Skip to main content

Vox of Dartmouth, the College's newspaper for faculty and staff, ceased publication in February 2010. For current Dartmouth news and events, see:

· Dartmouth Now
· Periodicals
· Events Calendar

Secure computing on campus

Simple precautions can prevent misuse

It can happen to anyone. You just never thought it would happen to you. All it took was barely a moment without the right protection, and now it's too late. You're in trouble. It didn't have to happen. You should have taken precautions. You should have practiced safe computing.


Photo: comstock.com

According to computing security expert Bill Brown, about 30 or 40 machines connected to Dartmouth's network are infected on any given day. "That's fewer than in the past, but more than we'd like to see," he said. "We'd prefer not to have anybody compromised."

Malicious Intentions

Brown said software programs with malicious intentions, known as malware, are passed on in various ways: through e-mail attachments, Web site links, peer-to-peer sharing sites, even automatic downloads from Web sites a user visits. Malware can perform many different tasks after first installing itself on a computer. It has the potential to infect many more people, perhaps setting itself up to distribute pornography or share illegal video and/or music files. It might steal valuable information, such as social security numbers or credit card numbers, and even e-mail addresses.

Infected machines are frequently combined with others to form what is called a "bot" network of zombies that report to a master operator. Brown notes that some masters command extremely large networks of 80,000 computers, and those computers are always checking for instructions from their master. And although some people may notice their computers are responding more slowly than normal, few will detect the real threat.

"Those bot networks are actually worth money," said Brown. "If I control a bot network, I can market that on the Internet. There are people who will pay you money to rent your zombies. They might say, 'Hey, I'd like to rent 5,000 zombies for six hours next Saturday.' You arrange a financial transaction that's worth so much money, about $200 per hour, and then that person will take those zombies and launch an attack on somebody. It might involve a denial of service or extortion. This is organized crime. This is not kids playing pranks."

Standard Precautions

Although Dartmouth's Network Services can detect unusual computer behavior on the College's network, curing infected machines requires shutting them down, perhaps for days, to clean them up. The best course of action is to avoid the infection altogether by practicing safe computing, and Brown has some advice on how to do that.

There are three things you can do right away: run a firewall, apply the security updates, and run antivirus software. "The College provides many of those tools for users on the network," he said. "There are specific tools we'd like people to use. For the Windows users, we provide a very advanced firewall and intrusion prevention system called Sygate. We have another tool called LDSS, which is a security suite that will make sure your Windows computer gets the required software patches. Finally, we have a viral-fighting tool called Norton AntiVirus. And we're also encouraging people to use an anti-spyware tool called Microsoft AntiSpyware. However, you are not limited to these software tools, and even if you do not have a Windows computer, we can help you install the major tools appropriate to your setup on a Macintosh or Linux computer."

Brown estimated downloading and installing the tools should take well under an hour for users with a good broadband connection.

In addition, this fall, Dartmouth network users became part of a campus security system as eTokens were phased in; they hold an electronic version of each person's identity, just like a College ID card. When fully implemented, these eTokens will  provide access to safe, encrypted passage for both wired and wireless transmissions, and will help automate the sign-on process. The eTokens will not be required everywhere, but will be used primarily on personal computers.

Common Sense

Brown also recommended users employ some common sense precautions. For example, don't click on e-mail attachments unless you know the person who sent it to you and it's something you would expect that individual to send. "Someone who breaks into your computer can spoof your return address and harvest your list of friends, so just because you recognize the person who sent the message does not mean you should click on an attachment," he said. "But if you read it and it seems within the context of normal conversations that you have with that person, then sure, take a look at the photos or click on the link."

Share information carefully. Consider encrypting any sensitive information you share via e-mail. Encrypting your mail prevents anyone from reading it except for the people you intend. There are several e-mail programs that can easily do this for you, although BlitzMail is not one of them.

Disclose your e-mail address only to people you trust. Some groups use automated tools to search Web sites for e-mail addresses they can sell. Do not install unknown programs. They are a major source of malware and very difficult to remove.

And, finally, don't assume protecting your computer from predators is someone else's responsibility. The virus that afflicts you today may plague your friend, colleague, or boss tomorrow. "Ask not what your college can do to protect you," quipped Brown, "ask what you can do to protect your college by keeping your computer safe."  For more information, go to the Safe Computing at Dartmouth website.

By ANITA WARREN

Questions or comments about this article? We welcome your feedback.

Last Updated: 12/17/08