Protect your computer - "DOs and DONT's "
Safe computer usage
Protecting ones privacy, while working with a computer on the Internet,
involves both securing the computer as well as working with caution.
Even if the computer is clean and protected - clicking on the wrong
link or saving the wrong attachment can result in severe consequences.
We would like to emphasize some basic rules for safe computer usage:
- Do not open e-mail attachments, even if you
know the sender, unless you are expecting a message
with an attachment.
NOTE: The Authority for Computation NEVER sends attachments
to our messages/ bulletin distributions - so don't open
attachment even if you are convinced the Authority for Computation
has sent the message!
- Do not answer spam, not even the "unsubscribe" feature
that some spam mail offer. By answering, the spammers know that
your e-mail address is valid, thus increasing the amount of
spam you receive from that address.
- Be very cautious regarding links sent
to you by mail. It is advisable
not to follow the link at all, but if necessary - don't just click it
- type it, as the link you see might be deceptive and lead you to a
- Never send Passwords, or any other sensitive information, by mail - even if you are asked to do so, even if you are threatened that your account will be closed.
Remember - we never request this kind of information from HUJI
- Always logout properly from your mail account when working via web access (such as webmail, HUJImail, etc.). First click the Logout button or link and only then close your browser's window.
- Do not add backgrounds, smilies and other icons to the messages
Phishing is a type of deception designed to steal your identity.
In phishing scams, scam artists try to get you to disclose valuable
personal data - like credit card numbers, passwords, account
data, or other information - by convincing you to provide
it under false pretenses. Phishing schemes can be delivered online
through spam e-mail or pop-up windows.
View the following example - it is REAL, and was sent
to some researchers from the Faculty of Agriculture in the Hebrew
University. In this example the aim of the scam was to "phish" for
passwords under the pretence of writing on behalf of the faculty's
|From: email@example.com mailto:firstname.lastname@example.org]
Sent: Tuesday, June 07, 2005 12:52 AM
Subject: Security measures
Dear Valued Member,
According to our site policy you will have to confirm
your account by the following link or else your account
will be suspended within 24 hours for security reasons.
Thank you for your attention to this question. We apologize
Sincerely,Agri Security Department Assistant.
Precautions to take:
- Do not give
out any personal details. If a suspicious message arrives
mailbox, (a message requesting information that may look like
a message from an
official computing service in the university, for example) -
with our helpdesk that indeed such a message was sent.
- Upgrade your browsers - Internet Explorer 7 and Firefox 2 (and newer) can
help you to detect malicious sites. If you enter a site by clicking
a link from a message, you will be warned.
- Be careful when downloading freeware or shareware software
because these programs often contain spyware or malware applications.
- Do not click on links or buttons in pop-up advertisement
windows (including pop-up windows which look like Windows error
- Spyware can be installed.
- Worms and other malware
can be installed.
- Your browser can be hijacked.
- Do not give out personal information or e-mail addresses
unless you are sure the web site is legitimate. Furthermore:
- Make sure it is a secured site
- Check the certificate of the site and make sure it is
a trusted certificate
- Avoid adding plug-ins to your browser.
- Do not add any additional banners to your browser.
4. Connection with routers
The encryption methods used in wireless routers is very easy to crack, hence wireless connection, even when encrypted should not be regarded as a secure communication method. If you choose to use wireless communication we recommend using AES or CCMP encryption. If your equipment supports it use WPA2 (WPA2 is supported in equipment manufactured in 2002 or later, Windows XP SP3, Mac OS X, Linux with wpa_supplicant).
When using routers take the following precautions:
- The router's management interface should be protected using a strong password that differs from the connection password. Do not use the default password that was set by the manufacturer.
- Router management interface should be accessible only from a computer directly connected to the router using an Ethernet cable.
- Only your own home computers should be allowed to connect to the router.
- In case of suspicion that your wireless network was compromised you should immediately modify your passwords.
There are many different router management interfaces and we cannot
support them. Therefore, ask the technician who sets up your router to
assist you in configuring it according to these recommendations.
Please view our guidelines for choosing a password: http://ca.huji.ac.il/services/security/todo.shtml#password
5. Receiving CDs by regular mail
Do not insert into your computer any CDs, DVDs, diskettes, etc.,
unless you are certain of their source.
6. Disable Autorun
During the last few months we see a rise in the amount of viruses that spread using removable media. These viruses create a file (usually hidden) named "autorun.inf" on all accessible drives that executes a virus when the medium is inserted or accessed. This infection type is
not restricted to removable media and it can infect any drive to which the user has write permission.
There is a registry patch available on HUCA that disables the autorun functionality in order to prevent infection by such viruses. It is recommended to run it on all newly installed computers and, especially, computers being cleaned from viruses.