Security For Beginners by tae66661


									 Starting up
 a Security
 Class for

Created by:
Beth Byrnes
Larry James
Zac Reimer

For Information Services
University of Nebraska-Lincoln
Identifying the Need
• In spite of required applications, constant issues with spyware,
  trojans and other malware.
• Already doing one on one instruction during pick-up.
• Spending all our time doing clean-up on Windows computers.
• No current resource for students to get the basics
• Something needs to be done to reach more people.
Creating the Class
•   What „has to‟ be in the class?
•   Try to keep it under an hour
•   Get a good space to have it
•   Advertise
•   Get input from:
     – Computer Help Center
     – University Networking
     – University Network Security
     – University Housing
     – ResNet Student Workers

How to keep your computer
safe on the Internet
Main Topics
•   Microsoft Updates
•   AntiVirus
•   Firewalls
•   Anti-Spyware
•   Physical Security
•   Passwords
•   Best Practices
Microsoft Updates
• Should update from “Windows Update” to “Microsoft Update”.
• Should be set to “auto”.
• Decide if any “optional” updates are needed. Ex. Windows
  Media Player.
• Should be able to un-install any updates that cause problems.
• Sophos – UNL has Campus-wide License and a local update
• McAfee
• Symantec/Norton
• Trendmicro
• AVG – no longer available „free‟
• Avast
• Kapersky (highly rated)
• Many others
What’s the BEST AntiVirus?
• All AV programs have Pros and Cons
• Typical Pros
   – Automatic updates of virus files
   – Automatic handling of infections
   – Quarantine of infected files
What’s the BEST AntiVirus?
• Typical Cons
   – Can be resource hogs
   – May not find new variants
   – May not be able to clean/quarantine/delete viruses it finds
What’s the

Remember: “Any AntiVirus
is better than NO AntiVirus.”

On or off campus, the
Windows firewall should be
all you need.
But it has to be on.
• Firewalls are „built-in‟ to packages like:
   – Norton Security Center
   – McAfee Security Center
   – Windows Live OneCare (requires special exception on the
      UNL ResNet.)
• There are lots of free „stand alone‟ firewalls available.
   – ZoneAlarm
   – OnlineArmor
   – Comodo
   – Sunbelt
   – PCTools Firewall Plus
• Windows Defender is „built-in‟ to Windows Vista. For XP, it‟s
  getting less useful as time goes by.
• Many available free to download
  – SuperAntiSpyware
     • Preferences>Scanning control check two boxes
         – “Close Browsers before scanning”
         – “Terminate memory threats before quarantining”
  – SpywareBlaster
  – Spybot Search and Destroy
     • Don‟t install “Tea Timer”
Physical Security
• Keep your dorm room locked.
   – Even if you‟re gone for “just a minute”.
• Keep hold of your laptop when you‟re out and about.
• Use a „good‟ password. With a different one for the „admin‟
• What‟s a „good‟ password?
  – Not your name.
  – Not your unlid number.
  – Not „huskers‟ or „huskerfan‟.
  – Not your birthday.
  – Not anything someone could guess.
• A good password is a random string of letters, numbers and
  characters that you can remember easily.
Best Practices
• Don‟t open email from someone you don‟t know.
• Don‟t open attachments if you‟re not sure what they are and
  what they‟ll do.
• Keep your Browser Security level set to “Medium High”.
• Regularly scheduled manual updates and scans.
• Keep abreast of changes, new security tools and practices.
• And if you get a pop-up that says something like “Exploits have
  been detected on your computer. Click here to download a
  program that will fix them.” DON‟T DO IT!
• You might get an email from your credit card company, your
  bank, ebay, paypal, or someone else asking you to „update‟ or
  „confirm‟ your account information. Especially your password
  and/or account number. They may want you to reply to the
  email or will have a web link for you to click.
• This is Phishing. They‟re trying to get you to give them your
• No legitimate business does this.
   – Ebay doesn‟t do this.
   – Paypal doesn‟t do this.
   – Visa doesn‟t do this.
   – Nobody does this.
• Even if you think it is real, don‟t reply to the email, don‟t click
  on the link. It may say „‟, but probably goes to a
  bogus site. Contact the company by typing the correct URL into
  the address bar of your Browser.
What if your computer is still infected?
• What do you do if your Anti-Virus or Anti-Spyware finds
  something that it can‟t clean, can‟t quarantine and can‟t delete?
• Or worse yet, if it finds them and says it has
  cleaned/quarantined/deleted them, but when you scan again,
  they‟re still there?
What if your computer is still infected?
• Bring it to the folks at the ResNet office or the Computer Help
  Center. We can help.
• ResNet office is in the back of the Sandoz Computer Lab. 472-
• Computer Help Center is in the 501 Building. 472-3970
What We’ve Learned
•   Don‟t schedule anything after the class
•   Smaller classes are better
•   Put the details on the ResNet website for later reference
•   The class is as dynamic as keeping a computer secure.

To top