Lab 12: Security Basics

Key Words: computer security, virus, hacker, spyware, patch, Windows Update.

Objectives

• Learn about how to create a strong password
• Be able to determine what makes a legitimate email message
• Use Windows Update to keep your system up to date
• Update McAfee VirusScan so that you can detect viruses
• Use SpyBot Search & Destroy to locate and remove spyware

The Internet, just like the real world, is an unpredictable place. In the real world, you wouldn't leave your house unlocked, your car door open, or your wallet lying around. The same holds true with the Internet, and even a brand new computer is not impervious to worms and viruses. This lab will walk you through the basics of setting up your computer and safeguarding it against some of the uncertainties of the Internet. While it will not make you an instant computer security expert, it will give you a few tools that will help you protect yourself and your computer from some of the things that are out there.

There are three common threats that you may run into while online: viruses, hackers, and spyware. Viruses are malicious programs that can make your computer spam other computers, delete all of your files, or even give someone else complete control over your computer. Hackers are individuals who, for reasons ranging from boredom to being paid by organized crime, write viruses and steal personal data on the Internet. Spyware is like a virus, but instead of hurting your computer, it does other things such as sending personal information about you (things like your credit card number and your Social Security Number) to other people so that they may steal your identity. This lab will give you the tools to help prevent these three things from happening to you while you are online.

This is a graded lab. You will need to email your TA with answers to several questions and tasks we present you with in this lab. We suggest that you just write your answers into the body of an email message. You must title the email "INFO 100 lab 12."

Password Security

Good password security is the first line of defense against any sort of threat on the Internet. A bad password will make even the best security system worthless, so it is important to follow a few basics about good password creation:

1. Don't use a common word. There are password-guessing tools out there that use common words as a basis for guessing passwords. They even have dictionaries in other languages that they use, so make sure your password is not a common word in any language!
2. Make sure your password is at least 8 characters long. Short passwords can be easily guessed, and a longer password will reduce the chances that someone will guess your password using a hacking tool.
3. Give your password letters, numbers, and non-alphanumeric characters (such as ! and $).
4. Mix upper- and lower-case letters in with your password.

One good way of making a good password is to use something to help you remember it. For example, if you like the song "Stairway to Heaven" by Led Zeppelin, you could take the first letters from each word in the line "And she's buying a stairway to heaven" as the basis for your password, which would create a password of 'asbasth'. From here, you could mix some upper-case letters in with your password to make it 'aSbAsTh'. To make it a little more complex, you can then replace some of the letters with numbers and special characters that look like the letters they replace, making it '@SbA5Th'. Now, since it's only 7 characters long, we can lengthen it a little by adding an exclamation point, so that it is '@SbA5Th!'.

Q1. Try this for your favorite song. Think of a few words in the lyrics of the song and take the letters of each of those words to create a password out of. Then, do some of the above steps to strengthen the password. Once you have finished with this, you can test your password out here. Try this with a few different passwords so that you get the hang of it. Now, copy that password into the email message you will send to your TA and explain why it is a strong password. (Please send us a password you made up just now and not the real password that you use for any of your accounts, etc.)

Email Security

Much of the time, viruses can spread through emails that look like they come from trusted sources. Other times hoaxes can be sent out through trustworthy-looking emails that try and get information about you such as your credit card number. Spotting these emails is very hard for software to do, and so it's up to you and your skepticism to figure out the good from the bad. Generally, the things to look for in an email message are the same things you should look for when looking at web sites. Here are a few of the ways that you can figure out whether an email is legitimate:

• Look at the return address. Is it really from who it says it is? Or is it from another domain?
• Look at the spelling. Are words spelled correctly? Is there proper punctuation?
• Look at what the email asks you to do. If the email asks you up front for any personal information such as a Social Security Number, it is more than likely not legitimate, as reputable sites do not generally ask for such information over email.
• Look at the links in the page. This is probably the most important step you can take, as oftentimes links in emails that try to get your personal information don't go where they say they go. Hover your mouse over the links before you click on them to make sure that they really go where they say.

One final thing to remember is to NEVER OPEN EMAIL ATTACHMENTS from people that you do not know. And even if you know the person, it is a good idea to scan the email attachment with an up-to-date virus scanner just to make sure, since a lot of viruses can disguise themselves as being from someone you know.

Q2. Now it's time to put what you just learned into practice. Here and here are two email messages. Using what you just learned, decide which one is real and which one is fake. Write your answer into the email that you will send the TA.

Using Windows Update

One way to protect your computer is to install patches for your operating system. A lot of times, there are flaws that are found in the code of operating systems like Windows and Macintosh, and so it is important to stay up-to-date on all of the latest patches so that your computer cannot become infected. Let's practice updating Windows now (though more than likely the lab machines do not need updating at the moment). Answer the following questions while following the lab instructions.

Q3. When was the last time the machine was updated?
Q4. Does this machine have Window XP Service Pack 2 (SP2) installed?

1. Click on Start > Control Panel.
2. Double-Click on Security Center.
3. In the Resources box, click the underlined sentence that says "Check for the latest updates from Windows Update".
4. This will bring you to the Windows Update web site. You can visit this web site on your home computer whenever you want to download and install critical updates.
5. In order to check for updates, click on the button marked "Express". This will scan your computer to see if any new updates are required. There should not be any updates listed, but if there were, all you would have to do is click on the button marked "Install Updates" to get your computer up to date.

In order to keep your computer up to date automatically, you can also enable automatic updates with Windows Update.

1. Click on Start > Control Panel.
2. Double-click on Automatic Updates.
3. Automatic updates should already be turned on with your lab computer. If you are doing this lab from home, click on the button that says 'Automatic (recommended)', then select the time that you want your computer to check for automatic updates. This will download and install all Windows updates automatically, though your computer has to be on in order for automatic updates to work.
   

Updating McAfee VirusScan

McAfee VirusScan is one example of anti-virus software and is what the UW uses to protect it's own computers. Anti-virus software does two things: 1.) It scans the hard drive and external devices such as USB flash drives, CDs, and floppy disks when they are connected to the computer for known viruses 2.) Anti-virus software can quarantine and sometimes disinfect individual files that have viral code in them. Sometimes you cannot separate a virus from a file once it has been inserted and the quarantined file has to be deleted. Either way, the virus is neutralized so you can repair any damage and get on with your digital life.

Every week new viruses, worms, and other nasty software get loose on the internet. So just having anti-virus software is not enough. You need to update your VirusScan definitions - the files that tell anti-virus software how to detect a specific virus - daily. McAfee VirusScan definitions can be updated automatically or manually. We will show you how to do both because sometimes a nasty virus spreads so fast that you should not wait for the auto-update feature to update your definitions. Answer these question by following the instructions for updating your virus definitions below.

Q5. What was the last time that this computer had its virus definitions updated?

To manually update your virus definitions in McAfee VirusScan:

1. Click on Start >Programs >Network Associates, VirusScan Console.
   
2. Click on Task, Update Now to initiate the update
   
3. Click on the Close button after receiving the "Update Finished" message.
   

To verify your Windows McAfee VirusScan software is automatically being updated with the latest virus definitions, or to enable automatic updates to your anti-virus software:

1. Click on Start >Programs >Network Associates VirusScan Console.
   
2. Find AutoUpdate in the list of Descriptions.
   
3. Right-click on AutoUpdate, and click on Properties.
   
4. Click on the Schedule tab.
   
5. Verify that the Enable box is checked: if the Enable box is not checked, click on the box to turn it on.
   
6. Verify the software is set up to run daily: if the Daily button is not on, click on the button to turn it on.
   
7. Verify the updates are running: click on Enable Randomization to allow updates at random times.
   
8. If you have updated your VirusScan configuration, click on OK to save your changes.
   

Scanning and Removing Spyware

Spyware is a common problem for Windows computers. Like a virus, Spyware is software that has been installed onto your system without your knowledge. Unlike a virus, Spyware is less overtly destructive and is therefore it is much less obvious when you are infected by Spyware. In truth, many problems windows users have with their programs and computers may be traced back to spyware. This software often uses up system resources such as memory and processor time and can corrupt files. While some anti-virus software now has the ability to look for and remove spyware, the best spyware detectors and removers are not the best anti-virus programs. Therefore, we will focus on scanning and removing spyware with anti-spyware tools as its own process, even though this process is very similar to the process of scanning and removing viruses.

Here is a free web-based way to scan your software for spyware:

1. Go to Spyware Doctor
   
2. Click "Start Spyware Scan Now!"
   
3. Allow the software to be downloaded and executed. The program may need to perform an automatic update in order to be able to detect all of the threats currently out there, so follow the instructions on your screen in order to allow it to do this.
   
4. Once Spyware Doctor has finished updating itself, it will automatically begin scanning your computer.
   
5. Wait for the results of the scan and note if there is any Spyware on the computer.
   
6. Exit the program, since it is just a free demo and cannot remove the spyware.
   

Another good Spyware removal program is Spybot Search and Destroy. It is free to download and is capable of detecting and removing most (but not all) of the spyware out there. Since these are lab computers and that kind of install is impossible we won't run you through the process but you are required to read this tutorial and answer the questions below.

Q6. What are some of the "threats" that Spybot can detect?
Q7. What color text does Spybot use to indicate threats in a scan report?

Checklist

1. I understand the keywords in this lab.
2. I know what a strong password is and have tested my own password for strength
3. I know how to detect fraudulent email messages and WILL NOT open email attachments that are unexpected.
4. I know how to update my computer using Windows Update.
5. I know how to update my virus definitions with McAfee.
6. I know how to scan for and remove spyware with Spybot.
7. I have completed all lab tasks
8. I have emailed my TA the answers to lab questions Q1-Q7.