084: How can I protect my computer from cyberattacks?
Cyber threats to your computer come in many forms: viruses, worms, trojans, attacks on badly written programs, and social-engineering efforts (like "phishing") are but a few. In general, you can keep your computer, computer accounts, and your identity relatively secure with just a bit of work. Here are some suggestions for maximizing your security:
- Educate yourself. Find web sites that research and promote Security Awareness (http://ccit.mines.edu/CCIT-Awareness) and understand the threats to your computer.
- Use an antivirus program and keep it up to date. Free antivirus software is available to the entire Mines community, for both Mac and Windows operating systems. For instructions on how to download, install, and configure the software, see the Mines Symantec Endpoint Protection (http://ccit.mines.edu/CCIT-Antivitus) web page. Most Linux distributions provide the free ClamAV (http://www.clamav.net) program to users.
- Many attacks occur when software vulnerabilities are not patched. Make sure that your programs, especially ones related to network functions like web browsing and email, are kept patched and up to date. While most operating systems now update software automatically, this may not always be the case. To manually update your system in Windows, choose the Windows Update option from the Start menu. In Mac OS X click the Apple icon at upper-left of the desktop and select App Store, then choose the Updates tab. In Ubuntu Linux, use the installed Software Updater program (or the command-line apt or apt-get command). Other Linux programs have similar update tools.
- Use a personal firewall on your own computer. Though most campus systems, and the campus network, are protected by firewalls, some are not. Windows includes a pre-installed, pre-configured firewall; make sure that it is activated. To do so, Windows users may choose the Windows Firewall application in Control Panel. In Mac OS X System Preferences, click the Security option and the Firewall tab to turn on your firewall. While relatively secure by default, Linux users have various firewall options using IPTables and other methods. Caution: Two firewalls should generally not be installed on your computer at the same time. While they will sometimes -- but not always -- coexist happily, this may at least slow your computer noticeably.
- Never give anyone -- even someone you know and trust -- your username or password, or other personal information. In fact, you agree not to do so when you sign your Mines network access form. Sharing a password is a violation of Mines policy that can lead to termination of your campus computing privileges. Social engineering, or the act of convincing computer users to surrender crucial data through personal contact and persuasion, is as powerful a security risk as any of those cited above. Mines staff will never ask you for your password, though you may be asked to type it in yourself if a support person is working on your computer. Be on the lookout for emails with misspellings, grammatical errors and obvious misuse of English -- all signs of a fraudulent contact. Official email warnings to Mines computer users from CCIT can be verified at http://inside.mines.edu/verify.
- Use secure versions of common software programs. Telnet and FTP are insecure, and obsolete, because they transmit credentials over the Internet in plain text. Instead, use SSH and SFTP programs, for those tasks. (Search FAQfinder for more information on SSH and SFTP.)
- Caution! Do not try to enable or disable firewalls on computers in Mines labs.
- If you believe your password has been hacked, phished, or otherwise compromised -- or even if it is just getting old -- change it! Mines will require you to change your MultiPass password every six months in any case and you will receive an email notification when a password change is due. To change your Mines MultiPass use the password-change tool at https://identity.mines.edu.