceleration
Web site defacement prevention
9. Can it deploy consistent security for all applications?
Common threats to applications, such as SQL injection, can be handled by “global” security settings. However, there is often a need to define per-application security rules. For example, a global security policy that prohibits any modification to data in a hidden form field may break an application that uses client-side JavaScript to legally modify form field data within the client’s browser. In this scenario, different policies would be necessary. An application security system should virtualize security policies, accommodating both global and per-application attributes.
10. Does it adapt policies for dynamic application environments?
POPULAR RESOURCES
WHITE PAPER
7 Reasons to Worry About Your Current Email Archiving Strategy
WHITE PAPER
Forrester Report: Planning for Failure
SEE ALL Go
Many Web applications use client-side Java scripting to generate dynamic content within a client’s browser. Prime examples of application content that may be legally modified on the client include URL parameters, application session cookies and form field data. A positive security model that is unable to accurately anticipate and accommodate dynamically generated content from the client will potentially block legitimate application traffic. Look for an application security solution that can learn correct application behavior and automatically generate policy recommendations so that legitimate dynamic content is recognized and permitted by the security system.
Health Network frequently asked questions
Q: What is the Health Network?
The Health Network established in 2005 provides New Zealand with an essential platform for the secure collection, access and exchange of electronic health information between healthcare providers. The current Health Network is an evolution of the 1999 Health Intranet. The Connected Health Programme, part of the Ministry of Health’s National Systems Development Programme, will further enhance current Health Network capabilities. For more information regarding Connected Health visit the IT Health Board website.
Q: Who constitutes the Health Network?
The Health Network is a closed community comprised of accredited VPN (Virtual Private Network) providers, security solution providers, information service providers, users, administration and governance.
Q: Who is responsible for the governance of the Health Network?
The Ministry of Health is responsible for the Governance of the Health Network. Governance responsibilities include ensuring that appropriate standards, policies and procedures are in place: this includes establishing policies to mitigate risk of any security breach to the network and ensuring ongoing validation of policies against issues arising with network security, which are reportable to the VPN (Virtual Private Network) provider.
Q: How many users/members are there in the Health Network?
The Health Network membership includes the majority of General Practitioners and all District Health Boards, primary healthcare organizations, laboratories, pharmacies, private hospitals and NGOs.
Q: Who has access to the Health Network?
Presently, only healthcare providers who are registered Health Network members have access to the Health Network. If you are a healthcare provider, you can register by applying to the Health Network
Q: What is the Interconnection Agreement?
The Interconnection Agreement with the support of the Ministry of Health. The Interconnection Agreement is an industry-defined solution for a neutral interconnection point to connect secure VPN (Virtual Private Network). HISAC worked with Telecom/Gen-i, and Healthlink, the three accredited VPN providers in New Zealand, to develop the Interconnection Agreement. Virtual Private Network providers must sign the Interconnection Agreement in accordance with the Health Network Code of Practice: Telecom/Gen-I are current signatories.
Q: What is the neutral interconnection point?
The neutral interconnection point is an information routing appliance that enables a Health Network connected party to send and receive information from another Health Network connected party via a single connection point. Through the Request for Proposal (RFP) process, the three VPN (Virtual Private Network) providers selected Datacom to run the neutral interconnection point: all VPN (Virtual Private Network) providers continue to be involved in the implementation plan with Datacom.
Q: What are the benefits of the Health Network interconnection for health professionals, now and in the future?
A major benefit for health professionals using an accredited health network is that they have access to available health IT systems and applications without needing to know which network administers the systems. The implementation of a neutral interconnection point reduces barriers to the entry of new suppliers and is a necessary step for the transition to Connected Health. Health providers using the neutral interconnection point to access the Health Network are positioned to migrate to Connected Health.
Existing Ministry applications such as the National Health Index lookup and Pharmac Special Authorities will progressively become available only via the neutral interconnection point. In future, other new Ministry of Health applications will be exclusively delivered via the neutral interconnection point. These future applications include those that will deliver services such as:
- online pharmacy claiming
- eReferrals and discharges
- electronic prescribing
- Health Practitioner Index lookup
- General practice patient notes transfer (on patient request)
- B4 School checks
- Secure email for confidential communication
- laboratory test orders and results transfer
Q: What does the neutral interconnection point mean to the VPN (Virtual Private Network) providers?
The implementation of a neutral interconnection point creates a level playing field and reduces barriers to the entry of new suppliers who can provide accredited cost effective security connections to Health Network members. The neutral interconnection point is also a necessary transition step to Connected Health.
Health Network Security
Q: What is in place to ensure Health Network security?
The Health Network is a closed community made up of interlinked, encrypted Virtual Private Networks (VPN). All data is required to be fully encrypted at all times during transmission. All available Health Network hardware products are certified as secure by international standards. After discussing your requirements and your desired level of service, an accredited VPN (Virtual Private Network) provider will install the firewall security device in your practice and configure it to provide a secure connection to the internet and to the rest of the Health Network. VPN (Virtual Private Network) providers have different approaches to configuring and managing their product, such as how much control they undertake in your local environment.
Users of the Health Network must be registered and comply with certification and security requirements for their local environments. Each member is subject to conformance checks against criteria set forth in the Health Network Code of Practice. Members are also responsible for reporting security incidents to their VPN (Virtual Private Network) provider.
Q: What are the requirements for a VPN (Virtual Private Network) to be a member of the Health Network?
In 2002, Standards New Zealand developed the Health Network Code of Practice as the accreditation standard for all Health Network members, including telecommunication providers. To acquire accreditation, a VPN (Virtual Private Network) provider must be assessed annually against the Code of Practice in order to acquire an annual Certificate of Compliance.
Q: What are the requirements for a user, such as GP (General Practitioner) to be a member of the Health Network?
To join the Health Network, a potential user must register with the Governing Body, connect using an accredited VPN (Virtual Private Network) provider, and meet the security standards outlined in the Health Network Code of Practice. Meeting the security standards involves ensuring policies and procedures are in place to protect patient data stored, exchanged or transmitted by the GP practice. The standards are designed to meet international standards for environmental security. A generic small practice security policy document (Word, 154 KB) that can be used as a template by the GP in their practice environment, it is available for download.
Q: What is the Health Network Code of Practice?
The Health Network Code of Practice is based on New Zealand health and privacy legislation, industry principles for the protection of personal health information and the International Standards Organization (ISO) information technology standards. Health Network members need to demonstrate that they have policies and procedures in place to address third party access, personnel security, physical and environmental security, systems development and maintenance and technical compliance as well as risk management for any security breach.
Questions that customers often ask
- Why is security important?Answer: The information stored on your system is one of your most important business assets. This sensitive information can be customer accounts, payroll statements, and financial statements. You must balance the need for protecting this information with the need to allow your employees access to complete their job responsibilities. You need to keep three important objectives in mind when determining how to protect your information assets:
- Confidentiality: Good security measures can prevent people from seeing and disclosing confidential information. On your systems, what information do you consider confidential, which only a few select individuals can see and maintain?
- Integrity: To some extent, a well-designed security system can ensure the accuracy of the information on your computer. With the right security, you can prevent unauthorized changes or deletions of data.
- Availability: If someone accidentally or intentionally damages data on your system, you cannot access those resources until you recover them. A good security system can prevent this kind of damage.When people think about system security, they usually think about protecting their system from people outside the company, such as business rivals. Actually, protection against curiosity or system accidents by proper users is often the greatest benefit of a well-designed security system. In a system without good security features, a user might unintentionally delete an important file. A well-designed security system helps prevent this type of accident.
- Who should be responsible for security on my system?
Answer: Different companies take different approaches to security. Sometimes programmers have responsibility for all aspects of security. In other cases, the person who manages the system is also in charge of security. To determine who should be responsible for security on your system or systems, consider the suggested approach of:
- Your method of planning security depends on whether your company purchases or develops applications. If you develop your own applications, communicate your security needs during the development process. If you purchase applications, understand and work with the application designer. In both cases, the people who design applications should consider security as part of the design.
- Your method of planning resource security depends on whether your company purchases or develops applications. If you develop your own applications, communicate your resource security needs during the development process. If you purchase applications, understand and work with the application designer. In both cases, the people who design applications should consider security as part of the design.
- Why should I customize security on my system?Answer: A small system might have three to five users that run a few applications. A large system might have thousands of users on a large communications network running many applications. You have the opportunity to change many things about how the system looks to your users and how it performs.
When your system first arrives, you probably will not need or want to do very much customizing. IBM ships your system with initial settings, called defaults, for many options. These defaults are the choices that usually work best for new installations.Note: All new systems ship with a default security level of 40. This security level ensures that only users who you have defined can use the system. It also prevents potential integrity or security risks from programs that can circumvent security.
However, if you do some customizing, you can make your system a simpler and more effective tool for your users. For example, you can make sure that a user always gets the correct menu when signing on. You can make sure that every user’s reports go to the right printer. Your users will feel that more confident about the system if you do some initial customizing to make it look and feel like their own system.
Questions customers should ask themselves
- Have I clearly defined my company’s business requirements?Answer: To plan and set up security on your systems effectively, you must first know what your business requires to function effectively and efficiently. You need to understand how your systems will be used within your company. For example, systems that contain critical applications, such as databases that contain your company accounts, would need higher level of security than systems used for testing products within your company.
- What assets do I want to protect?Answer: Your business assets comprise not only the physical systems that you manage, but also the data and information that is stored on them. To minimize theft and tampering, you need to create an inventory of your systems and the information that they store.The amount of security you need depends on the type of information stored on that system, the sensitivity of that information, and the consequences to your business if that data is stolen or compromised. Understanding the risks that your systems may face allows you to more effectively manage security on your systems.
- Do I have a company policy regarding security?Answer: A security policy defines your company’s requirements for protecting your company’s resources, responding security-related incidents, and conducting secure business transactions with remote employees, business partners, and public customers. This security policy should entail physical security of your systems, network security issues, such as Internet access for employees, and measures for assessing and monitoring security on your systems. Think of your security policy as your foundation for all your security decisions. Your security policy needs to reflect your core business values, but also be flexible enough to accommodate future business demands.
- Do my employees have or need access to the Internet?Answer: Today, most companies see the need to allow employees access to the Internet to conduct research and respond to customers related to daily operations of their businesses. Whenever you connect your systems and users to the Internet, your internal resources are at risk of an attack. To protect your network from these risks that are associated with Internet use, you need to decide which network services will be allowed, how users will connect to the Internet, and how network security will be monitored in your network. Any decisions you make regarding the Internet and its use needs to be clearly defined and communicated to employees within your security policy. It is important to ensure that all your employees understand and sign a compliance agreement with these policies. Although implementing a network security policy is beyond the scope of this topic, you should include information regarding network security in your overall security policy.
Multiple Choice questions
http://www.indiabix.com/networking/security/
http://highered.mheducation.com/sites/0072967757/student_view0/chapter1/multiple_choice_quiz.html
| 2. | Which command would you use to apply an access list to a router interface? | |||||||
Answer: Option C Explanation: To apply an access list, the proper command is ip access-group 101 in. |
| 3. | Which of the following is an example of a standard IP access list? | |||||||
Answer: Option B Explanation: Standard IP access lists use the numbers 1-99 and 1300-1999 and filter based on source IP address only. Option C is incorrect because the mask must be in wildcard format. |
| 4. | You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of the following lists will you use? | |||||||
Answer: Option C Explanation: The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one less than the block size. |
| 5. | You are working on a router that has established privilege levels that restrict access to certain functions. You discover that you are not able to execute the command show running-configuration. How can you view and confirm the access lists that have been applied to the Ethernet 0 interface on your router? | |||||||
Answer: Option D Explanation: The only command that shows which access lists have been applied to an interface isshow ip interface Ethernet 0. The command show access-lists displays all configured access lists, and show ip access-lists displays all configured IP access lists, but neither command indicates whether the displayed access lists have been applied to an interface. |
Email and Messaging Threats (spam, phishing, instant messaging) Get Started
Bring yourself up to speed with our introductory content
-
Login credential security: How to defend against tabnapping
Tabnapping can be used to capture user login credentials. Enterprise threats expert Nick Lewis explains how to defend against the risk. Continue Reading
-
Social Engineering Penetration Testing
In this excerpt of Social Engineering Penetration Testing, the authors outline what phishing attacks are and outline how these attacks work using multiple real-world examples. Continue Reading
-
Whaling attacks: Taking phishing attacks to the next level
Whaling attacks take phishing to the next level with much bigger targets. Enterprise threats expert Nick Lewis explains how to mitigate the risk. Continue Reading
View All Get Started
Evaluate Email and Messaging Threats (spam, phishing, instant messaging) Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
How can phishing attacks that use proxy programs be stopped?
Phishing attacks are adopting new functionality to avoid detection, including the use of proxy programs to simplify the attack process. Learn how to defend against this type of risk. Continue Reading
-
Is global email an enterprise email security risk?
Ubiquitous global email is right around the corner. But what effect will it have on enterprises? Expert Michael Cobb explains. Continue Reading
-
How can malware using bulletproof hosting sites be stopped?
Expert Nick Lewis explains what bulletproof hosting is and how enterprises can best defend against malware that uses it as part of its attack scheme. Continue Reading
keyword:
Desktop Repair in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Laptop Repair in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Clean My PC in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Clean My Desktop in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Clean My Laptop in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
PC Pop up (popup) in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Clean My PC in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Microsoft Word, Excel, Office Program in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Fix My Internet (not working) in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Computer/PC/Laptop Clean up Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
New Windows Installs, Format My Windows in Manukau 09 390 9555, Auckland, Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
Free Software Intalls (Office+Excel) in Manukau 09 390 9555, Auckland (AKL), Papatoetoe, Otahuhu, Otara, Mount Wellington, Mangere, Ellerslie, Panmure, Auckland CBD
