Contact Us Search Site Index About This Site Edit Decrease text size Increase text size Georgetown University main web site Contact Us Search Site Index About This Site
spacer spacer spacer
University Information Services at Georgetown University
Faculty Help Staff Help Student Help About UIS

Anti-Virus & Malicious Software Prevention Tips

Also available: Spam Prevention Tips

Georgetown University needs everyone to be vigilant in protecting their computers, the data on them, and the Georgetown University network. By following some simple precautions, many system vulnerabilities may be prevented and the data you save may be your own.

  1. Use antivirus software
  2. Run Windows updates
  3. Pay attention to UIS security alerts
  4. Use a strong password
  5. Only install reputable software
  6. Check the source of your e-mail 
  7. Avoid disreputable websites  
  8. Lock the screen or logout when away, shutdown the machine when not in use
  9. Do not use an administrative account for daily work

 

 

Install and Configure AntiVirus Software with Daily LiveUpdates

One of the best defences against viruses, worms, and Trojans is using a desktop anti-virus software with automatic live updates. Live update gets the latest virus pattern files from Symantec to make sure your computer is protected. 

You can tell if you have this software installed if the Symantec shield is in the Windows System Tray, located at the bottom right corner of your screen, by the clock. If you do not have AntiVirus software installed on your computer, download it from the UIS Software Database (you will be prompted for your NetID and password). Georgetown University has a license for all faculty and staff computers owned by Georgetown University to have Symantec AntiVirus software installed on the computers.

 symantec logo

 

Windows Antivirus Download and Configuration Instructions:

Mac OS X AntiVirus Download and Configuration Instructions:

 

 

Keep Windows Updated with Critical Patches

Make sure that you download and install critical updates on your office computer. Microsoft periodically issues patches to Windows to make the operating system more reliable or secure. Windows has a built-in facility called Windows Update that downloads and installs critical and security patches to keep your system safe from attackers.

Configure Windows XP to automatically download and install critical updates

Configure Windows 2000 to automatically download and install critical updates

For your home computer, consult your manufacturer's website or technical support hotline before installing a security patch.

Make sure that you have backup copies of your data files before installing a critical update.

Use Strong Passwords

Setting a strong password on ALL your accounts makes it more difficult for an attacker to gain access to your computer or resources. See Georgetown University's password guidelines for more information about selecting a strong password. Be responsible with your password usage. Do not share your password with anyone. Change your password often. Use different passwords for different accounts.

 

Only Install Reputable, Licensed Software

Software available through a Georgetown University site license is listed in the UIS Software Database.

  • Click on the magnifying glass in the view column to see information about how to get listed software.

Do not download or install spyware. It is not always easy to tell what is spyware. Spyware is often bundled along with another software program or a game. When you install the software or game, the spyware automatically loads onto your computer. File sharing programs like Kazaa and BearShare are the most notorious as including spyware. WeatherBug, Gator, and Bonzai Buddy also include spyware. Be cautious of programs that promise to speed up your computer or help you with shopping or web searches. Finally, do not download game 'cracks' or 'cheats' or 'codes', especially from Warez. For more info on spyware files, click here.

Do not click on on links or invitations from strangers.

You should be aware that many free software packages on the web install spyware (software that reports back web surfing habits and other personal information), adware (software that creates pop-up ads based on what web sites you visit or just periodically creates a spontaneous pop-up), or even Trojans (short for Trojan horse, a type of software that install remote control or remote attacking software on your machine without your explicit knowledge).

Even the full version of KaZaA installs a third-party program that may use computer processor time and disk space for purposes other than running KaZaA! If you are unsure about a program, you can usually find out more at safer-networking.org, or by Googling "program spyware adware" to see what others are saying about the program. Most reputable software is available on CD from the vendor.

 

 

Check the Source of your E-mail, Delete Spam, and Be Careful with E-mail Attachments

Spam, spam, spam, spam! More than ever, people receive spam e-mail, chain letters, and viruses through e-mail. You can prevent the spread of infection by following a few simple steps:

  • If a mail message seems suspicious, it probably is. If you expect Dave in accounting to send a message with the subject "I Love You!" then it wouldn't be suspicious. If that isn't like Dave, you may want to call and ask if he sent the message, or simply delete it.
  • If you don't know the sender, the subject line may seem suspicious too, so just delete it.
  • If you are curious about a message, but you think it might be spam or worse, view the message in GUWebmail. If the message is spam, delete it immediately and don't view or download attachments.
  • If you think you may have a message that has a virus, delete it.
  • If you receive an attachment that seems suspicious, check with the sender. If the sender didn't send it, delete it.
  • If you are unsure about an attachment but you think it is legitimate, update your virus scanner and save the attachment to your hard drive. The virus scanner will automatically scan the file to see if it contains a virus.
  • If you receive a message that asks you to visit a URL, use extreme caution. Many URLs can point to a different web site designed to steal personal information.
  • Check the source header of the e-mail to verify where the e-mail came from, and verify the web site address is correct, or type in the address manually.  You can expand the headers of e-mail to show specific details apart from just the FROM field.  Make sure that you are not falling victim to spoofing. 
  • Many e-mails with URLs are spam that will load pornographic web sites. The sender is usually unknown, so they should be fairly easy to spot and delete.
  • Don't forward chain letters. They may contain viruses or web bugs.
 

Avoid Disreputable/"Questionable" Websites

New exploits often appear first on cracker or warez sites. There may be scripts that can attack or get information from your computer. Some dishonest operators run lookalike web sites that may pretend to be well known companies like eBay or PayPal. Always check the website address closely when asked for personal or financial information and if in doubt, navigate to the known company address yourself. Become familiar with cookie settings and other browser security settings.

  • Do not surf questionable websites. Spyware can be hidden behind graphics or links, and can damage your computer. Do not enter your personal information on questionable websites.
  • Pay attention to UIS Security Alerts. These will provide you with the most up-to-date information on internet and email security.

 

 

Pay Attention and Act on UIS Security Alerts

UIS periodically issues security alerts about current attacks. Please read them and follow any instructions to help keep you computer safe and secure. The latest worm attack was fairly benign, but it could have just as easily erased data and prevented your computer from starting if you were not protected. A little effort could save your whole day!

Lock the screen or logout when away and shutdown the computer when not in use

Protect your computer by locking it or shutting down when you leave. An attacker can gain access to the network, change your password, change files, or even send e-mail as you. An attacker who has compromised your computer can use it to attack other computers on the network, too.

If your computer is in an unsecured area, you should get in the habit of locking the screen when you step away.

  • Lock the screen by holding down the Windows Logo key and pressing the 'L' key on your keyboard, or by pressing the Ctrl-Alt-Del keys and then selecting Lock Screen.

If you are finished working on the computer for a while (or are finished for the day), you should logout or Shutdown the computer. An attacker cannot attack or use your computer when it is off, so plan on shutting down your computer when you leave.

 

Limit the Use of Administrator Level Accounts

If you are using an Administrator account on your machine to log on, you should create a new account that is not a member of the Administrators group and use it for normal tasks. Use the Administrator account only when necessary.

If your regular account is a member of the Administrators group, you should consider creating a new account in the Administrators group and remove your account from the Administrators group for normal use

Note: If you are using a Windows "Home Edition," you always run as Adminstrator unless using a limited account. Windows ME always runs as Administrator equivalent.

 
spacer