Security and Tuning

Ensuring the security of your information is a continual process and also your responsibility as a computer user.

How to Protect Your Computer

Computer Security:

Why should I do it?

Ways to be aware:

Computer Tuning

The internet is full of viruses, trojans, malware, and spyware. Keeping your computer safe from these is very important.

Update Operating System

Whether you are using a Mac or PC, updating your operating system is very important. Updates are released on a regular basis to help protect your computer and to keep it running smoothly.

PC - How to install updates for...

Mac - How to update your Macintosh OS X

Update Web Browser

Your web browser is your gateway to the internet and is often times the entry point for computer viruses. It is therefore important that you frequently check for updates to your browser.

Internet Explorer - Updates are includes as part of your Windows updates

Google Chrome -

Mozilla Firefox -

Safari - Safari updates are included with Mac OS X updates. To update you Mac, go here.

Some Safe Browsing practices

  1. Update anti-virus and anti-malware programs
  2. Use a firewall program
  3. Never click on pop-ups
  4. Never respond to Spam e-mails
  5. Never open e-mail attachments that you were not expecting. If you are ever in doubt, e-mail the sender to make sure they sent it to you or google the e-mail to see if the attachment is bad.
  6. Never click on links in your e-mail. Instead, copy/paste the URL into your web browser to ensure that the link is not redirecting you unexpectedly. For an example of URL mis-direction, view this image.
  7. Avoid using peer-to-peer (P2P) network programs.
  8. Avoid using your personal e-mail address for random registrations. If you are browsing the web and come accross a form that you want to fill out, but you are not sure what it will do, you may want to use a throw away email address to fill it out with. View these Google search results for some Disposable Email services (Note: some sites disallow use of these accounts)
  9. Use programs such as WebOfTrust or McAfee Site Advisor to help avoid sites that are known for infecting computers.

Computer & Software Recommendations

Computer Recommendations

Laptop vs. Desktop

Each has its advantages and disadvantages. Think about what you are going to use it for, how much money you want to spend, and if you want to upgrade it in the future.

Laptops offer mobility, take up less space, and students can also access the OSU wireless network in all residence halls and most buildings on campus. For this reason, most students decide to use a laptop when coming to Oregon State. They are harder to upgrade however, and because they are constantly moved around, they tend to wear out faster than desktops.

Desktop computers take up more space and offer little mobility, but are generally faster, and cheaper to upgrade and maintain. They also generally last longer than laptops.

Hardware Recommendations

Computers are constantly changing, so when shopping around for a particular brand/style, it is a good idea to do your research beforehand. The following websites offer good computer reviews and comparisons:

Educational Discounts on Computers

Many computer manufacturers offer discounts for students when buying a new computer. Click on any of the logos below for the educational site for that manufacturer:

Apple Student Discounts

Apple Student Discounts

Lenovo Student Discounts

Lenovo Student Discounts

Dell Student Discounts

Dell Student Discounts

 

 

 

 

 

 

 


Software Recommendations

Operating System Recommendations

The operating system is your computer's most important piece of software, because it is in charge of running all the other programs that you need, and making sure those programs interact well with your computer hardware. For security and stability reasons, we always recommend that you run the latest version of your preferred operating system:

  • Windows: This is the most common operating system if you own a PC. Windows 10 is the latest version of Windows, but Windows 8, 7 and Vista will also work on ResNet.
  • OS X: This is the operating system that runs on Macintosh computers, and all versions will also work on ResNet.

A Note About Linux: Most flavors of Linux should also work on ResNet. Please be aware that the OSU Computer Helpdesk does not support Linux, so any errors you may have on the network will have to be solved on your own.

Educational Discounts on Software

There are several educational discounts available for software. See our Software page for more information.

MAC Address

Your devices Network Adapter Address must be registered in order to receive network access. The Adapter Address is a unique number associated with your device's network adapter. It is also called a Physical Address, Hardware Address, Ethernet ID or MAC address on various systems. This MAC address should be registered in OSU_Secure or ResNet for better internet quality once you have followed the instructions to retrieve it.

Choose Your Device

Windows Vista, 7, 8, 10▸

Quick Method▸


  1. Press the Windows Key(windows alt)
  2. Type CMD (A search bar will automatically pop up)
  3. Run the 'Command Prompt' program
  4. Type in the command 'getmac'
  5. This will display each mac address. 


Alternative Method▸


  1. Open the Control Panel.

    Windows Vista & 7: Click Start then Control Panel 
     

    Windows 8: Right Click the Start Menu 
     


  2. Got to Network and Internet, then Network and Sharing Center from the next menu. 
     


  3. Click on the Wireless Connection you are connected to


  4. Go the Details in the Wifi Status window Here you will find your MAC/Hardware Address
     





Apple OS X▸


  1. Click the Apple (upper left corner).  Select System Preferences
     
  2. Select the Network control panel 


  3. Make sure you are viewing your Wireless Connection, and click Advanced


  4. Here you will find your Wireless MAC/Hardware Address
     

Linux▸


Not all Linux distributions are the same but most will have ifconfig installed. 

In a terminal window type ifconfig and return.

You'll see a list of interfaces. Your wireless interface will likely be named wlan0 or wifi0. The wireless MAC address will be in the field labeled HWaddr.

You can also use iwconfig to find your wireless MAC address if you have it installed.


Mobile Devices▸

Android▸


On your android phone, the MAC address can be found under Settings -> Wifi -> Context menu (three dots) -> Advanced -> MAC address (should be visible from this screen).

icon wifi context advanced address

iOS X▸


On your iOS device, your MAC address can be found under Settings -> General -> About -> Wi-Fi- Address.

icon general about address

Table of Other Devices▸



Apple TV
  1. From the main menu, choose Settings
  2. Click About
  3. Look for the MAC address next to "Ethernet ID"
    Alternatively: you may find the MAC address printed on the UPC label on the Apple TV box
Blu-ray Players
  1. Press Home, Setup, and then Network
  2. Choose the Connection Status option
  3. The MAC address should be listed
Nintendo 3DS/XL
  1. Click System Settings
  2. Click Internet Settings
  3. Click Other Information
  4. Confirm Mac Address
Nintendo Wii
  1. Online services have been discontinued, but Netflix etc. should still work
    Start your Wii, without a disc
  2. Click the Wii button at the bottom of the start screen
  3. Click Wii Settings
  4. Go to the Next Set of settings, by selecting the arrow on the right
  5. Click Internet
  6. Select Console information
  7. The MAC Address will then come up on the next page
Nintendo Wii U
  1. Go to System Settings
  2. Tap on the Internet settings button
  3. Select the View MAC Address option
  4. You should now see your Wii U’s MAC address
PlayStation 3  
  1. Start the PlayStation 3 with no disc inserted
  2. Select the System Settings icon and push the "X" button
  3. Select System Information and push the "X" button
  4. The third line will be the MAC Address
PlayStation 4  
  1. From the main menu, select "Settings" (located on the upper right)
  2. Select "Network"
  3. Select "View Connection Status"
  4. Scroll down until the MAC addresses are visible
Roku
  1. From the Roku home screen, select Settings
  2. Then choose About
  3. The MAC address will appear on your screen
    Alternatively: you can find the MAC address on the bottom or back of your Roku.
Roku XD
  1. From the Roku home screen, select Settings
  2. Then select Player Info
Xbox 360
  1. From the Xbox Dashboard, go to My Xbox (select the Xbox logo on the controller)
  2. Select Settings
  3. Select System Settings
  4. Select Network Settings

Operating Systems

Whether you are using a Mac or PC, updating your operating system is very important. Updates are released on a regular basis to help protect your computer and to keep it running smoothly. Below are instructions that you can follow to ensure your computer is up to date!

Mac OS X▸


Apple periodically releases updates and patches that will protect Mac OS X from being attacked by viruses and other malicious programs. Configuring OS X to automatically install these patches will ensure your computer is always protected.

Schedule updates

1. Click on the Apple menu, and choose System Preferences.

Mac Menu

2. In the window that appears, select Software Updates from the System section.

Software Update Icon

3. Check the box by Check for Updates and select Weekly from the pull–down menu.

4. Check the box by Download important updates in the background.


Windows Vista/7▸


Microsoft periodically releases security patches for Windows operating systems. Downloading and installing these updates will help protect your computer from viruses and threats. All you need to install updates on your computer is an active internet connection, and the instructions below:

All of the images below can be clicked on if you need a larger view.

Step 1Start Menu

Click the Start circle at the bottom left of your desktop.

Click the All Programs option at the bottom of the menu.

Step 2Windows Update Link

Click the Windows Update option in this list.

Note: If a link for Windows Updates does not appear in this list, you can always access it by opening up the Control Panel.

Step 3Check for Updates

A separate window should open. When it does, select the Check for Updates option on the left-hand menu. Windows will then go online and check for available updates.

Step 4Updates Results

When the check for updates is finished, Windows will display a screen similar to this one, letting you know how many updates were found.

Note: if no updates are found at this point, you already have all the latest updates installed.

If you notice that the number of updates available and the number of updates selected is different (as it is on the screenshot to the right), or there are optional updates available, you should click on the link to view the list of updates and select any that are missing.

Note: Sometimes Windows will leave certain updates un-selected if they are large and will take longer to install. These are still important updates, and should be installed if you have the time to let your computer sit and install them.

If it already says you have all the updates selected, you can skip to step 6.

Step 5Update List

This screen should display a list of available updates. Check the box at the very top (the one above the list). This will select all the updates in the list for installation.

If you have optional updates available, you can click the Optional tab on the left to view them. If you see things like language packs or toolbars (like the Bing desktop toolbar), you can leave them un-checked because they are optional software. If you see any general updates in this list, it is a good idea to check the box next to them for installation.

Click the OK button when you are finished selecting updates

Step 6Install Updates

You should now be looking at the same screen as Step 4. Click the Install Updates button, and Windows will begin downloading and installing your updates.

Step 7Updates Progress Bar

You will see a progress bar similar to the one on the screenshot to the right. This will show you the current progress. Once the progress bar is full, Windows will be finished installing your updates!

Note: Windows may ask you to restart your computer when updates are done. If it does, it is a good itea to restart right away. Also, if you had a lot of updates to install, you should run through the steps on this page again after your computer restarts, as additinal updates may become available after installation.


Windows 8/8.1▸


Microsoft periodically releases security patches for Windows operating systems. Downloading and installing these updates will help protect your computer from viruses and threats. All you need to install updates on your computer is an active internet connection, and the instructions below:

All of the images below can be clicked on if you need a larger view.

 

Step 1

Click on the start button in the bottom left corner of your desktop.

Then typing in "control panel" once the start menu loads up, then proceed by clicking on the app.

 

 

 

 

 

 

 

 

 

 

Step 2

Find the "Windows Update" link on the control panel.

 

 

 

 

 

 

 

 

 

 

 

 

Step 3

You will want to click on the "updates available" button to select which updates you want to install.

 

Note: you may need to have Windows 'check for updates' first.

 

 

 

 

 

 

 

 

 

Step 4

You can go through and manually select each update you want by pressing the check boxes next to it. Generally it is recommended to just press the box next to 'name' so that you select all of the updates.

You will then want to press Install.

 

 

 

 

 

 

 

 

 

Step 5

Wait for the update bar to finish before turning off or rebooting your computer. 

 

 

 

 

 

 

 

 

 

 

 

Step 6

You have now finished updating your computer for Windows 8 or 8.1!

 

 

 

 

 

 

 

 

 

 

 


Windows 10▸



Step 1

Open the settings app. From here you'll click on update and security.

 

 

 

 

 

 

 

 

 

 

Step 2

From this page hit check for updates.

 

 

 

 

 

 

 

 

 

 

 

 

Step 3

From here it should automatically download and install available updates.

 

 

 

 

 

 

 

 

 

 

Password Security

password securityIn order to keep your information secure you must keep your password secure. The following are not the only ways to keep your password secure, but they are a good start:

  • Use passphrases (see below).
  • Do not keep your password in open and public spaces (no sticky notes on your monitors!).
  • Change your password periodically.
  • Do not use the same password for everything.
  • If you think your password may have been compromised, change it immediately.
  • Never tell anyone your password.

Use a Passphrase Rather Than a Password

Passphrases are more secure than passwords because they are generally longer, making them less vulnerable to attack. They also allow you to remember your credentials, even when they expire frequently. The idea of a passphrase is to use a statement, or motto, rather than a word peppered with odd characters and symbols, as the latter can be difficult to dedicate to memory.

For instance, try:

  • A meaningful statement: "Carp3 Diem!"
  • Directions to a location: "Down Oak, 2nd on the Right"
  • A reference to what you're accessing: "Check1ng my Onid-Mail!" (NOTE: This is an awesome kind of passphrase, as you can customize it for any service you use, protecting your accounts from each other).
  • A catchy jingle: "I don't always use passwords, but when I do"

It is a good idea to add numbers/symbols in place of some letters for common passphrases. That way, it is harder for an outside user to guess your passphrase.

Now you have a password that's already in your memory, and you can recall this new passphrase with greater ease. Of course, you should avoid using passphrase without adding some special characters, as hackers can attack your account with commonly used statements or quotes.

Please Note: Some systems won't accept spaces in a passphrase, while others won't accept a large number of characters. You can contact the OSU Computer Helpdesk with any questions regarding passwords.

Securing Your Computer

The IT staff at OSU strive to keep computers that are infected with malware off of the network, but despite our best efforts, there are infected machines that connect to the network. As part of our ongoing efforts to increase security for the entire OSU community, we have developed the following guidelines.

Before you connect your computer to the OSU network, we recommend that you follow a standard set of procedures for securing your system to ensure that the confidentiality, integrity, and availability of university systems are maintained.

Instructions for Computers

With these small steps, you can greatly increase your personal computers performance and security!

If you have any questions or concerns, feel to call the Oregon State Computer Helpdesk at 541-737-3474

Web Browsers

This section is dedicated to helping you with different web browsers. Just click on your browser and then on the instructions you wish to see! If you have any requests for information, feel free to contact our computer helpdesk either by email, phone, or by clicking the Feedback button at the bottom of the page!

Windows

 Google Chrome▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'History' tab under Chrome
  4. Scroll to the very bottom and click 'Show advanced settings...'
  5. Under the 'Privacy' tab is 'Clear browsing data...'
  6. Choose 'From the beginning of time' in the drop down next to 'Obliterate the following items from:'. Make sure that only 'Cached images and files' and 'Cookies and ...' are checked (unless you want to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Then click on 'New incognito window'

This 'Incognito Window' is extremely useful to see if there is a Chrome extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Under 'Appearance' select 'Show Home Button' and click 'Change'
  4. Add the website you wish to be your homepage, click the box next to it and press 'OK'

This webpage will now open every time you start Chrome!


  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'Settings' tab
  4. Click on the box next to 'Always show the bookmarks bar'

    Your bookmarks bar should appear under the URL box now!

 Microsoft Edge▸

  Clearing Cookies and Cache▸


  1. Click “Hub” Button (three lines)
  2. Click “Clear all history”

  3. Select “Cookies and saved website data” and “Cached data and file”
  4. Click “Clear”


  Entering Private Browsing▸


  1. Click the “Menu” button (three dots)
  2. Select “New InPrivate window”


  Setting a Home Page▸


  1. Click the “Menu” button (three dots)
  2. Click “Settings”

  3. Scroll down to Advanced Settings and click on “Show advanced settings”

  4. Toggle the “Show the home button” on
  5. A box will open that allows you to enter your new home page
  6. Click “Save”


  Showing Bookmark Bar▸


  1. Click the “Menu” button (three dots)
  2. Click “Settings”

  3. Toggle the “Show the favorites bar” on


 Mozilla Firefox▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Options'
  3. Select the 'Privacy' tab
  4. Click on 'clear your recent history' and this box will show up
  5. Click the dropdown arrow and select 'Everything'. Make sure that you only have 'Cookies & Cache' checked (unless you wanted to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'New Private Window'

    This 'Private Window' is extremely useful to see if there is an Firefox extension that is causing problems. It can also help you see if you need to clear your cache and cookies.

  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Options'
  3. Under the 'General' Tab is a field that says 'Home Page'. Add in the website of your choice!

    This webpage will now open every time you start Firefox!

  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Customize'
  3. Click the 'Show / Hide Toolbars' in the bottom left corner.
  4. Make sure that the 'Bookmarks Toolbar' has a check to the left of it. If it does not, then click it once.

Your bookmarks bar should appear under the URL box now!


 Internet Explorer▸

  Clearing Cookies and Cache▸


  1. Click on the cogwheel in the top right corner.
  2. Hover over 'Saftey', then click 'Delete browsing history...'
  3. Make sure 'Preserve Favorites website data' is unchecked and check 'Cookies and website data' and 'Temporary Internet files and website files'
  4. Click the 'Delete' button

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click on the cogwheel in the top right corner.
  2. Hover over 'Saftey', then click 'InPrivate Browsing'

This 'InPrivate Window' is extremely useful to see if there is an extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click on the cogwheel in the top right corner.
  2. Select 'Internet options'
  3. Under the 'General' tab, you can add multiple home pages.

This webpage will now open every time you start Internet Explorer!


  Showing Bookmark Bar▸


  1. Right click just above the 'Back' button
  2. Make sure 'Favorites bar' is checked

Your bookmarks bar should appear under the URL box now!


Mac OSx

 Google Chrome▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'History' tab under Chrome
  4. Scroll to the very bottom and click 'Show advanced settings...'
  5. Under the 'Privacy' tab is 'Clear browsing data...'
  6. Choose 'From the beginning of time' in the drop down next to 'Obliterate the following items from:'. Make sure that only 'Cached images and files' and 'Cookies and ...' are checked (unless you want to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Then click on 'New incognito window'

This 'Incognito Window' is extremely useful to see if there is a Chrome extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Under 'Appearance' select 'Show Home Button' and click 'Change'
  4. Add the website you wish to be your homepage, click the box next to it and press 'OK'

This webpage will now open every time you start Chrome!


  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'Settings' tab
  4. Click on the box next to 'Always show the bookmarks bar'

    Your bookmarks bar should appear under the URL box now!

 Mozilla Firefox▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Preferences'

  3. Select the 'Privacy' tab
  4. Click on 'clear your recent history' and this box will show up
  5. Click the dropdown arrow and select 'Everything'. Make sure that you only have 'Cookies & Cache' checked (unless you wanted to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'New Private Window'

    This 'Private Window' is extremely useful to see if there is an Firefox extension that is causing problems. It can also help you see if you need to clear your cache and cookies.

  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Preferences'
  3. Under the 'General' Tab is a field that says 'Home Page'. Add in the website of your choice!

    This webpage will now open every time you start Firefox!

  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Customize'
  3. Click the 'Show / Hide Toolbars' in the bottom left corner.
  4. Make sure that the 'Bookmarks Toolbar' has a check to the left of it. If it does not, then click it once.

Your bookmarks bar should appear under the URL box now!


 Safari▸

  Clearing Cookies and Cache▸


  1. Click 'Safari' in the top left corner next to the Apple logo
  2. Select 'Clear History...'

  3. Make sure 'all history' is selected, then click 'Clear History'

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click on 'File' in the top left corner next to 'Safari'
  2. Then click on 'New Private Window'

This 'Private Window' is extremely useful to see if there is a Safari problem with cached information.


  Setting a Home Page▸


  1. Click on 'Safari in the top left corner'
  2. Then click 'Preferences...'

  3. Click on the 'General Tab'
  4. Type in your new homepage website address and Close the window

This webpage will never show up every time you open Safari!


  Showing Bookmark Bar▸


  1. Click on 'Bookmarks' in the top left corner of the screen
  2. Then select 'Show Bookmarks'

Safari's version of a 'bookmark bar' is the section that appear on the left side of your browser.



Wireless Troubleshooting - Windows

Wireless Troubleshooting for Windows Based Laptops

For laptops running Windows and having connection issues on campus, refer to these steps.


Launching Command Prompt

Here's how to get there:

For Windows 7:

  1. Click Start.
  2. Type in "cmd" in the search field.
  3. Right click cmd.exe, and run as administrator.

For Windows 8:

  1. Enter the key combination: Win + Q.
  2. Type in "cmd".
  3. Hold Ctrl + Shift, and hit Enter.

Try these quick steps:

  1. Flush Your DNS Cache In Command Prompt:
    1. Enter the following command: ipconfig /flushdns
    2. Hit Enter.
    3. Recheck connectivity
  2. Renew Your IP Address? In Command Prompt:
    1. Enter the following command: ipconfig /release
    2. Hit Enter.
    3. Once the prompt returns, enter ipconfig /renew
    4. Hit Enter.
    5. Recheck connectivity

Other Fixes

The following steps have shown to stabilize connections to OSU_Secure in Windows:

  1. Wireless Certificates:
    1. While connected to OSU_Access(needs to be this network), using Internet Explorer, go to https://csacs2.nws.oregonstate.edu/
    2. Once here, you will be redirected to a Cisco authentication page. You will not need to log in. Just going to this site downloads a certificate you may be missing.
    3. Also go to this address: https://csacs1.nws.oregonstate.edu/ to check for the same certificate, if you didn't receive it from the first link. You won't know if you actually have the certificate or not, but using both addresses gives you a better chance of getting it.
    4. Once you have gone to each, and loaded each page, restart your computer.
    5. Check connectivity now.
  2. Power Properties:
    1. Go to or search for Control Panel.
    2. Click Network and Internet, then Network and Sharing Center.
    3. On the left side of the window, click Change adapter settings.
    4. Right click on your Wireless Adapter(usually Wifi, and connected to a network). Click Properties.
    5. In the new window under the Networking tab, select configure under your wireless adapter name. f. In the new window under the Power Management tab, make sure the box next to "Allow the computer to turn off this device to save power" is unchecked.
  3. Complete Internet Repair Tool:   This software could potentially fix unknown or unseen issues with your connection, working with the software on your computer.
    1. Complete Internet Repair Tool can be found at the author's website here: http://www.rizonesoft.com/complete-internet-repair/
    2. Scroll down the page until you see the Complete Internet Repair (Build 2103), being cautious not to click on supporting ads.
    3. Run this software when connected to OSU_Secure(limited or connected).
    4. Restart your computer and check connectivity now.
  4. Re-Install Your Wireless Adapter Drivers: (assuming you can get a Internet connection elsewhere)
    1. Find the make and model of the laptop, and the wireless adapter make and model if possible.
    2. b. Search the laptop manufacturer's website first for the driver, then the manufacturer's site for the adapter if needed.

Baseline Standards of Care

This document defines the baseline standards of care for Information Systems in use at Oregon State University. Baseline standards of care are system configuration and operational practices and procedures designed to protect the confidentiality, integrity and availability of data housed on those systems.

Standards of Care for Unrestricted Information

Access to Unrestricted Information: No restriction for viewing, copying or printing. Departments determine protocol for modification of information.

Standard Operating Systems

Mobile Devices


(systems utilizing an operating systems designed specifically for mobile devices. Examples would include Android, iOS, Windows Phone, Firefox OS, Sailfish OS, Tizen, Ubuntu Touch OS, Blackberry)

Recommended: Current operating system with updates turned on.

For a list of recommended configuration settings and best practices for securing your mobile device, please visit http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems



Apple OS X systems


Recommended: Patched and officially supported version of the operating system, current antivirus client, and user name and password required for all accounts.http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems



Linux (or similar)


Recommended: Patched/current version of the operating system, current antivirus client (or equivalent), user name and password required for all accounts.



Microsoft Windows (PCs/Workstations)


Recommended: Patched and supported version of the operating system, current antivirus client, user name and password required for all accounts.http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems




Server Operating Systems

Linux (or similar), OS X:


Required: Patched and supported version of the operating system, user name and complex password required for all accounts, all unused services disabled, system dedicated to server functions only (no web browsing, etc.)



Microsoft Windows:


Required: Patched and supported version of the operating system, current antivirus client, login required by GPO, use of service accounts only, complex passwords with minimum length, system dedicated to server functions only (no web browsing, etc.)




Standards of Care for Sensitive Information

Required Standards of Care for Sensitive Information includes all recommended and required standards for Unrestricted Information plus:

Access to Sensitive Information: Viewing and modification restricted to authorized individuals with a business need to know. Copying or Printing of Sensitive Information is limited to legitimate need, with copies limited to individuals with a business need to know.

Access to Sensitive Information is assigned by role pursuant to standards approved by the OSU Data Trustee.

Standard Operating Systems

Mobile Devices


Required: Passcode required, lock screen enabled, notifications on locked screen disabled, device encryption enabled, data on removable devices (SIM, SD card, etc.) encrypted.

Recommended: factory OS intact (jail breaking or rooting not allowed), Bluetooth file sharing disabled.

http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems



Apple OS X


Required: Host-based firewall active, lock screen enabled, auto login disabled, unused services disabled, file and print sharing disabled, OS and applications configured for auto update unless centralized patch management is implemented by the cognizant OSU IT support team, password complexity enabled, remote access restricted.

Recommended: Gatekeeper enabled and configured to allow applications from App Store and Identified Developers only,

http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems



Linux (or similar) workstations


Required: Host-based firewall active, lock screen installed/enabled, auto login disabled, any unused services disabled, file and print sharing disabled, OS and apps configured to auto update unless centralized patch management is implemented by the cognizant OSU IT support team, remote access restricted.

http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems



Microsoft Windows (PCs/Workstations)


Required: Host-based firewall active, lock screen enabled, auto login disabled, unused services disabled, file and print sharing disabled, OS and apps configured to auto update (or suitable alternative), remote access restricted.

http://oregonstate.edu/helpdocs/security-and-tuning/computer-tuning/operating-systems




Server Operating Systems

Linux (or similar), OS X:


Required: Remote access restricted, remote root login disabled, insecure connection services (Telnet, FTP, etc.) restricted, latest stable service software installed (SSH, TLS, etc.), host-based firewall active with unneeded traffic disabled (IPTables or equivalent), access lockout if available from off campus (fail2ban or equivalent), password age and complexity enabled, authentication and security logs enabled with logs retained for a minimum of one month (use of logrotate encouraged), specific logs for server application (mail, web server, dbase) enabled and retained, quarterly vulnerability scan performed and found vulnerabilities addressed.

Recommended: located behind physical firewall or equivalent device.



Microsoft Windows:


Required: Network Level Authentication for Remote Desktop Services (via GPO), Local admin account (and any other well known SIDs) disabled, host-based firewall active with unneeded traffic disabled, password complexity/age enforced by local or GPO, unused services disabled, automated security updates subject to GPO, auditing enabled and security and system logs retained for a minimum of one month, specific logs for server applications (exchange, mssql, etc.) enabled and retained, quarterly vulnerability scan and found vulnerabilities addressed.

Recommended: located behind physical firewall or equivalent device.




Standards of Care for Confidential Information

Standards of Care for Confidential Information includes all recommendations and requirements for Unrestricted Information and Sensitive Information plus:

Access to Confidential Information: Viewing and modification restricted to authorized individuals with a business need to know. Copying or Printing of Confidential Information is limited to legitimate need, with copies limited to individuals with a business need to know, and must be labeled “Confidential.” A signed confidentiality agreement is required, both for accessing and viewing confidential information in any format. 

Access to Confidential Information is assigned by role pursuant to standards approved by the OSU Data Trustee.

Storage of Confidential Information on Paper or other physical media: Physical access to paper documents containing confidential information must be restricted to those who need the information to perform their responsibilities. Appropriate physical security, including door and cabinet locks, must be implemented.

Network Security: Systems housing or regularly accessing Confidential Information must be in isolated network segments, protected with a physical firewall or equivalent using a “default deny” rule set; firewall rule sets, including changes, must be approved by the Office of Information Security. An Intrusion Detection System (IDS) hosted by the Office of Information Security must monitor this segment. Systems within these segments cannot be visible to the entire Internet, nor to unprotected subnets. An inventory of systems authorized to be on that subnet will be kept and the subnet regularly scanned/monitored for unauthorized systems. The Office of Information Security will perform authenticated vulnerability scan of these networks quarterly and will inform cognizant support teams of scan results requiring corrective action; vulnerabilities will be addressed during the next normal patching cycle unless other remediation is established or an exception granted.

Mobile Devices


Required: University-owned device, Locked screen after 5 minutes of inactivity, long passcode, 256-bit symmetric-key device encryption, device must wipe data after 10 failed attempts, the device should have a durable physical or electronic label (or appearing on the lock screen) with contact information sufficient to facilitate an expedient return in the event that a lost device is found, use of sandboxed OS/desktop or sandboxed app for accessing the data or other similar means where the data is never stored on the mobile device, SIM card lock/PIN, location services off, disable cloud synchronization for passwords and data, syncing and backup to university-owned machines only, remote wipe enabled, use of public wireless networks prohibited.



Apple OS X


Required: University-owned device, 256-bit symmetric-key full-disk encryption (FileVault or equivalent), Locked screen saver after 15 minutes of inactivity, all sharing disabled, infrared port disabled, remote management for authorized accounts (OSU IT) only, Firmware password, remote access restricted, use of administrator account for day-to-day access prohibited, require administrator password to access system preferences and install software, password complexity and length (min. of 14 characters), password rotation, Quarterly vulnerability scan and found vulnerabilities addressed.



Linux (or similar) workstations


Required: University-owned device, 256-bit symmetric-key full-disk encryption, Locked screen saver after 15 minutes of inactivity, all sharing disabled, infrared port disabled, remote management for authorized accounts (OSU IT) only, BIOS password, remote access restricted, use of administrator account for day-to-day access prohibited, require administrator password to access system preferences and install software, password complexity and length (min. of 14 characters), password rotation, Quarterly vulnerability scan and found vulnerabilities addressed.



Microsoft Windows (PCs/Workstations)


Required: University-owned device, 256-bit symmetric-key full-disk encryption (Bitlocker or equivalent), locked screen saver after 15 minutes of inactivity, all sharing disabled, infrared port disabled, centralized remote management for authorized accounts (OSU IT) only, BIOS password, remote access restricted, use of administrator account for day-to-day access prohibited, require administrator password to access system preferences and install software, password complexity and length (min. of 14 characters), password rotation, Quarterly vulnerability scan and found vulnerabilities addressed.



Server Operating Systems

Virtual Server Environments: All security controls apply both to the host and guest virtual machines in a virtual server environment. Cannot share the same virtual host environment with guest servers of other security classifications.

Physical Security: Must be hosted in a secure Data Center with Physical Access monitored, logged and limited to authorized individuals 24x7.

Backup Media: All backup media must be encrypted. If stored off-site, a secure location is required.

Linux (or similar), OS X:


Required: Field level encryption for protected fields in database, removable back-up media encrypted using 256-bit symmetric-key encryption, monthly authenticated vulnerability scans performed by Office of Information Security, authentication and security logs retained for six months and made available to Office of Information Security, found vulnerabilities addressed within normal maintenance windows or sooner (based on criticality,) annual security audit.

Recommended: system administrators must possess enterprise-level certification, or an equivalent combination of training and experience, for the operating system version in use. Host-based software IDS/IPS.



Microsoft Windows:


Required: Field level encryption for protected fields in database, removable back-up media encrypted using 256-bit symmetric-key encryption, use of Best Practice Analyzer, security and system logs retained for six months and made available to Office of Information Security, monthly authenticated vulnerability scans performed by Office of Information Security, found vulnerabilities addressed within normal maintenance windows or sooner, based on criticality, annual security audit.

Recommended: system administrators must possess enterprise-level certification, or an equivalent combination of training and experience, for the operating system version in use, host-based software IDS/IPS.




ScreenConnect

Remote connect software is available to approved staff and faculty at Oregon State University. The software, Screen Connect, is compatible with almost all Operating Systems, and should work on the majority of systems people have.

Screen Connect allows a technician to remotely connect to a customer's computer to see what they are seeing, walk them through steps on their computer, or make changes for the customer.

Hosting

  1. Open a browser (preferably Internet Explorer) and head to https://support.oregonstate.edu
  2. Click on the “Login” button in the upper right, and login with your ONID credentials
  3. Under the “Host” page you can create a session by clicking on the “Create Session” button

Where to add a host session

The types of connections

  • Publicly Listed: A session that goes on the bottom of the front page of support.oregonstate.edu that customers can view and click the “Join” button for.
  • Code Protected: A session the tech creates a code for, and the customer may enter the code in the “Code protected” section of the support.oregonstate.edu site.
  • Email Link: The tech enters an email address when creating the session that goes to the customer, and the email has a link that directs the customer to the session (This is a great way to create a private session if needed).

Different ways to join sessions

Downloading and RUNNING the program

When the customer clicks on the “Join” button, or follows the link through the email, they will be prompted with a download. It is important they do not just save the file; they will need to be sure to RUN the file after it is finished downloading. (Customers who use Internet Explorer will automatically be given a Run function, instead of a save function, and will not need to worry about this.) Please note customers without local admin privileges will be required to use Internet Explorer for its Run function.

There are a few additional prompts the computer gives after running the program, including verifying the publisher, and allowing the program to make changes to the computer. You will want to let the customer know to click on allow/run/yes, etc. to complete the setup.

Documentation

For more information about Screen Connect, please see the vendor's documentation: https://www.screenconnect.com/

Update Java

Operating System

 

Windows Vista/7/8/10

  1. Open Computer by either double clicking on the icon on your desktop, or by clicking the start button and then Computer.
  2. Click "Uninstall or change a program" near the top of the window.
    Uninstall or change a program.
  3. Scan through the list and uninstall all Java items.
    Uninstall Java
  4. Browse to http://java.com/
  5. Click the Free Java Download button.
  6. Install the downloaded software.
  7. Close browser windows.

 

Windows XP

  1. Open the Control Panel by clicking Start > Control Panel or Start > Settings > Control Panel.
  2. Click "Add or Remove Programs".
    Add or Remove Programs
  3. Scan through the list and remove all Java items.
    Remove Java
  4. Browse to http://java.com/
  5. Click the Free Java Download button.
  6. Install the downloaded software.
  7. Close browser windows.

 

MAC OS

  1. Open the Apple menu and click Software Update...
     
  2. If your Java program needs updating, the Software Updater with automatically update it.
  3. Close browser windows.

Computer Viruses

What is a computer virus?

A computer virus or malware is a commonly used term to describe all types of malicious software including Trojans, worms, adware, and spyware. Each have slightly different functions, but usually either try and damage the software on your computer, or send information about your computer usage to an outside source over the internet. The details of each type are explained below:

Types of computer viruses

Trojans


A Trojan, as the name suggests, pretends to be something good, like virus scanning software or other useful applications. In reality they run malicious programs in the background that can perform any number of functions, like allowing an outside user to copy your files, see your browsing history, or even take remote control of your computer.



Worms


A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other computers on the network, and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.



Adware


Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Adware is usually seen by the developer as a way to recover development costs, and in some cases it may allow the software to be provided to the user free of charge or at a reduced price. As a result, the advertisements may be seen by the user as interruptions, annoyances or as distractions from the task at hand.



Spyware


Spyware is computer software that is unknowingly installed on a personal computer to collect information about a user, their computer or browsing habits without the user's informed consent. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.



How can my computer become infected?

Unfortunately, there are many ways your computer can become infected. Some of the main causes to an infected computer included: illegally downloading music and movies, clicking on ads, browsing to compromised websites, and in general not being cautious when it comes to web browsing. Be sure to follow the safe browsing habits and remember, it's always better to be safe then to be sorry.

What are the symptoms of a virus?

There is a wide variety of virus symptoms that differ based on what type of infection you have and how far the virus has progressed. A list of common symptoms is listed below:

How can I protect myself?

How can I scan and remove a virus infection?

The first order of business is to get anti-virus software. Students and faculty can download ClamXAV and Windows Defender/Security Essentials for free, but the protection shouldn't stop there. We also recommend downloading other virus scanning tools, here at the OSU Computer Helpdesk we often use Malwarebytes and SUPERAntiSpyware both of which are available for free.

Click HERE to watch a tutorial about running a virus scan with Malwarebytes.

After obtaining the software simply run the program and have it scan for viruses. A good habit to exercise before each scan is to double check that the software's definitions are up-to-date. In order to update the definitions there should be either a tab or button that relates to updating the software, e.g. "Check for Updates online."

Antivirus

http://www.iconarchive.com/show/hex-icons-by-martz90/antivirus-icon.html

Why you need Anti-virus Software:

Anti-virus is a requirement while you are at the university as it is part of the Acceptable Use of University Computing Resources agreement. Anti-virus software is a program designed to protect your computer from computer viruses. Anti-virus software protects your computer’s sensitive data, which includes but is not limited to, personal information, browsing history, and credit cards.

OSU Recommended Anti-virus Software:

Oregon State has made a recommendation for the Windows and Mac computers below (you may use other anti-virus software while on campus). 

For Microsoft Windows computers, we recommend the Windows Defender/Security Essentials anti-virus. It provides browsing protection and daily scans of your computer to continually protect it. To install the software please follow the provided instructions.

For Apple Mac OS X computers, we recommend Sophos as it is compatible with Mac OS X 10.6 and later. To install the software please follow the provided instructions.

Other Anti-Malware Software:

If you are already infected or believe that you have an infection and your main anti-virus software is not finding anything, Oregon State recommends that you use some proven effective options for advanced scanning of your computer.

Alternatively, you can jsut bring your computer into the Service Desk or call OCH. Their information can be found below:

Walkup Serivce Desk

Oregon State Computer Helpdesk

Overview

How can I keep my computer safe from viruses?

Watch what you download. Don't open any unrequested attachments in your email. Don't use file sharing programs, such as Torrenting Apps (uTorrent or BitTorrent). Run a virus scan at least once a week, and update your virus definitions on a weekly basis. If you are using Outlook as your mail client, make sure to get the most up to date patches available for it.


Do I really need to use anti-virus on a Mac?

The answer is yes!

It is a very common misconception that the mac systems are impervious from malware and viruses. There is no technical reason why a Mac computer could not be infected with malware, but the major reason they have not been attacked as much is because there is a smaller population of systems to infect and gain information. A mac computer already has a built in solution for only "known" malware which Apple flags. There is no detection that occurs using heuristics or watching for malicious actions. Also the mac solutions depend on you keeping your computer up to date at all times.

We recommend that you install an anti-malware program such as our recommendation to help make sure that you are keeping yourself protected at all times. To find out more information on our solution please follow this link for Sophos


I have another anti-virus program. Can I use both and get extra protection?▸

No. You will need to uninstall your current anti-virus program or not install our recommendations. Installing both programs simultaneously will cause problems and can make your computer unusable. If you have already installed both, try to uninstall the last one you installed. If your computer isn't bootable, call OSU Computer Helpdesk at 737-3474 and we'll try to help you get it working again over the phone or in person at the Service Desk (2nd floor of the Valley Library by the Circulation Desk).


How do I get a copy?

Click on the links below for tutorials and links to install and setup basic tasks to protect yourself.

For Windows OS:

Windows 8/10:▸


Windows Defender

  • Built-in protection for Windows 8. 
  • Once you uninstall Symantec Antivirus from a Windows 8 computer, Microsoft Defender will start protecting it

Windows Defender for Windows 8, Windows RT, Windows 8.1, and Windows RT 8.1 offers built-in protection against malware. Everytime you turn on your computer, if you have not purchased another version of anti-virus you will be protected wtih this application. You cannot use Microsoft Security Essentials with Windows 8.1, but you don't have to—Windows Defender is already there and ready to go. But if you’re wanting to protect a PC with an older version of Windows, you can use Microsoft Security Essentials to help protect against viruses, spyware, and other malicious software. It offers free real-time protection for your home or small business PCs.


Windows XP/Vista/7:▸


Windows Security Essentials

Microsoft Security Essentials is a free download from Microsoft that is simple to install for Windows 7 and XP, easy to use, and always kept up-to-date through Windows update, so you can be assured your PC is protected by the latest definitions.

Microsoft Security Essentials runs quietly and efficiently in the background so you’re free to use your Windows-based PC the way you want—without interruptions.

If you want to use Microsoft Security Essentials, we recommend that you uninstall other anti-virus software already running on your PC. Running more than one anti-virus program at the same time can potentially cause conflicts that affect PC performance.

Click here for our Instructions for installation and Basic Use of both Microsoft Defender and Security Essentials.



For Mac OS:

Sophos:▸


ClamXav is no longer free
The antivirus now runs under a 30-day trial before becoming a paid service. We recommend you uninstall ClamXav if you have it on your computer, and replace it with Sophos.

Sophos is a virus scanner for Mac OS X that has the capability to identify both Windows and Mac threats.

Sophos can be setup up as passive or active: scan only the files you tell it to or your full hard drive, whichever you favor; you can also choose to schedule weekly scans to keep your computer secure in real time.

Click here for our guide on how to install and use Sophos


Windows Antivirus Installation

For windows computers, we currently recommend the anti-virus that Microsoft provides for free! This AV is the one of the easiest to come by and has one of the most basic installation processes. If you do not currently have an AV on your computer, it is recommended to get this free Microsoft one. If you have another preferred AV then you can continue to use that one instead.

Finding Windows Defender on Windows 8 and 8.1▸

  1. Click on the search bar found in the right upper hand corner
    Initiate Windows search within Windows 8
  2. Begin typing Windows Defender and double click on the Defender icon
    Search for Windows Defender in the Windows 8 search
  3. Defender will activate
    Shown is the current status of your PC within Windows Defender

Installing Microsoft Security Essentials▸

  1. Navigate to http://windows.microsoft.com/en-us/windows/security-essentials-download 
  2. Click on the ‘Download’ button on the left side of the page
    Website preview, "Download Now" should be in the middle and toward the left edge of the screen 
  3. Wait until the download finishes and then double click on the ‘mseinstall.exe’ file that comes up
    When finished downloading, please open the .exe file 
  4. Click the ‘Next’ button to continue the installation
    After opening the install, press "Next >" 
  5. Click the ‘I accept’ button after reading the agreement
    Here are the terms and conditions, accept if you agree 
  6. Click the ‘Next’ button after selecting ‘I do not want to join the program at this time’
    Improvement Program
  7. Leave settings on default, then click on the ‘Next’ button
    Here are some settings on optimizing your security essentials setup 
  8. At this point if you still have a previous anti-virus software on your computer select ‘How do I uninstall other anti-virus and antispyware’ otherwise select ‘Install’ to continue the install
     Press Install > to begin to finish the process.
  9. And select ‘Finish’ to complete the installation process
    Process is now finished 

 

Updating Microsoft Security Essentials▸

  1. Click on the ‘Update’ tab on the top left corner of the window
     Update Tab on MSE
  2. You should now  click on a large button that says ‘Update’
    Update button should be on the left when you open Update on MSE 
  3. Let the client update

 

Running a Scan▸

  1. Make sure your virus and spyware definitions are ‘Up to date’
  2. Select either Quick or Full scan depending on what you want to scan. Then Click ‘Scan now’
    Default home window 
  3. Quick scans checks the areas that malicious software including virus’s spyware and unwanted software are most likely to infect.
  4. Full scan checks all the files on your hard disks and checks all running programs. Depending on your system a Full scan could take over an hour
  5. If during a scan Microsoft securities essentials finds viruses or malware, an 'At Risk' screen will pop up. Your next step is to select ‘Clean PC’
    PC at risk, Clean PC 
  6. Microsoft Security Essentials will then remove the detected issue
    It will work through and find potential threats 
  7. When all of the detected malware is removed you can select ‘close’ and continue browsing
    After cleaning, you should have a verification screen saying that the actions were applied successfully 

 

Uninstalling Microsoft Security Essentials▸

  1. Exit out of Microsoft Securities Essentials and make sure the program is not running 
  2. Under Programs select ‘Uninstall a program’
    Control Panel location in Windows 7 
    Uninstall in the Control Panel, under "Programs" 
  3. Scroll through the list of programs until you find and click on Microsoft Securities Essentials, next you click on ‘Uninstall’ 
     Here is a list of programs you must sort through to find MSE
  4. An Uninstaller will pop up and you will select ‘Uninstall’
    When you find MSE, an Uninstall Wizard will show up. Press Uninstall 
  5. Microsoft Security Essentials is now uninstalled
    After the uninstall process is complete, press finish. 

 


 

Windows XP Alternatives▸

Microsoft has stopped protecting and supporting Windows XP as the system is now well over ten years old. It is recommended that you use a more recent operating system for your machine's own safety.

If you are unable to upgrade your machine's operating system, here is a list of current supported Antivirus software:

Uninstall Symantec Antivirus

Symantec Clean Wipe


Symantec Clean Wipe is a tool designed by Symantec specifically to help uninstall their products. It is recommended that you only use Clean Wipe as a last resort when trying to remove Symantec products and uninstalling them normally through the Control Panel is a much better option when it works.

Download Clean Wipe/Symantec Uninstall App

You will need to authenticate with your ONID Username and prefix your Username with "ONID\"
Operating System Download
Windows Clean Wipe (Uninstaller)
Mac OS X Symantec Uninstall Application

When prompted enter in your username and password, please remember to put your domain before the username (for example, ONID\onidusername in the username field).

Type ONID\yourusername in the username field, and the corresponding password in the password field

Wait for the download to finish

Using the Clean Wipe tool (Windows)

  • Windows 8: Once you unistall Symantec Antivirus your windows Defender will automatically start to protect you computer. 

1.) Open the Cleanwipe file that was downloaded (it should be a .zip file)

 

2.) Copy the files that are inside to your desktop (it may help to put them in a new folder)

Find your download and extract the Cleanwipe files

3.) Run the CleanWipe.exe file that you just copied

Find the files you dragged over from the compressed folder and open CleanWipe.exe

4.) If your computer gives you a pop-up box asking for permission to run CleanWipe, click ‘Yes’

5.) Once the program opens click ‘Next >’

When CleanWipe initiates, press Next />

6.) Check the box to indicate that you accept the terms in the license agreement

7.) Click on ‘Next >’

After reading the terms, please accept and press Next />

8.) Check the boxes next to any products that you want to remove. Most commonly this will be the ‘Client Software’ box on the top of the list.

Select the checkbox for "Client Software"

9.) Click ‘Next >’

10.) Make sure you don’t have any unsaved documents open as the computer will be restarting soon

Check Reboot Automatically

11.) Check the box that reads ‘Reboot automatically’

12.) Click ‘Next >’

13.) CleanWipe will now run through and uninstall Symantec

Wait until the process says, "Removal completed successfully"

14.) Once the removal finishes (a message that reads ‘Removal completed successfully’ will show up) click ‘Next >’

15.) Click ‘Finish’

16.) The computer should now restart. If it doesn’t restart automatically be sure to do restart it yourself

17.) Once it reboots make sure that all Symantec products are removed from the computer

Press Finish once the process has completed

Using the Symantec Uninstall App (OS X)


1.) Run the downloaded application. If your computer warns you against running it since it is an application from the internet just click the ‘Open’ button

Initiate your download

2.) Check the box next to any applications that you want to uninstall (Symantec Endpoint Protection)
Select Symantec Endpoint Protection

3.) When prompted to confirm that you want to delete the software click ‘Uninstall’

Press Uninstall when the confirmation prompt is present

4.) Wait while the application uninstalls Symantec

After initiating uninstaller, let the progress bar go through

5.) Once the uninstall is complete and the log opens up on the screen click ‘Close’

Confirmation of Completiion

6.) You will need to restart your computer to complete the removal process. Make sure that you don’t have any programs or unsaved documents open and click ‘Restart’

Restart your computer

7.) Symantec should now be removed from your computer

-->

OS X Sophos

 

ClamXav is no longer free
The antivirus now runs under a 30-day trial before becoming a paid service. If you still have ClamXav on your computer, you will have to uninstall it before putting Sophos on your computer.

Quick Links:

 

Installing Sophos

  1. Navigate to the Sophos installation page and click on the green 'Download' button on the right-hand side of the page.
     
  2. Enter your name and your email address on the following page, then hit "Submit".
     Registration page for downloading Sophos
  3. Click the blue "Download" button.
      Blue download button on Sophos page
  4. Accept the agreement terms and download the program from the bottom of the page.
    Accept terms to download the program 
  5. Find the installation package in your downloads folder, and double-click on it.
    Find the zipped Sohpos package in your downloads folder 
  6. Your computer will unzip the files into a new folder within your downloads folder. Find the folder called "savosx_he_r" and open it.
     The unzipped Sophos Antivirus folder within the downloads folder
  7. Double-click the .app file to begin the installation.
     Double-click the .app to download the application.
    The installation window should pop up after launching the .app file. 
  8. Once the installation is finished, you should see a shield icon  appear in your Finder toolbar. Now you have Sophos up and ready to help protect your computer at all times.

Scheduling Weekly Scans (Recommended)

This is a recommend step as part of using Sophos as this allows for extra protection while using your computer.

  1. Click on the shield icon in your Finder toolbar, and select "Open Scans..."
    The Sophos menu is in the upper right corner 
  2. Expand the Scans window by clicking on "Custom Scans" at the bottom.
     What the Sophos Scans window should look like after expanding the Custom Scans menu
  3. Click on the gear icon Everyone's favorite gear icon in the bottom left and choose "Scan Settings..." from the drop-down menu
  4. Click on the Schedule tab.
    The custom scan settings window 
  5. Tick the box that says "Enable schedule." You can now choose a day and time for your computer to run your weekly scans.
    The scheduling interface within your scan settings
  6. Hit "Done" to save your changes.


Running a Full Scan

Before running any manual full scans, always remember to update Sophos' virus definitions. This helps Sophos better find and quarintine potential virus infections on your computer.

  1. To update Sophos' virus definitions, click on the shield icon in your Finder toolbar and select "Update Now".
    Option to update definitions 
  2. Sophos will now begin to search for any updates it needs through the internet. If it pops up with any updates, make sure to install them.
  3. Once all your virus definitions have been updated, go back to the Sophos shield icon and select "Scan This Mac".
     Option to perform a full scan on your Mac
  4. Your computer will now begin scanning all your files for virus infections. This may take a few hours, depending on how much data is on your computer.

 

Uninstalling Sophos

  1. Search your Mac for "remove". A program called "Remove Sophos Anti-Virus" should appear as the top hit.
    NOTE: If you don't see the "Remove Sophos Anti-Virus" program in your search results, you may need to download the removal tool from the following page.
    Search for the removal tool in Spotlight
  2. Double click the program, and the uninstaller should launch.
    What the uninstaller looks like 
  3. Continue through the uninstaller to completely remove Sophos from your Mac.

Uninstalling ClamXav

Uninstalling ClamXav

  1. Quit out of ClamXav and you will want to make sure that the program is not  running in the background by going to the Apple menu in the top left of the screen and click on the 'Force Quit' option.
    Find ClamXav in the utility bar on the top of the screen, and press Quit ClamXav
  2. In the 'Force Quit' menu check to see if ClamXav is in the list of running programs, if it is click on the ClamXav entry and select the 'Force Quit' button.
    When the Force Quit Applications open, find ClamXav and click Force Quit 
  3. Next is to make sure that the ClamXav is not set to start up when log into your computer by opening System Preferences and clicking on 'Users & Groups' and than clicking on the 'Login Items' section.
    In the System Preferences, find Users & Groups 
     Press Login Items when you're viewing the user
  4. If you see that ClamXav exists in there you will need to remove it by unlocking the panel using the padlock icon at the bottom left corner of the screen. Then you will need to click on the ClamXav entry and selecting the '-' button. This should remove the entry from your start ups and you may just exit out of those windows.
     If you see the program in there, press the minus to take it out of the login items
  5. Now you will have to fully remove ClamXav from your computer. To do this you will either need to download the uninstaller package here, or the original install file from clamxav.com and double click on the downloaded file. There will be a script called 'ClamAv Engine Remove' which you will need to run by double clicking. Once the script finishes you will have completely removed the application.
    When you redownload the installer and mount the drive, you'll find the REMOVER script.

Protection for your Mobile Device

Protection and Best Practices For Your Phone

The iTunes and Google Play stores have many applications. They have a few that could save your privacy on your phone. These applications help protect your phone from malicious applications and downloads. Google and Apple also have testing policies in place that try to protect you from downloading those malicious applications.

Best Practices for securing your personal mobile devices:

Android & iPhone Mobile Device Security Recommendations:

Spam Phone

  • Sophos Mobile Security – Free application that will scan your applications and notify you of potentially unwanted applications. It also notifies you when an application is accessing your personal data such as your address book and gives you advice on how to improve your security settings on the device.

  • Lookout Mobile Security – Free application that will scan your applications and notify you of potentially unwanted applications. It will also block malicious websites from loading your phone. Another feature is that it has a built in find my phone option which will make your phone announce itself so you can easily find it. There are other features which are included in the premium upgrade.

 

 

If you would like to find out about other options please use this website to see the recent AV Mobile Test Results:http://www.av-test.org/en/home/?avtest%5Btype%5D=9&avtest%5Bplatforms%5D=10-7,9-8-6

 

CryptoLocker - Dangerous ransomware

What is CryptoLocker?

CryptoLocker is malicious software that encrypts your data files (word, powerpoint, pictures, music, videos, etc.). The nefarious individuals then hold your data for ransom and try to extort money from you.

 

What computers are at risk?

All computers using Windows XP 2, Vista, 7, 8 and 8.1. This includes any Apple or Linux based computers running Windows in a virtual environment like Bootcamp, Parallels or VMWare.

 

What is encryption?

Encryption encodes your data so only you and authorized people or authorized websites can read the data. Example – When you use a banking website that has “https” in the address bar, the information you transmit to and from that website is encrypted/encoded.

 

Why is it dangerous?

The encryption designed to safeguard your data is used against you when CryptoLocker infects your computer. Your data files are encrypted with a unique key that only the malicious people/hackers have access to. Encryption can not be broken at this point in time without the key. When your data is encrypted and the key is lost, the data is essentially lost forever.

 

How can I protect my data?

  1. Backup your data to another location (network drive, external hard drive, cloud storage, etc.)
    1. Disconnect that drive when you are NOT backing up your data to it.
  2. Consider paying for an online backup solution.
  3. Disconnect all drives that you are not actively using.

What if I think my computer is infected?

  1. Disconnect the computer immediately from ALL networks, wired or wireless.
  2. Contact the proper IT support group.

How can I avoid the malware infection?

  1. Don't go to online porn sites, which are often the source of malware downloads. 
  2. Take care when clicking on adverts; never open Twitter links and attachments from people you don't know or trust.
  3. Personally owned computers - 
    1. Download and run the CryptoPrevent tool - http://www.foolishIT.com/download/cryptoprevent/ 
    2. More info about that tool can be found here - http://www.foolishIT.com/vb6-projects/cryptoprevent/
  4. Do not download files from Torrenting services. These files are often bundled with malware infections.
  5. Use safe web browsing habits - http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/safe-browsing-habits

How can I protect my computer?

  1.  Make sure your operating system is up-to-date with the latest security patches. http://oregonstate.edu/helpdocs/safety-and-security/securing-your-computer
  2. Install the latest versions of your internet browsers and update add-ons such as Java and Adobe Flash. Using a program like Secunia PSI to keep up with those updates is useful.
  3. We suggest installing antivirus software, like ClamXAV for Mac OS and Windows Defender / Security Essentials for Windows, all available for free. Ensure that is updated frequently. Configure it to scan your computer on a weekly basis.
    1. Personal computers - http://oregonstate.edu/helpdocs/software/recommended-software/symantec-endpoint-protection
    2. OSU owned work computers are supported by IT staff. If you have questions about that, please contact your IT support group.

Other sources of helpful information about CryptoLocker

  1. http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information 
  2. http://en.wikipedia.org/wiki/CryptoLocker
  3. Kaspersky Virus Removal Tool from the following page, requires request form: http://www.kaspersky.com/free-virus-removal-tool
  4. Test tool from BleepingComputer - checks your files to see if they have been encrypted: http://download.bleepingcomputer.com/grinler/ListCrilock.exe

Fake AntiVirus Warnings

Examples of Fake Warnings

Here are two screenshots of fake warnings. Click an image to view at full size.

If you see a popup like one shown here, your computer may already be infected. Shut it down and take it to the OSU Computer Helpdesk or your IT support staff to resolve the issue.

fake security warning

fake antivirus example

About Fake AntiVirus Warnings

Bad guys prey upon people's fears to steal their money and information. One of their favorite tricks is to tell people that their computer is (or might be) infected, and they are relying on you to respond in a manner that installs a virus on your computer.

In some cases, your computer may already be infected before you see the popup. The safest thing to is shut it down and take it to the OSU Computer Helpdesk or your IT support staff to resolve the issue.

But you can protect yourself before you're affected.

Protect Yourself Before You're Affected

There are three big ways to protect yourself before you're affected.

  1. Download free antivirus software, and keep it up to date (free for home use, too).
  2. Enable your web browser's phishing protection settings, usually found under "Tools" or "Preferences" or "Settings." Call the OSU Computer Helpdesk at 541-737-3474 if you're not sure how to do this.
  3. Get to know the look of pop up messages from your current AV software. If you know what you are looking for, you are much harder to fool. Take note of the name and icon of your anti-virus software and click on pop ups that only come from that program.

There are a few additional steps you can take.

What If I Do See A Warning?

A few things to check for if you are unsure about the message are:

  1. Close and quit the web browser (Chrome, Internet Explorer, Firefox, Safari, etc.) immediately. Do NOT click on OK or cancel. Even a button that says "close" can be deceiving.
  2. Does closing your internet browser make the virus alert go away? Often the pop up window is really embedded on an internet page so if you close your browser it will go away. Alerts like this should always be avoided.

If you think you may have accidentally clicked on a fake antivirus warning, shut down your computer. Students can bring laptops to the Walkup Helpdesk for malware scans, while faculty and staff should contact their IT support staff.

What Happens If My Computer Gets Infected?

The viruses that get installed can:

  • Trick you into entering your credit card information or passwords or personal information.
  • Steal your bank account information and empty out your account.
  • Send spam messages from your email address.
  • Corrupt or destroy your documents.
  • Allow other, stronger infections into your computer.
  • Crash your computer or slow it to a crawl.
  • Infect other computers both on the Internet and on a local network.

Who to Contact

OSU work computer - Please contact your IT support staff.

OSU Students - Contact the OSU Computer Helpdesk.

Self help options for personal computers


Macintosh Flashback Virus

PLEASE NOTE:

Apple has released a security patch for this virus. If you are using OS X 10.6 or 10.7, make sure and install all available updates for your mac. The patch was released as an Apple update, so installing the update will take care of the virus.

  1. What is the Flashback Virus?
  2. What about the new Flashback variant?
  3. How do I remove the virus if it is on my Mac?
  4. How can I protect my Mac from this and other possible infections?
  5. I'm not sure what my OS is, will this fix work for me? (10.5 users click here)

 

What is the Flashback Virus?

The Flashback virus targets a security hole in the Java software installed on your computer. Java is included with OSX, the operating system on your Mac. The virus is designed to steal personal information in the background without the user noticing, so once your computer is infected, you may not see any difference in the way it runs. To find out if your computer is infected, read the section below.


 

What about the new Flashback variant?

A new variant of the flashback virus has become available. In order to check if your device has this new variant you will need to open a terminal window by either searching for it using the Finder, or by opening Applications->Utilities->Terminal, then typing the following commands:

  • cd /Users/Shared
  • ls -al

You will be looking for any files ending in the extension ".so". There is a pending list of possible files that may be listed in that directory, so far they are:

  • .PCImageEditor.so
  • .AllXilisoftVideo.so
  • .memalloc.so
  • .DocumentConverterdocPrint.so
  • .InternetHistoryKiller.so

There are several other files that may be there, their names and locations are as follows:

  • /Users/Shared/.svcdmp
  • ~/.MACOSX/environment.plist
  • ~/Library/Logs/vmLog

For removal instructions, read the information below:


 

How do I remove the virus if it is on my Mac?

Apple has released a software update that should fix the most common variants of the infection: directions on downloading that update are provided below:

  • Click on the Apple drop down menu in the upper left corner of the screen, and select "Software Update..."
  • Allow the machine to check for updates. There will be an update named Java Update for OS X 2012-003". Install the update!
  • Keep in mind this only covers the most common variants: there are some instances of this virus that won't be fixed by this update. Install ClamXAV if you haven't already, or some type of antivirus protection!

If you do not have ClamXAV installed, you can download and install it from their website.

PLEASE NOTE: The removal process involves running scans and possibly installing programs on your Mac. If you are not comfortable doing this on your own, you can get help on campus:

  • Students and Employees with personally owned computers:
    If you have a Macbook laptop, bring it to the Walk-Up Computer Helpdesk
    in the Valley Library. If you have a desktop, or you are unable to get to campus, you can call the OSU Computer Helpdesk for help over the phone.
  • Faculty with department issued computers:
    Contact your department support group for help

 

How can I protect my Mac from this and other possible infections?

There are several steps you can take to keep your Mac safe from infection.

Keep your Mac (and other programs) up-to-date

All viruses are designed to exploit security holes in different programs, and most updates work on patching these holes as they are discovered. Using out-of-date software makes it easier for infections to target your system.

To check your Mac for Apple updates:

  1. Click the Apple symbol in the upper-left hand corner of your screen
  2. Click the "Software Update" option. This will check for any Apple related updates. It will allow you to install if any updates are found.

To check your Mac for other program updates:

This varies based on what program you are using, but it can generally be found by opening the program, then looking for an "Updates" option in one of the top menus.

Updating your Operating System:

Older Mac Operating Systems (OSX) have additional vulnerabilities that newer versions don't have. The latest versions of Mac OSX are 10.7 and 10.6. You can check which version of OSX you are using by clicking the Apple symbol in the upper-left hand corner of your screen, and clicking on "About this Mac". If you have a version that is below 10.6, you may want to consider purchasing an upgrade for your computer if possible. Contact the OSU Computer Helpdesk for more details.

 

Install an Anti-Virus Program

Everyone is elligible to download free antivirus from ClamXAV. If you need help installing an Anti-Virus program, you can bring your Mac (If it is a laptop) to the Walk-Up Computer Helpdesk in the Valley Library. Note if you are faculty with a department owned Mac, you will need to contact your department support group for help.

 

Practice safe browsing habits when using the internet

Browsing to the wrong website is one of the most common forms of infection. Follow the suggestions on the safe browsing page for safe browsing tips.


 

I'm not sure what OS I use, what fix should I try?


Currently, 10.5 users and earlier are going to have to disable their Java until they can remove the infection, as the new update from Apple doesn't cover their OS. If you're not sure on how to find your OS version, follow the directions below:

  1. From the Apple menu (apple symbol in upper left-hand corner), select "About This Mac".
  2. The resulting window shows your operating system version.
  3. IF you have OSX 10.5 or lower, please use the following directions:
    • Click the Search button in the upper right hand corner, and type in “Java
    • Java Preferences should be the first item that comes up, click on it.
    • On the menu that comes up, uncheck all the boxes. This will disable Java for you.

PLEASE NOTE: If you are using OSX 10.5 or earlier, we highly recommend (for security reasons) that you look into purchasing an update if your computer supports it. If you have questions about updating, contact the OSU Computer Helpdesk.

If you are faculty and using a department issued laptop, you should be eligible for an upgrade through your department. Contact your department support group for help.

Malware Detection at OSU

Oregon State University utilizes a device on our network called FireEye. This device monitors the network for patterns of activity a computer displays when it is infected with malware, or has been compromised by hackers.

When the FireEye device detects signs of malicious activity, it sends an alert to the OSU Computer Helpdesk, who, in turn, sends a notification to the registered owner of the computer. The user is then responsible for contacting the Helpdesk to resolve the issue. This document outlines that notification process.

Please Note: While every attempt will be made to resolve the situation through this process, there may be instances where the availability, confidentiality, or integrity of the OSU network or the data residing therein is placed at risk by the activity discovered on the device. In such cases, network access for that system will be blocked prior to notification.

 

Notification Process

OSU notifies users when a malware infection is detected on their computer. Users must come in for help, or inform the Helpdesk that the infection has been removed.

Notifications include technical details on the infection and give users information on how to clean their own computers. Please note that the notifications will be from security@oregonstate.edu and will be followed with an email from osucomputerhelpdesk@oregonstate.edu detailing options you have to clean your computer.

Network access disabled notification:

If the user does not come in for help or notify the OSU Computer Helpdesk and they continue to receive notifications from security@oregonstate.edu then the user’s network access will be disabled and a notification of the access restriction will be sent.

A user is not typically disabled until after three notifications have been sent, but there are circumstances that will extend the amount of notifications before loss of network access, such as a long period of time between malware notifications from FireEye.

 

Example Malware Notifications

Below are examples of the notification e-mails sent to users, which can be used as reference to ensure these are not fake emails or phishing attempts.

Example from Security:

Hello [Customer Name],


OSU's network security group has detected malware activity originating from your machine.
This is most likely due to a malware or virus infection on your machine.  Please check you
machine for viruses and malware and remove any infections.  If infections are not removed
and further malware related activity is found on your machine, you risk your network
access being disabled until the infection is removed.

Details about the potential infection are listed below:


Details
Malware last detected: [Date] [Time]
IP: [Customer’s leased IP at time of detection]
Hostname: [Customer’s hostname on network]
MAC Address?: [Customer’s Hardware address]
ONID Username: [Customer username]
Zone: [Zone customer’s computer was assigned to]
Malware: [Type of infection detected]
Attacker's Info: [IP address? and port infection is communicating through]

For more details on this infection, visit
https://mil.fireeye.com/edp.php?sname=Trojan.Koredos


For help removing this infection on your own, see
http://oregonstate.edu/helpdocs/protect-your-computer

If you would like assistance removing the infection please contact the OSU Computer
Helpdesk -
Phone: 541-737-3474
(Web: http://oregonstate.edu/is/client-services/och/)

Note: This report is for your information and a copy is provided to the OSU Computer
Helpdesk. 

 

Example from the OSU Computer Helpdesk:

OSU’s Network Security group (security@oregonstate.edu) sent you an e-mail recently informing you about a possible malware infection on your computer. The OSU Computer Helpdesk wanted to check in with you and see if you have been able to remove the infection.

Because network security is a priority for personal and network safety, careful procedures are in place to quarantine potential infections. If no response is received from you after multiple notifications, the Helpdesk will disable your network access. Multiple warnings will be provided before access is disabled and it is easy to restore your network access by contacting the Helpdesk to inform them you have cleaned the infection yourself, or for help removing the infection.

Please be aware that if you clean the infection yourself, you must inform the Helpdesk that the infection is resolved. If  you don't respond to this email and your computer is still reporting as being infected, the Helpdesk will disable your network access after three notifications.

Clean it yourself -

You can also find out more information on how to remove infections here: http://oregonstate.edu/helpdocs/protect-your-computer


If you clean your computer, please respond to this email that you have cleaned your computer. If you receive another notice after reporting that you have cleaned the computer your network access will be disabled and you will be notified.

Students with laptops - 

If you still need assistance, please come to our Walk Up Helpdesk, located on the main floor of the Valley Library. It is open 8AM-9PM Monday through Thursday, 8AM-7PM Friday, and 3PM-7PM Sunday. You can also give us a call at 541-737-3474.


Students with desktop computers living in the dorms -

Call the OSU Computer Helpdesk at 541-737-3474 for guidance and further assistance.


If you do not have an anti-virus program on your computer -


You can get ClamXav on your Mac OS device, or Windows Defender / Windows Security Essentials. If you already have an antivirus program, please use Malwarebytes to double check that you do not have viruses on your system.

How to use Malwarebytes - Malwarebytes download page

Anti-virus software to protect yoru computer

You can go to http://oregonstate.edu/helpdocs/security/viruses for more information on viruses.


Please let us know if you have any questions or concerns.

If you are forwarding your email to another account, please make sure to check your spam folder for the messages we are contacting you about.

Phishing and Fraud

Overview

Phishing attempts are emails that try to ask you for your username and password. They often pretend to be legitimate websites, but will often be on other websites. You can find more information about phishing and how to report it here.

Avoiding e-mail fraud

Due to the widespread use of web bugs in email, simply opening an email can potentially alert the sender that the address to which the email is sent is a valid address. This can also happen when the mail is 'reported' as spam, in some cases: if the email is forwarded for inspection, and opened, the sender will be notified in the same way as if the addressee opened it.

E-mail fraud may be avoided by:

Many frauds go unreported to authorities, due to shame, guilty feelings or embarrassment, but if you ever fall victim to an e-mail fraud that involves theft, either monetary or of your identity, contact the authorities immediately. You could help save many people from the same problem.

Blocking E-mail Spam

Network Engineering uses several tools to help keep spam from reaching your mailbox. Read on for more information about what we are doing to prevent spam, what you can do, and how to keep your address off of spammers' lists.

What is Spam?

Spam is defined as unsolicited, bulk e-mail.  Typically spam comes from strangers - people who have obtained your e-mail address without your permission.  If you signed up for the mailing (intentionally or accidentally), it may be undesirable e-mail, but it is not technically spam.  Likewise, if you have some sort of business relationship with the sender, it is not spam.  So, an e-mail sent to you from your bank, an online service you signed up for, or your department at OSU would not be considered spam. 

Note: Using OSU's e-mail system to send unauthorized bulk mailings is against the Acceptable Use Policy.  For information about how to do a bulk mailing at OSU correctly, please see the Guidelines for Release of E-mail Addresses.

Blocking Spam

Step 1 - Using Filtering On Your Account

Step 2 - Reporting Spam

If Step 1 doesn't stop the spam from coming through, you can report the spam to OSU Network Engineering:

Phish Detection

For more information about phishing, please see the Phishing helpdoc page.

OSU blocks e-mail messages that contain a reply-to address that goes to a known phisher.  If practical, we will also "poison DNS" for links included in phishing e-mails, so that clicking the link will redirect you to a safe page instead. 

If you respond in any way to a phishing e-mail that asks for your username and password, we will disable your account and ask you to reset your password.  OSU has had a significant number of accounts become hacked in the past and these hacked accounts have been used to send hundreds of thousands of spam e-mails to OSU and to the world, causing serious e-mail disruption.

NEVER respond to phishing e-mails!

Where does spam come from?

In the past, most spam came from misconfigured mail servers or proxy servers. But today most spam comes from virus-infected personal computers, hacked e-mail accounts and free e-mail providers.  See the Wikipedia article on Spam for more information about how spammers operate.

One very important thing that you can do in the fight against spam is to keep your computer up-to-date on software patches and anti-virus software. It's also a good idea to run a personal firewall. Use caution when opening e-mails from addresses you don't recognize, and always scan email attachments for viruses. If your computer has become noticeably slower, it's a good idea to run virus-detection software.

Finally: NEVER share your password!

Content Based Filtering Inbox Rules

Inbox Rules can be used to lower the amount of spam received to exchange? email addresses.

  1. Log into exmail.oregonstate.edu
  2. Click on See All Options... from the drop down Options menu
  3.  Click on Orginize E-Mails on the left
  4. Click on New Rule in Inbox Rules tab
  5. Click on More Options
  6. Set the following:
  7. In the 'Specify Words or Phrases' window enter 'X-Spam-Flag: YES' then click on the plus icon and click OK to add the phrase
  8. Select what to do with bad emails

    Select Junk E-mail from the Select folder window
  9. Name the rule and click on Save

Email Filtering

ONID Webmail (Legacy Server)

These instructions do not apply if you receive your ONID email via Google Apps for OSU. Email filtering will not work with ONID if you have your ONID account set to forward to another email account. For more information about forwarding, click here.

Following are directions for setting up Spam Assassin and Mail Filters on ONID:

Spam Assassin

  1. Browse to http://onid.oregonstate.edu/
  2. Click Login To ONID in the left hand column
  3. After logging in, click Manage Mail in the left hand column
  4. If mail forward IS NOT set, you will see a Spam Assassin section on this page
  5. Check the box that says Use Spam Assassin
  6. You may check either or both of the other two boxes at your preference
  7. Click Modify Spam Assassin Settings

Personal Mail Filters

  1. Browse to http://onid.oregonstate.edu/
  2. Click Login To ONID in the left hand column
  3. After logging in, click Manage Mail in the left hand column
  4. If mail forward IS NOT set, you will see a Personal Mail Filters section on this page
  5. You can create a custom mail filter under this section to automatically move emails coming from a certain email address or email domain to a spam folder in your ONID account.
    Caution: If you block a domain, all emails from that domain will be blocked. For example if you block @gmail.com, all emails coming from an @gmail.com email account will be blocked.

 

Outlook 2007

  1. From the main Outlook window, select the Actions menu
  2. Navigate to Junk Email and select Junk Email Options... from the sub menu
  3. From the Blocked Senders tab, click Add
  4. Enter the sender's email address or email domain to block the sender
    Caution: If you block a domain, all emails from that domain will be blocked. For example if you block @gmail.com, all emails coming from an @gmail.com email account will be blocked.
  5. Click OK
  6. Click OK

 

Outlook 2010

  1. From the main Outlook window, click Junk
  2. Select Junk Email Options... from the drop-down
    Junk Email Options
  3. From the Blocked Senders tab, click Add
  4. Enter the sender's email address or email domain to block the sender
    Caution: If you block a domain, all emails from that domain will be blocked. For example if you block @gmail.com, all emails coming from an @gmail.com email account will be blocked.
  5. Click OK
  6. Click OK

 

Outlook 2011 (Mac)

  1. Click the Junk menu, then click Junk E-mail Protection
  2. Select the level ou prefer to use for junk protection (the Low setting is fine for most users)
  3. Click OK

Mac Mail

  1. Select the spam email from the mail list
  2. Click Junk from the toolbar near the top of the window

 

Thunderbird

To customize junk email controls:

  1. From the Tools menu, select Junk Mail Controls

To train Thunderbird:

  1. Select the spam email from the mail list
  2. Click Junk from the toolbar near the top of the window

Reporting Spam & Phishing

Quick Jump Links:

If you would like to report phishing emails, please follow the process below for your particular mail client.

 

OWA - Outlook Web App 

  1. When looking in your inbox, right click on the fraudulent or abusive message.
  2. Click the Forward as Attachment button.
    Attachment
  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

     

Outlook 2011 (Mac)

  1. Select the message in the message pane
  2. Click the Attachment button
  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

 

Outlook 2010 or 2013

  1. Open the phishing email in a new window. This can be done by double clicking on the email. (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click More near the top of the window and select Forward as Attachment

    Outlook 2010
    Forward as Attachment

    Outlook 2013
     

  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

 

Outlook 2007

  1. Open the phishing email in a new window (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click Other Actions near the top of the window and select Forward as Attachment
    Forward as Attachment
  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

Mac Mail

OS X 10.0-10.10:

  1. Right click (two-finger click) on the mail message in your inbox or folder
  2. Select "Forward as an attachment"
  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

Older Versions of Mac Mail:

  1. Open the phishing email (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Under the View menu, select Message and then Long Headers from the sub menu
  3. Click Forward
  4. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

 

ONID - Legacy Webmail Interface

  1. If you still access your ONID mailbox at http://webmail.oregonstate.edu/, then start by logging in here.
  2. Open the phishing email (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  3. Under the Forward menu, select Entire Message
    Forward Entire Message
  4. This will open a new email with the phishing email included as an attachment.
  5. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

 

ONID - Gmail Interface

1. Once you are in the phishing attempt email, click on the little drop down arrow. This will bring up several options.

Drop down arrow in Email

2. Click on the “Show original” option in that drop down menu.

Show Original Link in Drop Down Menu

3.This will open a new tab with a page that looks like this, a lot of text. You will need to copy and paste this text into a new email. An easy way to highlight all of the text is to press the Ctrl button and the A button at the same time. After that you can press Ctrl and C together to copy it. 

New Tab with a lot of Text

4. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

 

Thunderbird

  1. Select the phishing message
  2. Under the Message menu, select Forward As and then select Attachment from the sub menu
  3. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.

Bogus Offers

One of the most prevalent types of email fraud comes of the form of offers that are too good to be true. The fraudulent offer typically features a popular item or service, at a drastically reduced price. Most of these are just an attempt to get your credit card information and if something seems too good to be true, it probably is.

Another type of bogus offer affects people who use Ebay, Craigslist, or any other online retailer for selling their belongings. The typical scam is that a person will contact you offering to pay the full amount, or even more for a rush delivery, but they refuse to pay you until they receive the item for inspection or some other reason.

 

Here are some examples:

Click here to view larger image.

Phishing

What is phishing?

Phishing is an attempt by a person or organization to gain information such as usernames, passwords or credit card information. Once the unauthorized person gathers this information, they can use it to fraudulently purchase items on YOUR credit card, send real or spam e-mail from YOUR e-mail address, or sign up for services in YOUR name. Examples of phishing messages have been compiled to help you identify fake messages. The Phishing page on Wikipedia has more information if you are interested.

Why is phishing dangerous?

Aside from financial loss, phishing can also cost you time, as well as your identity. As said above, once you send your information to a phishing email, someone can start making charges to your name. Not only will you now owe for someone's else's expenditures, you also get to spend hours trying to cancel cards, reverse orders, and try to get your financial life back. This can be very taxing financially, and take a lot of your spare time.

You will also now have a flood of messages from services you've never used before. Accounts for forums, online retailers, lists, just about anything, can start being funneled to your email address. What's worse, the phisher can also spoof your account, and potentially get your account disabled for spamming.

What can I do to protect my personal identity and information?

  • NEVER give your password to ANYONE, including technical support personnel.
  • NEVER respond to spam messages (this validates your address to the spammer and your e-mail address will be FLOODED with SPAM).
  • Read the email critically and ask yourself some questions.
    • Does it make sense?
    • Is the capitalization, grammar, punctuation and sentence structure, correct?
    • Is the email too generic?
    • Why are they asking for my personally identifiable information over an unsecure method of communication, such as e-mail?
    • Why would the administrators of that system need my username, which they already know?
  • Never respond to an email requesting this information.
  • Forward suspicious emails to your support group or call the agency requesting the information; E.g. Bank of America, OSU Federal Credit Union, Computer Helpdesk, etc.
  • Never click on links or images in suspicious emails.
  • Abide by the OSU Acceptable Use Policy you signed, especially the section: "Accounts and passwords may not, under any circumstances, be shared with or used by persons other than the individual(s) to whom they have been assigned by the University."
  • Don't chat up scammers. Read a transcript from a real scam artist to gain further insight.
  • If you are still unsure what to do, contact your computer support group on campus.

What can I do to report a phishing attempt?

If you receive a phishing attempt and would like to report it, please select your email client from the following list for instructions on reporting a phishing attempt.

Phishing examples

Phishing e-mails can arrive in various forms. This page is designed to help you recognize some common features of these attacks.

 

Example 1:

Phishing example 1

1. Reply address is misspelled and to the wrong email domain

The reply email address will almost always be different from the person that appears to be sending the fraudulent e-mail. This is because the person trying to get your account information is hoping you will hit reply and not notice who the email is actually being sent to. If you did respond to one of these emails and realize it later you should change your password immediately.

2. ONID doesn't have anonymous registration

This is specific to just ONID accounts, but any e-mail address that required prior registration information from that organization is NOT "anonymous registration." No email service will ever send you an e-mail stating your account will be deleted unless you respond with account information! If you are unsure about the e-mail server you are using and think they may do something like this, either call or send a email directly to the support team e-mail that is on the website to ensure that it doesn't get sent to a fraudulent individual.

3. We will never ask you for your password, birthday, country, or GAP.

No technical support or e-mail provider should ever ask for any personal information, especially passwords. If you have NOT contacted your e-mail or internet provider for help, be very suspicious of any email you receive claiming to be technical support, because tech support should not contact you unless you have asked for help.

4. Conflicting Information

Many times automated messages are created by pulling different sections of text out of a database and often times the information that gets pulled for the email has conflicting information. Of course both propositions of having your account disabled or deleted in 48 or 24 hours is scary and causes many people to act too quickly. ONID will notify you of account deletion or deactivation at least a couple weeks before anything is done. If an email gives you a deadline within hours or days the chances of it being a scam is greatly increased.

Example 2

Phishing Example 2

1. The from address is something other than the domain of your email address.

If you receive a legitimate email message from an administrator of your email the from address should always have the same domain as your email. For example if you receive something from ONID you know your ONID address is of the form "ONIDusername@oregonstate.edu"so the message should be from somebody@oregonstate.edu". This is a good first check to see if a message is real.

2. There is information in the email that is just wrong.

This is harder to recognize since you may not always know this information but if it looks wrong to you check it out. Usually information like this will be clearly listed on your email providers page and can easily be verified.

3. The message requests information such as username and password

No technical support group will EVER ask for this kind of information by email. If for some reason we need to have you update information we will send a message that simply asks you to go to ONID and sign in yourself to update it. Also be careful of messages that send you a link to update your information since the link doesn't always go where it says. It is always better to type in the address yourself rather than clicking a link!

Requests for Help

The "request for help" type of e-mail fraud takes this form. An e-mail is sent requesting help in some way, but including a reward for this help as a "hook," such as a large amount of money, a treasure, or some artifact of supposedly great value

The modern e-mail version of this scam, known variously as the "Nigerian scam", "Nigerian All-Stars," etc., because it is typically based in Nigeria, is an advance fee fraud. The lottery scam is a contemporary twist on this scam.

Responding to these emails cost someone money and loss of their identity, You can see stories of victims at http://www.google.com/news/search?aq=f&pz=1&cf=all&ned=us&hl=en&q=nigerian+scam.

Examples can be found at fraudgallery.com or you can view the thumbnails below for some basic examples.

Spoofing

E-mail sent from someone pretending to be someone else is known as spoofing. Spoofing may take place in a number of ways. Common to all of them is that the actual sender's name and the origin of the message are concealed or masked from the recipient. For more information, visit http://en.wikipedia.org/wiki/E-mail_spoofing

One very common example of spoofing is when people receive e-mails in their inbox saying that a message could not be delivered to a recipient, even though they do not remember sending that message. In this case, someone has learned what your email is and sent spam e-mails pretending to be from your address and the e-mail address was incorrect and sent a bounce message back to your e-mail address.

The thumbnails below show some examples of spoofed e-mail messages:

Click on image to view full size.

Click on image to view full size.

 

 

 


OSU Alert

What is OSU Alert?

OSU Alert is an emergency notification system that allows our public safety officials to contact students and employees via phone, email and text messaging. In an emergency, the system will try all means of notifying each person via the contact information they have provided. It is important that you enter your contact information by logging into the OSU Alert portal. (See below for help getting started.)

Who can use OSU Alert?

Only OSU students and employees are entered into the system (no affiliates).

How do I access or sign-up for OSU Alert?

You will need to create an account with Blackboard Connect, and then associate that account with your OSU contact information.

The alerts website is brand new, you will need to sign up for an account using the directions below before you can edit your contact information.

 

Opting out of OSU Alert

Contact the OSU Computer Helpdesk through the methods listed on the right "Supported by" block to opt out of OSU Alert.  However, please understand that this system will be the primary means of communication in an emergency and your life may depend on getting information in a timely way.

 

For more information visit http://alert.oregonstate.edu.