Search
George Davis Hall in the early evening. #

Offices & Services > Information Technology Services > Viruses and Spyware

Viruses and Safe Computing

The windows of Old Main.
General Tips
  • Never open an e-mail attachment that you are not expecting regardless of the sender. If you are unsure about an attachment you received, check some of the antivirus websites listed above and search for the filename. There is a very good chance it is a virus.
  • If you do know the sender but the tone of the message seems out of the ordinary or you are not expecting an attachment from the sender, do not open the attachment prior to verifying its validity. Ask yourself, "Should I really risk my computer to open this attachment?" Is it worth it to lose all your documents or files just to open a joke?
  • Back up your important documents regularly. Knox provides each student with 5 GB of home account space. All data stored in the home accounts is backed up to tape every night. In case your system becomes infected, your important documents, depending upon when you moved them to the server, very likely would be recoverable.
  • Follow all AntiVirus guidelines communicated from Information Technology Services.
  • Install updates often to keep your operating system and related programs updated with new fixes. Many viruses attempt to exploit known holes in these programs.


Can I be infected by visiting a Web page?
Absolutely! At this time, Windows operating systems are the most likely to be open to this vulnerability althouth Macintosh operating systems may also be susceptible. Microsoft and Apple release patches to fix these known problems on a regular basis but many users neglect to install them. These patches are distributed through Windows Update on Windows and Software Update on Macintosh. Unlike many e-mail borne viruses requiring the user to open an attachment, many of the operating system exploit viruses infect vulnerable machines by simply connecting to the Internet. Microsoft Windows computers are required to install all critical updates issued by Microsoft as they become available. Please note that the latest service packs are included in the required critical updates. Macintosh computers are required to install all security updates issued by Apple.

You need to run install updates often in order to patch any new vulnerabilities discovered in your operating system and applications.

Does Knox scan my e-mail for viruses?
Knox College scans all incoming and outgoing e-mail messages passing through our mail servers. If an infected message is found, it is removed and notifications are sent to the recipient, sender and postmasters stating that someone has attempted to send an infected message. Just as is the case with individual workstations, our mail servers can only detect viruses that it knows about through its virus definitions. Since new viruses surface so frequently, there are times when a virus can make it through the mail server undetected because our antivirus vendor has not updated their definition files yet. Although we automatically update the virus definitions regularly throughout each day, Information Technology Services watch all virus outbreaks closely and will update the virus definition files manually if a potential threat is detected.

In the event that our virus software is able to isolate an infected computer on campus, we will take the appropriate action to isolate the infected computer until the problem is fixed. If an infected computer is attached to the Knox Network, network access will be disabled immediately and will not be enabled until the problem has been fixed (see the AntiVirus Policy).

Please note that Knox does not and cannot scan e-mail coming through Hotmail, MSN, Yahoo or any other e-mail service outside of Knox. This mail does not pass through our mail servers. We strongly suggest that any outside mail accounts be set to forward through your Knox e-mail account so all mail may be scanned properly to combat the spread of e-mail borne infections.

What are some of the other ways of being infected?
One of the most common ways of becoming infected is by opening an attachment sent via e-mail. If you are running Windows, you should never open any attachment with an .exe extension. Just delete it. Infected attachments can come in many forms. Some of the other extensions to look out for are .bat, .com, .scr, .pif, .exe, .vbs, .doc. If you are unsure about an e-mail you receive, check out the attachment at any of the following Web sites to see if it is a known virus. These sites have a search feature allowing you to easily look to see if the attachment you have received is a virus.

Other ways of being infected are through:

  • Operating system vulnerabilities
  • IRC channels
  • Peer-to-peer filesharing programs/networks
  • News servers
  • FTP sites
  • Off-campus e-mail accounts (Yahoo, Hotmail, your own ISP)
  • Open shares on our network (if an infected system is scanning for machines it can write to)
  • Sharing your network username and password


Can I share my files?
You are more than welcome to share files across the network from your computer. However, you must make sure that any folders that you have shared are read-only or have password protection for write access. Open shares (a shared folder that anyone can write too) is not allowed on the campus network. Since many new viruses will search the network looking for shares they can write to (open shares), we will disable the port of computers that we find to have an open share. This is to keep major outbreaks to a minimum and also to protect you from being infected. This applies to all computers connected to the campus network. If we need to disable a port, we will make every attempt to notify the user, but since many computers are not named with any relationship to their owners, it is difficult to determine who actually belongs to what computer.

An exception to this rule is for Windows XP Home Users. Windows XP Home Edition does not allow you to password protect shared files using their feature called Simple File Sharing. Therefore, if you are running this operating system, you should not attempt to share your files on the network. Your port will be turned off. Windows XP Professional users can disable Simple File Sharing. This needs to be done and all shares must be shared as read only.

How do I know if my network access has been turned off?
We will keep the Help Desk informed of all accounts that are disabled. They will also be given the specific reasons and instructions as to what must be done to have access restored. If your network access has been disabled because your machine was found to be infected, you will need to get the computer cleaned and protected before we will restore your access (see the AntiVirus Policy). If your access was turned off because of an open share, you must make the open share read-only or password protected. Call the Help Desk at extension 7700 to find out what must be done to have your access restored.

The best way to ensure uninterrupted network access is to have properly maintain all machine updates and safeguard any network shares with passwords and/or read-only access.

I am infected. What do I do?
You can always call the Help Desk at extension 7700 for assistance. If your machine requires Information Technology Services staff attention, a fee will be assessed. See the AntiVirus Policy for complete details.

I received an e-mail asking for my e-mail username and password or other personal information. Should I send it?
NO! The College (and other institutions including banks) will ever request that you provide personal information through e-mail. Such "phishing scams" are constantly circulating the Internet -- most frequently propagated by those who have responded to the scam. When in doubt, call but never respond first.

What if I don't have the AntiVirus software installed?
You must install and maintain the provided AntiVirus solution on any computer connected to the Knox College data network. If your computer is on the network and becomes infected, your account will be disabled. You will be required to bring your machine to Information Technology Services  to have it cleaned and a fee will be assessed. See the AntiVirus Policy for complete details.

I received an e-mail from a friend telling me to delete certain files on my computer. What should I do?
Always check with a reliable source before acting on a message such as this. Very rarely are forwarded e-mail messages, no matter the source, a valid source for issuing valid warnings. The goal of most of these forwards is to make you delete files that are required to keep your computer running.

I was browsing the Web when a screen appeared telling me that my computer was infected and that I should click on a button to install some software. Should I do it?
You should never click to install software from the Web that you have not specifically sought. In most cases these prompts lead to the installation of "malware" which, since you have initiated the installation by clicking on the prompt, can bypass AntiVirus software. This software can be damaging, track your actions, jeapordize the privacy of your files, and be very difficult to remove.

Knox College

http://www.knox.edu/offices/information-technology-services/virus-prevention/safe-computing-faq

Printed on Friday, December 19, 2014