ECE Computer Support.
Security
I think my computer is infected. What should I do?
- If your machine is still on the network, update your antivirus definitions manually by using the McAfee VirusScan Console (right-click on the McAfee icon in your system tray to see this option). In addition, download the latest Stinger tool from Network Associates. Other useful tools are the Spybot and Ad-Aware spyware removal tools. You must update the spyware definitions of these tools after installation.
- Take your machine off the network (just remove the network cable) to prevent additional infections, as well as stop any attacks your machine may be launching against other machines.
- Run a system scan of your machine with both the Stinger tool and McAfee Antivirus. Often, one tool will pick up infections which the other has missed. Running Spybot and Ad-Aware will remove additional trojan software and spyware.
- If you need to reinstall your PC, you MUST put the machine behind a physical firewall/router device or install firewall and antivirus software before connecting the machine to the network. A newly installed Windows machine will be hacked within minutes unless it is protected by a hardware or software firewall. Before doing a reinstall, either put the machine behind a physical firewall/router or install the firewall and antivirus software from a USB drive or CD before connecting the machine to the network. Once you are connected to the network, do a Windows Update immediately.
- If you have any questions or need assistance, contact ECE Computer Support.
ECE Account Security
- Choose good passwords. Modern computing power makes cracking simple passwords trivial. "Simple passwords" not only includes dictionary words, but dictionary words with letter/punctuation substitutions, like, "P@ssw0rd". See OIT's guidelines on secure passwords for more information.
- Never send any password in email, even in a support request. The same goes for your Social Security Number, bank account and credit card info, and other sensitive information. Email is not encrypted, unless you deliberately encrypt it with software such as PGP or GnuPG. When you send an email, assume the contents can be read by anyone in transit.
Windows Security
- Install a firewall and virus scanner immediately if you do not have this software installed. Duke has a site license for both McAfee Antivirus and Kerio Firewall, which can be downloaded and used free of charge by Duke students, faculty and employees. Check to be sure that McAfee is updating its virus definition files on a daily basis. Antivirus software with outdated virus definitions is useless, and will give you a false sense of security. Make sure that the scheduled updates will happen at a time when the machine is powered on and on the network (or leave your machine powered on at all times).
- Turn on Automatic Windows Updates and make sure to schedule the updates at a time when the machine is powered on and can download the updates. It may be most convenient to schedule the updates for late evening or early morning, as Windows Updates often require a reboot.
- Don't get into the habit of using the Adminstrator account, or an account with Administrator rights, as your normal working account. Using an unpriviledged account for day-to-day work can help lessen the damage if your machine does become infected. Use the Administrator account only as needed for tasks such as installing new software.
- Be vigilant about watching for virus-infected or fraudulent emails. If you receive an unsoliticed, unexpected email asking you to send personal or financial data, or an email with an attachment that looks strange or which you were not expecting, either delete the email or contact Computer Support for guidance.