Security and Tuning

Ensuring the security of your information is a continual process and also your responsibility as a computer user.

How to Protect Your Computer

Computer Security:

Why should I do it?

Ways to be aware:

Malware

What is computer malware?

A computer virus or malware are a commonly used terms to describe all types of malicious software including Trojans, worms, adware, and spyware. Each have slightly different functions, but usually either try and damage the software on your computer, or send information about your computer usage to an outside source over the internet. The details of each type are explained below:

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Adware is usually seen by the developer as a way to recover development costs, and in some cases it may allow the software to be provided to the user free of charge or at a reduced price. As a result, the advertisements may be seen by the user as interruptions, annoyances or as distractions from the task at hand.

CryptoLocker is malicious software that encrypts your data files with a unique key that only the malicious people/hackers have access to. The nefarious individuals then hold your data for ransom and try to extort money from you. Your data files are encrypted Encryption can not be broken at this point in time without the key. When your data is encrypted and the key is lost, the data is essentially lost forever.

The Flashback virus targets a security hole in the Java software installed on your Mac computer. Java is included with OSX, the operating system on your Mac. The virus is designed to steal personal information in the background without the user noticing, so once your computer is infected, you may not see any difference in the way it runs.

Spyware is computer software that is unknowingly installed on a personal computer to collect information about a user, their computer or browsing habits without the user's informed consent. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.

A Trojan, as the name suggests, pretends to be something good, like virus scanning software or other useful applications. In reality they run malicious programs in the background that can perform any number of functions, like allowing an outside user to copy your files, see your browsing history, or even take remote control of your computer.

A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other computers on the network, and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.

How can my computer become infected?

Unfortunately, there are many ways your computer can become infected. Some of the main causes to an infected computer included: illegally downloading music and movies, clicking on ads, browsing to compromised websites, and in general not being cautious when it comes to web browsing. Be sure to follow the safe browsing habits and remember, it's always better to be safe then to be sorry.

What are the symptoms of a virus?

  • Speed decrease
  • Unexplained freezing/crashing
  • Programs that won’t launch
  • New programs won’t install
  • Computer has trouble booting windows
  • Internet access is blocked
  • Screen saver and other visual settings are changed unexpectedly
  • Unable to open files or folders
  • Files or folders are deleted unexpectedly
  • False pop-ups that appear warning you about viruses
  • Unable to print documents
  • Your hard disk runs out of free space rapidly

How can I protect myself?

  • For a personally owned computer, use an antivirus located here.
  • If your computer is university owned, please talk to your computer support group for assistance.
  • Have an anti-malware program such as Malwarebytes or SUPERAntiSpyware.
  • Keep your computer's operating system up to date.
  • NEVER use file sharing programs to download games, music, movies, TV shows, etc.
  • NEVER click advertisements on the Internet.
  • NEVER respond to SPAM.
  • READ all warnings very carefully.
  • EDUCATE yourself, your friends and family.

(Malware) Detection at OSU

Oregon State University utilizes a device on our network called FireEye. This device monitors the network for patterns of activity a computer displays when it is infected with malware, or has been compromised by hackers.

When the FireEye device detects signs of malicious activity, it sends an alert to the OSU Computer Helpdesk, who, in turn, sends a notification to the registered owner of the computer. The user is then responsible for contacting the Helpdesk to resolve the issue. This document outlines that notification process.

Please Note: While every attempt will be made to resolve the situation through this process, there may be instances where the availability, confidentiality, or integrity of the OSU network or the data residing therein is placed at risk by the activity discovered on the device. In such cases, network access for that system will be blocked prior to notification.

Notification Process

OSU notifies users when a malware infection is detected on their computer. Users must come in for help, or inform the Helpdesk that the infection has been removed.

Notifications include technical details on the infection and give users information on how to clean their own computers. Please note that the notifications will be from security@oregonstate.edu and will be followed with an email from osucomputerhelpdesk@oregonstate.edu detailing options you have to clean your computer.

Network access disabled notification:

If the user does not come in for help or notify the OSU Computer Helpdesk and they continue to receive notifications from security@oregonstate.edu then the user’s network access will be disabled and a notification of the access restriction will be sent.

A user is not typically disabled until after three notifications have been sent, but there are circumstances that will extend the amount of notifications before loss of network access, such as a long period of time between malware notifications from FireEye.

Example Malware Notifications

Below are examples of the notification e-mails sent to users, which can be used as reference to ensure these are not fake emails or phishing attempts.

Example from Security:

Hello [Customer Name],


OSU's network security group has detected malware activity originating from your machine.
This is most likely due to a malware or virus infection on your machine.  Please check you
machine for viruses and malware and remove any infections.  If infections are not removed
and further malware related activity is found on your machine, you risk your network
access being disabled until the infection is removed.

Details about the potential infection are listed below:


Details
Malware last detected: [Date] [Time]
IP: [Customer’s leased IP at time of detection]
Hostname: [Customer’s hostname on network]
MAC Address?: [Customer’s Hardware address]
ONID Username: [Customer username]
Zone: [Zone customer’s computer was assigned to]
Malware: [Type of infection detected]
Attacker's Info: [IP address? and port infection is communicating through]

For more details on this infection, visit
https://mil.fireeye.com/edp.php?sname=Trojan.Koredos


For help removing this infection on your own, see
http://oregonstate.edu/helpdocs/protect-your-computer

If you would like assistance removing the infection please contact the OSU Computer
Helpdesk -
Phone: 541-737-3474
(Web: http://oregonstate.edu/is/tss/och/)

Note: This report is for your information and a copy is provided to the OSU Computer
Helpdesk. (If you are reasonably sure that this report is a false positive, no action or
response is required).

Example from the OSU Computer Helpdesk:

OSU’s Network Security group (security@oregonstate.edu) sent you an e-mail recently informing you about a possible malware infection on your computer. The OSU Computer Helpdesk wanted to check in with you and see if you have been able to remove the infection.

Because network security is a priority for personal and network safety, careful procedures are in place to quarantine potential infections. If no response is received from you after multiple notifications, the Helpdesk will disable your network access. Multiple warnings will be provided before access is disabled and it is easy to restore your network access by contacting the Helpdesk to inform them you have cleaned the infection yourself, or for help removing the infection.

Please be aware that if you clean the infection yourself, you must inform the Helpdesk that the infection is resolved. If  you don't respond to this email and your computer is still reporting as being infected, the Helpdesk will disable your network access after three notifications.

Clean it yourself -

You can also find out more information on how to remove infections here: http://oregonstate.edu/helpdocs/protect-your-computer


If you clean your computer, please respond to this email that you have cleaned your computer. If you receive another notice after reporting that you have cleaned the computer your network access will be disabled and you will be notified.

Students with laptops - 

If you still need assistance, please come to our Walk Up Helpdesk, located on the main floor of the Valley Library. It is open 8AM-9PM Monday through Thursday, 8AM-7PM Friday, and 3PM-7PM Sunday. You can also give us a call at 541-737-3474.


Students with desktop computers living in the dorms -

Call the OSU Computer Helpdesk at 541-737-3474 for guidance and further assistance.


If you do not have an anti-virus program on your computer -


You can get Symantec Endpoint Protection for free with your ONID account. If you already have an antivirus program, please use Malwarebytes to double check that you do not have viruses on your system.

How to use Malwarebytes - Malwarebytes download page

How to install/obtain Symantec endpoint protection - video tutorial of how to install Symantec Endpoint Protection

You can go to http://oregonstate.edu/helpdocs/security/viruses for more information on viruses.


Please let us know if you have any questions or concerns.

If you are forwarding your email to another account, please make sure to check your spam folder for the messages we are contacting you about.

(Malware) Fake AntiVirus Warnings

Examples of Fake Warnings

Here are two screenshots of fake warnings. Click an image to view at full size.

If you see a popup like one shown here, your computer may already be infected. Shut it down and take it to the OSU Computer Helpdesk or your IT support staff to resolve the issue.

fake security warning

fake antivirus example

About Fake AntiVirus Warnings

Bad guys prey upon people's fears, in order to steal their money and information. One of their favorite tricks is to tell people that their computer is (or might be) infected, and they are relying on you to respond in a manner that installs a virus on your computer.

In some cases, your computer may already be infected before you see the popup. The safest thing to is shut it down and take it to the OSU Computer Helpdesk or your IT support staff to resolve the issue.

But you can protect yourself before you're affected.

Protect Yourself Before You're Affected

There are three big ways to protect yourself before you're affected.

  1. Download free antivirus software, and keep it up to date (free for home use, too).
  2. Enable your web browser's phishing protection settings, usually found under "Tools" or "Preferences" or "Settings." Call the OSU Computer Helpdesk at 541-737-3474 if you're not sure how to do this.
  3. Get to know the look of pop up messages from your current AV software. If you know what you are looking for, you are much harder to fool. Take note of the name and icon of your anti-virus software and click on pop ups that only come from that program.

There are a few additional steps you can take.

What If I Do See A Warning?

A few things to check for if you are unsure about the message are:

  1. Close and quit the web browser (Chrome, Internet Explorer, Firefox, Safari, etc.) immediately. Do NOT click on OK or cancel. Even a button that says "close" can be deceiving.
  2. Does closing your internet browser make the virus alert go away? Often the pop up window is really embedded on an internet page so if you close your browser it will go away. Alerts like this should always be avoided.

If you think you may have accidentally clicked on a fake antivirus warning, shut down your computer. Students can bring laptops to the Walkup Helpdesk for malware scans, while faculty and staff should contact their IT support staff.

What Happens If My Computer Gets Infected?

The viruses that get installed can:

  • Trick you into entering your credit card information or passwords or personal information.
  • Steal your bank account information and empty out your account.
  • Send spam messages from your email address.
  • Corrupt or destroy your documents.
  • Allow other, stronger infections into your computer.
  • Crash your computer or slow it to a crawl.
  • Infect other computers both on the Internet and on a local network.

Who to Contact

OSU work computer - Please contact your IT support staff.

OSU Students - Contact the OSU Computer Helpdesk.

Self help options for personal computers

  • Download Malwarebytes. Disconnect from the Internet to run a full scan of Malwarebytes.
  • Run a full scan with the anti-virus program (Sophos, Windows Defender/Security Essentials, Symantec Endpoint protection, McAffee, AVG, Avast) installed on your computer.
    • The full scan can take several hours to complete properly.

OSU Alert

What is OSU Alert?

OSU Alert is an emergency notification system that allows our public safety officials to contact students and employees via phone, email and text messaging. In an emergency, the system will try all means of notifying each person via the contact information they have provided. It is important that you enter your contact information by logging into the OSU Alert portal(See below for help getting started.)

Who can use OSU Alert?

Only people with a current ONID or Unified OSU account.

How do I access or sign-up for OSU Alert?

Your ONID or Unified OSU account and password will allow you to access OSU Alert.

Login to your account with your OSU information:

  1. Browse to the OSU Alert portal.
  2. Login with your ONID or Unified OSU account username and password.
  3. Update and save your contact information.
  4. Close the web browser when complete.

Opting out of OSU Alert

You will always receive an email to your OSU account. OSU needs to be able to contact you about incidents or emergencies that occur on campus. However, any additional contact information that you voluntarily added can be removed via the OSU Alert portal.

You can also contact the OSU Computer Helpdesk for assistance.


For more information visit http://alert.oregonstate.edu.



Antivirus

Why you need Antivirus Software:

Antivirus is a requirement while you are at the university as it is part of the Acceptable Use of University Computing Resources agreement. Antivirus software is a program designed to protect your computer from computer viruses. Antivirus software protects your computer’s sensitive data, which includes but is not limited to, personal information, browsing history, and credit cards.

I have another anti-virus program. Can I use both and get extra protection?

No. You will need to uninstall your current anti-virus program or not install our recommendations. Installing both programs simultaneously will cause problems and can make your computer unusable. If you have already installed both, try to uninstall the last one you installed. If your computer isn't bootable, call OSU Computer Helpdesk at 737-3474 and we'll try to help you get it working again over the phone or in person at the Service Desk.

OSU Recommended Antivirus Software:

University-owned Devices:

OSU is site-licensed for Microsoft SCEP antivirus software on both Windows and Mac OS. If you are not sure whether your OSU-owned device has antivirus software installed, please contact your desktop support team. 

Personally-owned Devices:

For Microsoft Windows computers, we recommend the Windows Defender/Security Essentials antivirus, which is free to use on personal devices. It provides browsing protection and daily scans of your computer to continually protect it.

For Apple Mac OS X computers, we recommend Avira as it is compatible with Mac OS X 10.10 and later. Avira can be found here

Warning: installing Avira on an already infected machine may cause issues involving your computers web browsers. If you suspect your machine is already infected do not install Avira; give us a call or bring it to the service desk. Avira is to be used as a preventative service to keep your machine clean, not to clean an already infected machine.  

Another option for Mac OS X is Sophos.

Other Anti-Malware Software:

If you are already infected or believe that you have an infection and your main antivirus software is not finding anything, Oregon State University recommends that you use some proven effective options for advanced scanning of your computer. Keep in mind that an anti-malware program is different than an anti-virus program; these two types of programs can generally run alongside eachother and not cause the same issue as two anti-virus programs installed on the same computer. 

Alternatively, you may bring your computer to the Service Desk walk-up or call for assistance: IS Service Desk

(AV) Mobile Device

Protection and Best Practices For Your Phone

The iTunes and Google Play stores have many applications. They have a few that could save your privacy on your phone. These applications help protect your phone from malicious applications and downloads. Google and Apple also have testing policies in place that try to protect you from downloading those malicious applications.

Best Practices for securing your personal mobile devices:

Android & iPhone Mobile Device Security Recommendations:

Spam Phone

  • Sophos Mobile Security – Free application that will scan your applications and notify you of potentially unwanted applications. It also notifies you when an application is accessing your personal data such as your address book and gives you advice on how to improve your security settings on the device.

  • Lookout Mobile Security – Free application that will scan your applications and notify you of potentially unwanted applications. It will also block malicious websites from loading your phone. Another feature is that it has a built in find my phone option which will make your phone announce itself so you can easily find it. There are other features which are included in the premium upgrade.

 

 

If you would like to find out about other options please use this website to see the recent AV Mobile Test Results:http://www.av-test.org/en/home/?avtest%5Btype%5D=9&avtest%5Bplatforms%5D=10-7,9-8-6

 

(AV) Mac

Do I really need to use anti-virus on a Mac?

Yes. It is a very common misconception that the mac systems are impervious from malware and viruses. There is no technical reason why a Mac computer could not be infected with malware, but the major reason they have not been attacked as much is because there is a smaller population of systems to infect and gain information. A mac computer already has a built in solution for only "known" malware which Apple flags. There is no detection that occurs using heuristics or watching for malicious actions. Also the mac solutions depend on you keeping your computer up to date at all times.

How do I protect myself?

There are plenty of ways to protect both yourself and your computer; but to make it easier, below you can find a small portion of documents to help you get started:

(Sophos) Installing

Installing Sophos

  1. Navigate to the Sophos installation page and click on the green 'Download' button on the right-hand side of the page.
     
  2. Enter your name and your email address on the following page, then hit "Submit".
     Registration page for downloading Sophos
  3. Click the blue "Download" button.
      Blue download button on Sophos page
  4. Accept the agreement terms and download the program from the bottom of the page.
    Accept terms to download the program 
  5. Find the installation package in your downloads folder, and double-click on it.
    Find the zipped Sohpos package in your downloads folder 
  6. Your computer will unzip the files into a new folder within your downloads folder. Find the folder called "savosx_he_r" and open it.
     The unzipped Sophos Antivirus folder within the downloads folder
  7. Double-click the .app file to begin the installation.
     Double-click the .app to download the application.
    The installation window should pop up after launching the .app file. 
  8. Once the installation is finished, you should see a shield icon  appear in your Finder toolbar. Now you have Sophos up and ready to help protect your computer at all times.

(Sophos) Running a Full Scan

Running a Full Scan

Before running any manual full scans, always remember to update Sophos' virus definitions. This helps Sophos better find and quarintine potential virus infections on your computer.

  1. To update Sophos' virus definitions, click on the shield icon in your Finder toolbar and select "Update Now".
    Option to update definitions 
  2. Sophos will now begin to search for any updates it needs through the internet. If it pops up with any updates, make sure to install them.
  3. Once all your virus definitions have been updated, go back to the Sophos shield icon and select "Scan This Mac".
     Option to perform a full scan on your Mac
  4. Your computer will now begin scanning all your files for virus infections. This may take a few hours, depending on how much data is on your computer.

(Sophos) Uninstalling

Uninstalling Sophos

  1. Search your Mac for "remove". A program called "Remove Sophos Anti-Virus" should appear as the top hit.
    NOTE: If you don't see the "Remove Sophos Anti-Virus" program in your search results, you may need to download the removal tool from the following page.
    Search for the removal tool in Spotlight
  2. Double click the program, and the uninstaller should launch.
    What the uninstaller looks like 
  3. Continue through the uninstaller to completely remove Sophos from your Mac.

(Sophos) Weekly Scans

Scheduling Weekly Scans (Recommended)

This is a recommend step as part of using Sophos as this allows for extra protection while using your computer.

  1. Click on the shield icon in your Finder toolbar, and select "Open Scans..."
    The Sophos menu is in the upper right corner 
  2. Expand the Scans window by clicking on "Custom Scans" at the bottom.
     What the Sophos Scans window should look like after expanding the Custom Scans menu
  3. Click on the gear icon Everyone's favorite gear icon in the bottom left and choose "Scan Settings..." from the drop-down menu
  4. Click on the Schedule tab.
    The custom scan settings window 
  5. Tick the box that says "Enable schedule." You can now choose a day and time for your computer to run your weekly scans.
    The scheduling interface within your scan settings
  6. Hit "Done" to save your changes.

(AV) Windows

Do I really need to use anti-virus on a Windows computer?

Of course. Since the majority of computers in use are Windows machines, most viruses are wrote to attack this operating system. On top of this, antivirus is a requirement while you are at the university as it is part of the Acceptable Use of University Computing Resources agreement. Antivirus software is a program designed to protect your computer from computer viruses. Antivirus software protects your computer’s sensitive data, which includes but is not limited to, personal information, browsing history, and credit cards.

What is recommended?

For windows computers, we currently recommend the anti-virus that Microsoft provides for free! This AV is the one of the easiest to come by and has one of the most basic installation processes. If you do not currently have an AV on your computer, it is recommended to get this free Microsoft one. If you have another preferred AV then you can continue to use that one instead.

How do I protect myself?

There are plenty of ways to protect both yourself and your computer; but to make it easier, below you can find a small portion of documents to help you get started:

(MicrosoftSE) Installing

Installing Microsoft Security Essentials

  1. Navigate to http://windows.microsoft.com/en-us/windows/security-essentials-download 
  2. Click on the ‘Download’ button on the left side of the page
    Website preview, "Download Now" should be in the middle and toward the left edge of the screen 
  3. Wait until the download finishes and then double click on the ‘mseinstall.exe’ file that comes up
    When finished downloading, please open the .exe file 
  4. Click the ‘Next’ button to continue the installation
    After opening the install, press "Next />" 
  5. Click the ‘I accept’ button after reading the agreement
    Here are the terms and conditions, accept if you agree 
  6. Click the ‘Next’ button after selecting ‘I do not want to join the program at this time’
    Improvement Program
  7. Leave settings on default, then click on the ‘Next’ button
    Here are some settings on optimizing your security essentials setup 
  8. At this point if you still have a previous anti-virus software on your computer select ‘How do I uninstall other anti-virus and antispyware’ otherwise select ‘Install’ to continue the install
     Press Install /> to begin to finish the process.
  9. And select ‘Finish’ to complete the installation process
    Process is now finished 

(MicrosoftSE) Running a Scan

Running a Scan

  1. Make sure your virus and spyware definitions are ‘Up to date’
  2. Select either Quick or Full scan depending on what you want to scan. Then Click ‘Scan now’
    Default home window 
  3. Quick scans checks the areas that malicious software including virus’s spyware and unwanted software are most likely to infect.
  4. Full scan checks all the files on your hard disks and checks all running programs. Depending on your system a Full scan could take over an hour
  5. If during a scan Microsoft securities essentials finds viruses or malware, an 'At Risk' screen will pop up. Your next step is to select ‘Clean PC’
    PC at risk, Clean PC 
  6. Microsoft Security Essentials will then remove the detected issue
    It will work through and find potential threats 
  7. When all of the detected malware is removed you can select ‘close’ and continue browsing
    After cleaning, you should have a verification screen saying that the actions were applied successfully 

(MicrosoftSE) Uninstalling

Uninstalling Microsoft Security Essentials

  1. Exit out of Microsoft Securities Essentials and make sure the program is not running 
  2. Under Programs select ‘Uninstall a program’
    Control Panel location in Windows 7 
    Uninstall in the Control Panel, under "Programs" 
  3. Scroll through the list of programs until you find and click on Microsoft Securities Essentials, next you click on ‘Uninstall’ 
     Here is a list of programs you must sort through to find MSE
  4. An Uninstaller will pop up and you will select ‘Uninstall’
    When you find MSE, an Uninstall Wizard will show up. Press Uninstall 
  5. Microsoft Security Essentials is now uninstalled
    After the uninstall process is complete, press finish. 

(MicrosoftSE) Updating

Updating Microsoft Security Essentials

  1. Click on the ‘Update’ tab on the top left corner of the window
     Update Tab on MSE
  2. You should now  click on a large button that says ‘Update’
    Update button should be on the left when you open Update on MSE 
  3. Let the client update

(Windows Defender) Finding it

Finding Windows Defender on Windows 8+

  1. Click on the search bar found in the right upper hand corner
    Initiate Windows search within Windows 8
  2. Begin typing Windows Defender and double click on the Defender icon
    Search for Windows Defender in the Windows 8 search
  3. Defender will activate
    Shown is the current status of your PC within Windows Defender

General Information

The internet is full of viruses, trojans, malware, and spyware. Keeping your computer safe from these is very important.

Update Operating System

Whether you are using a Mac or PC, updating your operating system is very important. Updates are released on a regular basis to help protect your computer and to keep it running smoothly.

PC - How to install updates for...

Mac - How to update your Macintosh OS X

Update Web Browser

Your web browser is your gateway to the internet and is often times the entry point for computer viruses. It is therefore important that you frequently check for updates to your browser.

Internet Explorer - Updates are includes as part of your Windows updates

Google Chrome -

Mozilla Firefox -

Safari - Safari updates are included with Mac OS X updates. To update you Mac, go here.

Some Safe Browsing practices

  1. Update anti-virus and anti-malware programs
  2. Use a firewall program
  3. Never click on pop-ups
  4. Never respond to Spam e-mails
  5. Never open e-mail attachments that you were not expecting. If you are ever in doubt, e-mail the sender to make sure they sent it to you or google the e-mail to see if the attachment is bad.
  6. Never click on links in your e-mail. Instead, copy/paste the URL into your web browser to ensure that the link is not redirecting you unexpectedly. For an example of URL mis-direction, view this image.
  7. Avoid using peer-to-peer (P2P) network programs.
  8. Avoid using your personal e-mail address for random registrations. If you are browsing the web and come accross a form that you want to fill out, but you are not sure what it will do, you may want to use a throw away email address to fill it out with. View these Google search results for some Disposable Email services (Note: some sites disallow use of these accounts)
  9. Use programs such as WebOfTrust or McAfee Site Advisor to help avoid sites that are known for infecting computers.

Computer & Software Recommendations

Computer Recommendations

Laptop vs. Desktop

Each has its advantages and disadvantages. Think about what you are going to use it for, how much money you want to spend, and if you want to upgrade it in the future.

Laptops offer mobility, take up less space, and students can also access the OSU wireless network in all residence halls and most buildings on campus. For this reason, most students decide to use a laptop when coming to Oregon State. They are harder to upgrade however, and because they are constantly moved around, they tend to wear out faster than desktops.

Desktop computers take up more space and offer little mobility, but are generally faster, and cheaper to upgrade and maintain. They also generally last longer than laptops.

Hardware Recommendations

Computers are constantly changing, so when shopping around for a particular brand/style, it is a good idea to do your research beforehand. The following websites offer good computer reviews and comparisons:

Educational Discounts on Computers

Many computer manufacturers offer discounts for students when buying a new computer. Click on any of the logos below for the educational site for that manufacturer:

Apple Student Discounts

Apple Student Discounts

Lenovo Student Discounts

Lenovo Student Discounts

Dell Student Discounts

Dell Student Discounts

 

 

 

 

 

 

 


Software Recommendations

Operating System Recommendations

The operating system is your computer's most important piece of software, because it is in charge of running all the other programs that you need, and making sure those programs interact well with your computer hardware. For security and stability reasons, we always recommend that you run the latest version of your preferred operating system:

  • Windows: This is the most common operating system if you own a PC. Windows 10 is the latest version of Windows, but Windows 8, 7 and Vista will also work on ResNet.
    • Recommended if you need to use MS Project or MS Visio.
  • OS X: This is the operating system that runs on Macintosh computers, and all versions will also work on ResNet.

A Note About Linux: Most flavors of Linux should also work on ResNet. Please be aware that the IS Service Desk can support Linux only on a "best effort" basis, so most errors you may have on the network will have to be solved on your own.

Educational Discounts on Software

There are several educational discounts available for software. See our Software page for more information.

MAC Address

Finding Your Mac Address?

Your devices Network Adapter Address must be registered in order to receive network access. The Adapter Address is a unique number associated with your device's network adapter. It is also called a Physical Address, Hardware Address, Ethernet ID or MAC address on various systems. This MAC address should be registered in OSU_Secure or ResNet for better internet quality once you have followed the instructions to retrieve it.

We have instructions on how to revtreive your mac adress on a number of devices. Select your device below:

  1. Press the Windows Key(windows alt)
  2. Type CMD (A search bar will automatically pop up)
  3. Run the 'Command Prompt' program
  4. Type in the command 'getmac'
  5. This will display each mac address. 
  1. Click the Apple (upper left corner).  Select System Preferences
     
  2. Select the Network control panel 
  3. Make sure you are viewing your Wireless Connection, and click Advanced
  4. Here you will find your Wireless MAC/Hardware Address
     

On your android phone, the MAC address can be found under Settings -> Wifi -> Context menu (three dots) -> Advanced -> MAC address (should be visible from this screen).

icon
wifi
context
advanced
address

On your iOS device, your MAC address can be found under Settings -> General -> About -> Wi-Fi- Address.

icon
general
about
address

  1. From the main menu, choose Settings
  2. Click About
  3. Look for the MAC address next to "Ethernet ID"
    Alternatively: you may find the MAC address printed on the UPC label on the Apple TV box
  1. Press Home, Setup, and then Network
  2. Choose the Connection Status option
  3. The MAC address should be listed
  1. Click System Settings
  2. Click Internet Settings
  3. Click Other Information
  4. Confirm Mac Address
  1. Online services have been discontinued, but Netflix etc. should still work
    Start your Wii, without a disc
  2. Click the Wii button at the bottom of the start screen
  3. Click Wii Settings
  4. Go to the Next Set of settings, by selecting the arrow on the right
  5. Click Internet
  6. Select Console information
  7. The MAC Address will then come up on the next page
  1. Go to System Settings
  2. Tap on the Internet settings button
  3. Select the View MAC Address option
  4. You should now see your Wii U’s MAC address
  1. Start the PlayStation 3 with no disc inserted
  2. Select the System Settings icon and push the "X" button
  3. Select System Information and push the "X" button
  4. The third line will be the MAC Address
  1. From the main menu, select "Settings" (located on the upper right)
  2. Select "Network"
  3. Select "View Connection Status"
  4. Scroll down until the MAC addresses are visible
  1. From the Roku home screen, select Settings
  2. Then choose About
  3. The MAC address will appear on your screen
    Alternatively: you can find the MAC address on the bottom or back of your Roku.
  1. From the Roku home screen, select Settings
  2. Then select Player Info
  1. From the Xbox Dashboard, go to My Xbox (select the Xbox logo on the controller)
  2. Select Settings
  3. Select System Settings
  4. Select Network Settings

ScreenConnect

Remote connect software is available to approved staff and faculty at Oregon State University. The software, Screen Connect, is compatible with almost all Operating Systems, and should work on the majority of systems people have.

Screen Connect allows a technician to remotely connect to a customer's computer to see what they are seeing, walk them through steps on their computer, or make changes for the customer.

Hosting

  1. Open a browser (preferably Internet Explorer) and head to https://support.oregonstate.edu
  2. Click on the “Login” button in the upper right, and login with your ONID credentials
  3. Under the “Host” page you can create a session by clicking on the “Create Session” button

Where to add a host session

The types of connections

  • Publicly Listed: A session that goes on the bottom of the front page of support.oregonstate.edu that customers can view and click the “Join” button for.
  • Code Protected: A session the tech creates a code for, and the customer may enter the code in the “Code protected” section of the support.oregonstate.edu site.
  • Email Link: The tech enters an email address when creating the session that goes to the customer, and the email has a link that directs the customer to the session (This is a great way to create a private session if needed).

Different ways to join sessions

Downloading and RUNNING the program

When the customer clicks on the “Join” button, or follows the link through the email, they will be prompted with a download. It is important they do not just save the file; they will need to be sure to RUN the file after it is finished downloading. (Customers who use Internet Explorer will automatically be given a Run function, instead of a save function, and will not need to worry about this.) Please note customers without local admin privileges will be required to use Internet Explorer for its Run function.

There are a few additional prompts the computer gives after running the program, including verifying the publisher, and allowing the program to make changes to the computer. You will want to let the customer know to click on allow/run/yes, etc. to complete the setup.

Documentation

For more information about Screen Connect, please see the vendor's documentation: https://www.screenconnect.com/

Update Java

Operating System

 

Windows Vista/7/8/10

  1. Open Computer by either double clicking on the icon on your desktop, or by clicking the start button and then Computer.
  2. Click "Uninstall or change a program" near the top of the window.
    Uninstall or change a program.
  3. Scan through the list and uninstall all Java items.
    Uninstall Java
  4. Browse to http://java.com/
  5. Click the Free Java Download button.
  6. Install the downloaded software.
  7. Close browser windows.

 

Windows XP

  1. Open the Control Panel by clicking Start > Control Panel or Start > Settings > Control Panel.
  2. Click "Add or Remove Programs".
    Add or Remove Programs
  3. Scan through the list and remove all Java items.
    Remove Java
  4. Browse to http://java.com/
  5. Click the Free Java Download button.
  6. Install the downloaded software.
  7. Close browser windows.

 

MAC OS

  1. Open the Apple menu and click Software Update...
     
  2. If your Java program needs updating, the Software Updater with automatically update it.
  3. Close browser windows.

Wireless Troubleshooting - Windows

Wireless Troubleshooting for Windows Based Laptops

For laptops running Windows and having connection issues on campus, refer to these steps.


Launching Command Prompt

Here's how to get there:

For Windows 7:

  1. Click Start.
  2. Type in "cmd" in the search field.
  3. Right click cmd.exe, and run as administrator.

For Windows 8:

  1. Enter the key combination: Win + Q.
  2. Type in "cmd".
  3. Hold Ctrl + Shift, and hit Enter.

Try these quick steps:

  1. Flush Your DNS Cache In Command Prompt:
    1. Enter the following command: ipconfig /flushdns
    2. Hit Enter.
    3. Recheck connectivity
  2. Renew Your IP Address? In Command Prompt:
    1. Enter the following command: ipconfig /release
    2. Hit Enter.
    3. Once the prompt returns, enter ipconfig /renew
    4. Hit Enter.
    5. Recheck connectivity

Other Fixes

The following steps have shown to stabilize connections to OSU_Secure in Windows:

  1. Wireless Certificates:
    1. While connected to OSU_Access(needs to be this network), using Internet Explorer, go to https://csacs2.nws.oregonstate.edu/
    2. Once here, you will be redirected to a Cisco authentication page. You will not need to log in. Just going to this site downloads a certificate you may be missing.
    3. Also go to this address: https://csacs1.nws.oregonstate.edu/ to check for the same certificate, if you didn't receive it from the first link. You won't know if you actually have the certificate or not, but using both addresses gives you a better chance of getting it.
    4. Once you have gone to each, and loaded each page, restart your computer.
    5. Check connectivity now.
  2. Power Properties:
    1. Go to or search for Control Panel.
    2. Click Network and Internet, then Network and Sharing Center.
    3. On the left side of the window, click Change adapter settings.
    4. Right click on your Wireless Adapter(usually Wifi, and connected to a network). Click Properties.
    5. In the new window under the Networking tab, select configure under your wireless adapter name. f. In the new window under the Power Management tab, make sure the box next to "Allow the computer to turn off this device to save power" is unchecked.
  3. Complete Internet Repair Tool:   This software could potentially fix unknown or unseen issues with your connection, working with the software on your computer.
    1. Complete Internet Repair Tool can be found at the author's website here: http://www.rizonesoft.com/complete-internet-repair/
    2. Scroll down the page until you see the Complete Internet Repair (Build 2103), being cautious not to click on supporting ads.
    3. Run this software when connected to OSU_Secure(limited or connected).
    4. Restart your computer and check connectivity now.
  4. Re-Install Your Wireless Adapter Drivers: (assuming you can get a Internet connection elsewhere)
    1. Find the make and model of the laptop, and the wireless adapter make and model if possible.
    2. b. Search the laptop manufacturer's website first for the driver, then the manufacturer's site for the adapter if needed.

Phishing

What is phishing?

Phishing is an attempt by a person or organization to gain information such as usernames, passwords or credit card information. Once the unauthorized person gathers this information, they can use it to fraudulently purchase items on YOUR credit card, send real or spam e-mail from YOUR e-mail address, or sign up for services in YOUR name. Examples of phishing messages have been compiled to help you identify fake messages. The Phishing page on Wikipedia has more information if you are interested.

How is phishing dangerous?

Aside from financial loss, phishing can also cost you time, as well as your identity. As said above, once you send your information to a phishing email, someone can start making charges to your name. Not only will you now owe for someone's else's expenditures, you also get to spend hours trying to cancel cards, reverse orders, and try to get your financial life back. This can be very taxing financially, and take a lot of your time.

What can I do to protect my personal identity and information?

What happens if I get phished?

If you are the victim of a phishing attempt, the first thing that will happen is your account will get disabled by the Service Desk. Once your account is disabled, you will get an email to your personal email telling you why your account was disabled; both you and the phisher will get an error message when you try to sign in telling you to contact the Oregon State Computer Helpdesk at 541-737-3474.

Once you call, the Service Desk will contact ONID support and get your account reactivated.

(Phishing) E-mail Fraud

E-mail Fraud

Due to the widespread use of web bugs in email, simply opening an email can potentially alert the sender that the address to which the email is sent is a valid address. This can also happen when the mail is 'reported' as spam, in some cases: if the email is forwarded for inspection, and opened, the sender will be notified in the same way as if the addressee opened it.

E-mail fraud may be avoided by:

  • Keeping one's personal e-mail address as secret as possible. Use a throw-away email when signing up websites online.
  • Using a spam filter.
  • Ignoring unsolicited e-mails of all types, simply deleting them.
  • Not giving in to greed, since greed is often the element that allows one to be "hooked".

Many frauds go unreported to authorities, due to shame, guilty feelings or embarrassment, but if you ever fall victim to an e-mail fraud that involves theft, either monetary or of your identity, contact the authorities immediately. You could help save many people from the same problem.

Phone Fraud

Fraud can take place over the phone as well. Some reports come from people asking about printer information and claim to be from supply services. Some tips for recognizing phone fraud is blocked numbers.

(Phishing) Examples

Phishing Examples

Sometimes phishing emails are obviously malicious, but other times they are pretty convincing. It is important to keep in mind the context of the email. If you did not request to be "added to a project" or if your mail quota is suddently "exceeding capacity", you will want to tread carefully in the email.

Below you will find a collection of phishing emails that have been reported to us and we have shown basic ways to tell if these emails are legitimate or not without even clicking on the link.

(Phishing) 07/06/2017 Account Block

07/06/2017 Example

This email was sent out on 07/06/2017 trying to steal email login information. There are a couple of intial red flags just after reading the email, even without further investigating:

  • You Requested for password change
  • Grammer and capitalization is terrible for an automated message.
  • Upgrade mailbox quota here
  • Blindly clicking hyperlinks in emails should always be avoided since they could lead anywhere.
  • Mail administrator 2017
  • We're just the "Service Desk".

Here are some additional ways we can tell this email is fake:

Sender Address

The sender has "admin" at least in the username, but that isn't where we send automated messages from and the email address doesn't even say @oregonstate.edu. Keep in mind that even if an email address is an @oregonstate.edu email address, that doesn't make it safe. Email addresses can be spoofed and manipulated to seem like legitimate emails or it could be coming from an already stolen account. That is why it is important to look at the context of the email and any hyperlinks in it.

Hyperlinks

This link could be tricky since it technically does have "oregonstate.edu" in the hyperlink, however the website is chamnoltravel.com. It is important to keep in mind that you don't have to "request" changing your password here and you can always call us in to discuss mail quota information.

If this information was useful, needs work, or you would like to see more of it, feel free to request that using the feedback button below!

(Phishing) 07/11/2017 Blackboard

07/11/2017 Blackboard

This email was sent out on 07/11/2017 trying to steal users login information. There are a couple of intial red flags just after reading the email, even without further investigating:

  • 2 New Important messages from your Admin Center
  • Capitilization is terrible for an automated message and it is extremely generic.
  • Click Here To Review:
  • "Click here" links in emails should always be avoided.
  • Blackboard.
  • We don't even support Blackboard, we use Canvas.

Here are some additional ways we can tell this email is fake:

Sender Address

The sender is not even close to any email from Oregon State, it doesn't even say @oregonstate.edu. Keep in mind that even if an email address is an @oregonstate.edu email address, that doesn't make it safe. Email addresses can be spoofed and manipulated to seem like legitimate emails, or it could be coming from an already stolen account. That is why it is important to look at the context of the email and any hyperlinks in it.

Hyperlinks

This is an easy way to tell the email is fake. ONID credentials wont work on sites that are not oregonstate.edu, especially not "ow.ly/ntuj30xrhf"

If this information was useful, needs work, or you would like to see more of it, feel free to request that using the feedback button below!

(Phishing) 07/12/2017 Quota Limit

07/12/17 Example

This email was sent out on 07/12/2017 trying to steal email address login information. There are a couple of intial red flags just after reading the email, even without further investigating:

  • To avoid being block click on the link
  • This grammer is terrible for an automated message.
  • Click Here To Validate
  • "Click here" links in emails should always be avoided.
  • Oregon State University Webmaster Email Technical Support
  • We're just the "Service Desk"

Here are some additional ways we can tell this email is fake:

Sender Address

The sender is not even close to an admin email from Oregon State, it doesn't even say @oregonstate.edu. Keep in mind that even if an email address is an @oregonstate.edu email address, that doesn't make it safe. Email addresses can be spoofed and manipulated to seem like legitimate emails, even when they are not. That is why it is important to look at the context of the email and any hyperlinks in it.

Hyperlinks

The validation email link does not go to an Oregon State, but instead goes to a seemingly random "webhostapp" page. Logging in here will do nothing but give someone your account information.

Even their "www.oregonstate.edu" link doesnt even go to Oregon State University, but instead goes to the malicious web page.

If this information was useful, needs work, or you would like to see more of it, feel free to request that using the feedback button below!

(Phishing) Bogus Offers

Bogus Offers

One of the most prevalent types of email fraud comes of the form of offers that are too good to be true. The fraudulent offer typically features a popular item or service, at a drastically reduced price. Most of these are just an attempt to get your credit card information and if something seems too good to be true, it probably is.

Another type of bogus offer affects people who use Ebay, Craigslist, or any other online retailer for selling their belongings. The typical scam is that a person will contact you offering to pay the full amount, or even more for a rush delivery, but they refuse to pay you until they receive the item for inspection or some other reason.

 

Here are some examples:

Click here to view larger image.

(Phishing) Help Requests

Requests for Help

The "request for help" type of e-mail fraud takes this form. An e-mail is sent requesting help in some way, but including a reward for this help as a "hook," such as a large amount of money, a treasure, or some artifact of supposedly great value

The modern e-mail version of this scam, known variously as the "Nigerian scam", "Nigerian All-Stars," etc., because it is typically based in Nigeria, is an advance fee fraud. The lottery scam is a contemporary twist on this scam.

Responding to these emails cost someone money and loss of their identity, You can see stories of victims at http://www.google.com/news/search?aq=f&pz=1&cf=all&ned=us&hl=en&q=nigerian+scam.

Examples can be found at fraudgallery.com or you can view the thumbnails below for some basic examples.

(Phishing) Reporting

Reporting Phishing

Phishing emails can be very dangerous. Here at Oregon State we do our best to ensure everyone has a safe and secure email inbox, however sometimes phishing attempts get by us. If you notice a phishing attempt in your inbox, we strongly encourage that you send it as an attachment to phishing@oregonstate.edu so that we may further protect everyone by blocking the user and the website immediately.

Follow the steps below to properly send a phishing email as an attachment:

  1. When looking in your inbox, right click on the fraudulent or abusive message.
  2. Click the Forward as Attachment button.
    Attachment
  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Select the message in the message pane
  2. Click the Attachment button
  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Open the phishing email in a new window (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click Other Actions near the top of the window and select Forward as Attachment
    Forward as Attachment
  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Open the phishing email in a new window. This can be done by double clicking on the email. (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click More near the top of the window and select Forward as Attachment

    Outlook 2010
    Forward as Attachment

    Outlook 2013/2016
     

  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Right click (two-finger click) on the mail message in your inbox or folder
  2. Select "Forward as an attachment"
  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. If you still access your ONID mailbox at http://webmail.oregonstate.edu/, then start by logging in here.
  2. Open the phishing email (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  3. Under the Forward menu, select Entire Message
    Forward Entire Message
  4. This will open a new email with the phishing email included as an attachment.
  5. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Once you are in the phishing attempt email, click on the little drop down arrow. This will bring up several options.
  2. Drop down arrow in Email

  3. Click on the “Show original” option in that drop down menu.
  4. Show Original Link in Drop Down Menu

  5. This will open a new tab with a page that looks like this, a lot of text. You will need to copy and paste this text into a new email. An easy way to highlight all of the text is to press the Ctrl button and the A button at the same time. After that you can press Ctrl and C together to copy it. 
  6. New Tab with a lot of Text

  7. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.
  1. Select the phishing message
  2. Under the Message menu, select Forward As and then select Attachment from the sub menu
  3. Send the phishing email to phishing@oregonstate.edu and we will work out quickest to get the malicious phisher blocked.

(Phishing) Spoofing

Spoofing

E-mail sent from someone pretending to be someone else is known as spoofing. Spoofing may take place in a number of ways. Common to all of them is that the actual sender's name and the origin of the message are concealed or masked from the recipient. For more information, visit http://en.wikipedia.org/wiki/E-mail_spoofing

One very common example of spoofing is when people receive e-mails in their inbox saying that a message could not be delivered to a recipient, even though they do not remember sending that message. In this case, someone has learned what your email is and sent spam e-mails pretending to be from your address and the e-mail address was incorrect and sent a bounce message back to your e-mail address.

The thumbnails below show some examples of spoofed e-mail messages:

Click on image to view full size.

Click on image to view full size.

 

 

 


Securing Your Computer

The IT staff at OSU strive to keep computers that are infected with malware off of the network, but despite our best efforts, there are infected machines that connect to the network. As part of our ongoing efforts to increase security for the entire OSU community, we have developed the following guidelines.

Before you connect your computer to the OSU network, we recommend that you follow a standard set of procedures for securing your system to ensure that the confidentiality, integrity, and availability of university systems are maintained.

Instructions for Computers

With these small steps, you can greatly increase your personal computers performance and security!

If you have any questions or concerns, feel to call the IS Service Desk at 541-737-8787 (OSU-Cascades: 541-322-2051).

Backing Data Up

Backing up data is an essential part of keeping your data safe. It is often overlooked and avoided by people until they lose a very important set of documents like photos they only have one copy of, their final paper, research documentation, or even their thesis. If you have learned your lesson and have decided to back up or want to avoid learning the lesson all together, below is a good starting point to keeping copies of your data.

An external hard drive is required for each of the methods provided since it is one of the most reliable methods.

For university-owned devices, it's highly recommend you contact your IT team (e.g. Community Network/COSINe customers).

Windows

For windows machines, we recommend the built in Microsoft Backup tool named 'File History'. It can be found by doing the following:

  1. Make sure the external hard drive is plugged in and recognized
  2. Press the windows key
  3. Do a search for 'File history'
  4. Turn on file history (it is turned off by default)
  5. Choose the external hard drive as the location to back up to

Only information in My Desktop/Libraries/Contacts/Pictures/Videos/Favorites will be saved, so make sure to not save anywhere else or it will not be backed up.

Mac OS X

For Mac OSX machines, we recommend time machine, which is the built in backup and restore software.

  1. Open Time Machine preferences from the Time Machine menu. Or choose Apple menu > System Preferences, then click Time Machine.
  2. Click Select Backup Disk.
  3. Select an external hard drive, then click Use Disk.
  4. After you choose a backup disk, optionally click “Add or Remove Backup Disk” to add more backup disks for extra security and convenience.

After you set up Time Machine, it automatically makes hourly backups for the past 24 hours, daily backups for the past month, and weekly backups for all previous months. The oldest backups are deleted when your backup drive is full.

More information can be found here: https://support.apple.com/en-us/HT201250

Difference Between SCEP and Windows Defender/Security Essentials

System Center Endpoint Protectoin (SCEP) and Windows Defender / Security Essentials are basically the same applications. The only difference is that SCEP is a enterprise supported application which allows for administrators to have granular control over settings so that the end user can not change them. Both Defender/Security Essentials and SCEP receive the same updates for definitions from Windows System Update Server.

Operating Systems

Whether you are using a Mac or PC, updating your operating system is very important. Updates are released on a regular basis to help protect your computer and to keep it running smoothly. Below are instructions that you can follow to ensure your computer is up to date!

Mac OS X▸


Apple periodically releases updates and patches that will protect Mac OS X from being attacked by viruses and other malicious programs. Configuring OS X to automatically install these patches will ensure your computer is always protected.

Schedule updates

1. Click on the Apple menu, and choose System Preferences.

Mac Menu

2. In the window that appears, select Software Updates from the System section.

Software Update Icon

3. Check the box by Check for Updates and select Weekly from the pull–down menu.

4. Check the box by Download important updates in the background.


Windows Vista/7▸


Microsoft periodically releases security patches for Windows operating systems. Downloading and installing these updates will help protect your computer from viruses and threats. All you need to install updates on your computer is an active internet connection, and the instructions below:

All of the images below can be clicked on if you need a larger view.

Step 1Start Menu

Click the Start circle at the bottom left of your desktop.

Click the All Programs option at the bottom of the menu.

Step 2Windows Update Link

Click the Windows Update option in this list.

Note: If a link for Windows Updates does not appear in this list, you can always access it by opening up the Control Panel.

Step 3Check for Updates

A separate window should open. When it does, select the Check for Updates option on the left-hand menu. Windows will then go online and check for available updates.

Step 4Updates Results

When the check for updates is finished, Windows will display a screen similar to this one, letting you know how many updates were found.

Note: if no updates are found at this point, you already have all the latest updates installed.

If you notice that the number of updates available and the number of updates selected is different (as it is on the screenshot to the right), or there are optional updates available, you should click on the link to view the list of updates and select any that are missing.

Note: Sometimes Windows will leave certain updates un-selected if they are large and will take longer to install. These are still important updates, and should be installed if you have the time to let your computer sit and install them.

If it already says you have all the updates selected, you can skip to step 6.

Step 5Update List

This screen should display a list of available updates. Check the box at the very top (the one above the list). This will select all the updates in the list for installation.

If you have optional updates available, you can click the Optional tab on the left to view them. If you see things like language packs or toolbars (like the Bing desktop toolbar), you can leave them un-checked because they are optional software. If you see any general updates in this list, it is a good idea to check the box next to them for installation.

Click the OK button when you are finished selecting updates

Step 6Install Updates

You should now be looking at the same screen as Step 4. Click the Install Updates button, and Windows will begin downloading and installing your updates.

Step 7Updates Progress Bar

You will see a progress bar similar to the one on the screenshot to the right. This will show you the current progress. Once the progress bar is full, Windows will be finished installing your updates!

Note: Windows may ask you to restart your computer when updates are done. If it does, it is a good itea to restart right away. Also, if you had a lot of updates to install, you should run through the steps on this page again after your computer restarts, as additinal updates may become available after installation.


Windows 8/8.1▸


Microsoft periodically releases security patches for Windows operating systems. Downloading and installing these updates will help protect your computer from viruses and threats. All you need to install updates on your computer is an active internet connection, and the instructions below:

All of the images below can be clicked on if you need a larger view.

 

Step 1

Click on the start button in the bottom left corner of your desktop.

Then typing in "control panel" once the start menu loads up, then proceed by clicking on the app.

 

 

 

 

 

 

 

 

 

 

Step 2

Find the "Windows Update" link on the control panel.

 

 

 

 

 

 

 

 

 

 

 

 

Step 3

You will want to click on the "updates available" button to select which updates you want to install.

 

Note: you may need to have Windows 'check for updates' first.

 

 

 

 

 

 

 

 

 

Step 4

You can go through and manually select each update you want by pressing the check boxes next to it. Generally it is recommended to just press the box next to 'name' so that you select all of the updates.

You will then want to press Install.

 

 

 

 

 

 

 

 

 

Step 5

Wait for the update bar to finish before turning off or rebooting your computer. 

 

 

 

 

 

 

 

 

 

 

 

Step 6

You have now finished updating your computer for Windows 8 or 8.1!

 

 

 

 

 

 

 

 

 

 

 


Windows 10▸



Step 1

Open the settings app. From here you'll click on update and security.

 

 

 

 

 

 

 

 

 

 

Step 2

From this page hit check for updates.

 

 

 

 

 

 

 

 

 

 

 

 

Step 3

From here it should automatically download and install available updates.

 

 

 

 

 

 

 

 

 

 

Password Security

password securityIn order to keep your information secure you must keep your password secure. The following are not the only ways to keep your password secure, but they are a good start:

  • Use passphrases (see below).
  • Do not keep your password in open and public spaces (no sticky notes on your monitors!).
  • Change your password periodically.
  • Do not use the same password for everything.
  • If you think your password may have been compromised, change it immediately.
  • Never tell anyone your password.

Use a Passphrase Rather Than a Password

Passphrases are more secure than passwords because they are generally longer, making them less vulnerable to attack. They also allow you to remember your credentials, even when they expire frequently. The idea of a passphrase is to use a statement, or motto, rather than a word peppered with odd characters and symbols, as the latter can be difficult to dedicate to memory.

For instance, try:

  • A meaningful statement: "Carp3 Diem!"
  • Directions to a location: "Down Oak, 2nd on the Right"
  • A reference to what you're accessing: "Check1ng my Onid-Mail!" (NOTE: This is an awesome kind of passphrase, as you can customize it for any service you use, protecting your accounts from each other).
  • A catchy jingle: "I don't always use passwords, but when I do"

It is a good idea to add numbers/symbols in place of some letters for common passphrases. That way, it is harder for an outside user to guess your passphrase.

Now you have a password that's already in your memory, and you can recall this new passphrase with greater ease. Of course, you should avoid using passphrase without adding some special characters, as hackers can attack your account with commonly used statements or quotes.

Please Note: Some systems won't accept spaces in a passphrase, while others won't accept a large number of characters. You can contact the OSU Computer Helpdesk with any questions regarding passwords.

Web Browsers

This section is dedicated to helping you with different web browsers. Just click on your browser and then on the instructions you wish to see! If you have any requests for information, feel free to contact our computer helpdesk either by email, phone, or by clicking the Feedback button at the bottom of the page!

Windows

 Google Chrome▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'History' tab under Chrome
  4. Scroll to the very bottom and click 'Show advanced settings...'
  5. Under the 'Privacy' tab is 'Clear browsing data...'
  6. Choose 'From the beginning of time' in the drop down next to 'Obliterate the following items from:'. Make sure that only 'Cached images and files' and 'Cookies and ...' are checked (unless you want to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Then click on 'New incognito window'

This 'Incognito Window' is extremely useful to see if there is a Chrome extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Under 'Appearance' select 'Show Home Button' and click 'Change'
  4. Add the website you wish to be your homepage, click the box next to it and press 'OK'

This webpage will now open every time you start Chrome!


  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'Settings' tab
  4. Click on the box next to 'Always show the bookmarks bar'

    Your bookmarks bar should appear under the URL box now!

 Microsoft Edge▸

  Clearing Cookies and Cache▸


  1. Click “Hub” Button (three lines)
  2. Click “Clear all history”

  3. Select “Cookies and saved website data” and “Cached data and file”
  4. Click “Clear”


  Entering Private Browsing▸


  1. Click the “Menu” button (three dots)
  2. Select “New InPrivate window”


  Setting a Home Page▸


  1. Click the “Menu” button (three dots)
  2. Click “Settings”

  3. Scroll down to Advanced Settings and click on “Show advanced settings”

  4. Toggle the “Show the home button” on
  5. A box will open that allows you to enter your new home page
  6. Click “Save”


  Showing Bookmark Bar▸


  1. Click the “Menu” button (three dots)
  2. Click “Settings”

  3. Toggle the “Show the favorites bar” on


 Mozilla Firefox▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Options'
  3. Select the 'Privacy' tab
  4. Click on 'clear your recent history' and this box will show up
  5. Click the dropdown arrow and select 'Everything'. Make sure that you only have 'Cookies & Cache' checked (unless you wanted to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'New Private Window'

    This 'Private Window' is extremely useful to see if there is an Firefox extension that is causing problems. It can also help you see if you need to clear your cache and cookies.

  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Options'
  3. Under the 'General' Tab is a field that says 'Home Page'. Add in the website of your choice!

    This webpage will now open every time you start Firefox!

  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Customize'
  3. Click the 'Show / Hide Toolbars' in the bottom left corner.
  4. Make sure that the 'Bookmarks Toolbar' has a check to the left of it. If it does not, then click it once.

Your bookmarks bar should appear under the URL box now!


 Internet Explorer▸

  Clearing Cookies and Cache▸


  1. Click on the cogwheel in the top right corner.
  2. Hover over 'Saftey', then click 'Delete browsing history...'
  3. Make sure 'Preserve Favorites website data' is unchecked and check 'Cookies and website data' and 'Temporary Internet files and website files'
  4. Click the 'Delete' button

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click on the cogwheel in the top right corner.
  2. Hover over 'Saftey', then click 'InPrivate Browsing'

This 'InPrivate Window' is extremely useful to see if there is an extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click on the cogwheel in the top right corner.
  2. Select 'Internet options'
  3. Under the 'General' tab, you can add multiple home pages.

This webpage will now open every time you start Internet Explorer!


  Showing Bookmark Bar▸


  1. Right click just above the 'Back' button
  2. Make sure 'Favorites bar' is checked

Your bookmarks bar should appear under the URL box now!


Mac OSx

 Google Chrome▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'History' tab under Chrome
  4. Scroll to the very bottom and click 'Show advanced settings...'
  5. Under the 'Privacy' tab is 'Clear browsing data...'
  6. Choose 'From the beginning of time' in the drop down next to 'Obliterate the following items from:'. Make sure that only 'Cached images and files' and 'Cookies and ...' are checked (unless you want to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Then click on 'New incognito window'

This 'Incognito Window' is extremely useful to see if there is a Chrome extension that is causing problems. It can also help you see if you need to clear your cache and cookies.


  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Under 'Appearance' select 'Show Home Button' and click 'Change'
  4. Add the website you wish to be your homepage, click the box next to it and press 'OK'

This webpage will now open every time you start Chrome!


  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Settings'
  3. Click on the 'Settings' tab
  4. Click on the box next to 'Always show the bookmarks bar'

    Your bookmarks bar should appear under the URL box now!

 Mozilla Firefox▸

  Clearing Cookies and Cache▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Preferences'

  3. Select the 'Privacy' tab
  4. Click on 'clear your recent history' and this box will show up
  5. Click the dropdown arrow and select 'Everything'. Make sure that you only have 'Cookies & Cache' checked (unless you wanted to clear more)

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'New Private Window'

    This 'Private Window' is extremely useful to see if there is an Firefox extension that is causing problems. It can also help you see if you need to clear your cache and cookies.

  Setting a Home Page▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Preferences'
  3. Under the 'General' Tab is a field that says 'Home Page'. Add in the website of your choice!

    This webpage will now open every time you start Firefox!

  Showing Bookmark Bar▸


  1. Click the 'hamburger' lines in the top right corner.
  2. Select 'Customize'
  3. Click the 'Show / Hide Toolbars' in the bottom left corner.
  4. Make sure that the 'Bookmarks Toolbar' has a check to the left of it. If it does not, then click it once.

Your bookmarks bar should appear under the URL box now!


 Safari▸

  Clearing Cookies and Cache▸


  1. Click 'Safari' in the top left corner next to the Apple logo
  2. Select 'Clear History...'

  3. Make sure 'all history' is selected, then click 'Clear History'

You have now cleared cookies and cache! This generally solves a lot of browser specific issues.


  Entering Private Browsing▸


  1. Click on 'File' in the top left corner next to 'Safari'
  2. Then click on 'New Private Window'

This 'Private Window' is extremely useful to see if there is a Safari problem with cached information.


  Setting a Home Page▸


  1. Click on 'Safari in the top left corner'
  2. Then click 'Preferences...'

  3. Click on the 'General Tab'
  4. Type in your new homepage website address and Close the window

This webpage will never show up every time you open Safari!


  Showing Bookmark Bar▸


  1. Click on 'Bookmarks' in the top left corner of the screen
  2. Then select 'Show Bookmarks'

Safari's version of a 'bookmark bar' is the section that appear on the left side of your browser.



Spam

What is Spam?

Spam is defined as unsolicited, bulk e-mail.  Typically spam comes from strangers - people who have obtained your e-mail address without your permission. If you signed up for the mailing (intentionally or accidentally), it may be undesirable e-mail, but it is not technically spam. Likewise, if you have some sort of business relationship with the sender, it is not spam. So, an e-mail sent to you from your bank, an online service you signed up for, or your department at OSU would not be considered spam. 

Note: Using OSU's e-mail system to send unauthorized bulk mailings is against the Acceptable Use Policy.  For information about how to do a bulk mailing at OSU correctly, please see the Guidelines for Release of E-mail Addresses.

Where does spam come from?

Today most spam comes from virus-infected personal computers, hacked e-mail accounts and free e-mail providers. Use caution when opening e-mails from addresses you don't recognize, and always scan email attachments for viruses. If your computer has become noticeably slower, it's a good idea to run virus-detection software.

Finally: NEVER share your password!

What can I do against spam?

We understand spam is a frusterating topic for everyone. The best way to handle spam, here at Oregon State University, is to forward any spam you get to spam@oregonstate.edu. From there, we can work to reduce the amount of spam going out to all email users. We also have a few documents below to help you avoid spam:

(Spam) Email Filtering

Spam Filtering

Follow the steps below for your email client to turn on spam filtering:

  1. From the main Outlook window, click Junk
  2. Select Junk Email Options... from the drop-down
    Junk Email Options
  3. From the Blocked Senders tab, click Add
  4. Enter the sender's email address or email domain to block the sender
    Caution: If you block a domain, all emails from that domain will be blocked. For example if you block @gmail.com, all emails coming from an @gmail.com email account will be blocked.
  5. Click OK
  6. Click OK
  1. Click the Junk menu, then click Junk E-mail Protection
  2. Select the level ou prefer to use for junk protection (the Low setting is fine for most users)
  3. Click OK
  1. Select the spam email from the mail list
  2. Click Junk from the toolbar near the top of the window

To customize junk email controls:

  1. From the Tools menu, select Junk Mail Controls

To train Thunderbird:

  1. Select the spam email from the mail list
  2. Click Junk from the toolbar near the top of the window
  1. Log into exmail.oregonstate.edu
  2. On the upper-right, click on Options and choose See All Options...
  3. Click on Organize E-Mails
  4. Click on New Rule in Inbox Rules tab
  5. Click on More Options
  6. Set the following:
  7. In the 'Specify Words or Phrases' window enter 'X-Spam-Flag: YES' then click on the plus icon and click OK to add the phrase
  8. Select what to do with bad emails

    Select Junk E-mail from the Select folder window
  9. Name the rule and click on Save

(Spam) Exchange Inbox Filters

Inbox Rules can be used to lower the amount of spam received to exchange? email addresses.

  1. Log into exmail.oregonstate.edu
  2. Click on See All Options... from the drop down Options menu
  3.  Click on Orginize E-Mails on the left
  4. Click on New Rule in Inbox Rules tab
  5. Click on More Options
  6. Set the following:
  7. In the 'Specify Words or Phrases' window enter 'X-Spam-Flag: YES' then click on the plus icon and click OK to add the phrase
  8. Select what to do with bad emails

    Select Junk E-mail from the Select folder window
  9. Name the rule and click on Save

(Spam) Reporting Spam

Spam emails can be very tedious. If you would like to help us lessen the problem, go ahead and forward the spam email as an attachment to spam@oregonstate.edu

Follow the steps below for your email client to turn on spam filtering:

  1. When looking in your inbox, right click on the fraudulent or abusive message.
  2. Click the Forward as Attachment button.
    Attachment
  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Select the message in the message pane
  2. Click the Attachment button
  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Open the phishing email in a new window (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click Other Actions near the top of the window and select Forward as Attachment
    Forward as Attachment
  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Open the phishing email in a new window. This can be done by double clicking on the email. (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  2. Click More near the top of the window and select Forward as Attachment

    Outlook 2010
    Forward as Attachment

    Outlook 2013/2016
     

  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Right click (two-finger click) on the mail message in your inbox or folder
  2. Select "Forward as an attachment"
  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. If you still access your ONID mailbox at http://webmail.oregonstate.edu/, then start by logging in here.
  2. Open the phishing email (DO NOT open any attachments that may be contained within the email as they could contain viruses)
  3. Under the Forward menu, select Entire Message
    Forward Entire Message
  4. This will open a new email with the phishing email included as an attachment.
  5. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Once you are in the phishing attempt email, click on the little drop down arrow. This will bring up several options.
  2. Drop down arrow in Email

  3. Click on the “Show original” option in that drop down menu.
  4. Show Original Link in Drop Down Menu

  5. This will open a new tab with a page that looks like this, a lot of text. You will need to copy and paste this text into a new email. An easy way to highlight all of the text is to press the Ctrl button and the A button at the same time. After that you can press Ctrl and C together to copy it. 
  6. New Tab with a lot of Text

  7. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.
  1. Select the phishing message
  2. Under the Message menu, select Forward As and then select Attachment from the sub menu
  3. Send the spam email to spam@oregonstate.edu and we will look at it and work to get the spammer blocked.