Help! My Computer Is Driving Me Crazy! Dealing with spam, popup boxes, computer viruses, spyware, and adware

1
Help! My Computer Is Driving Me Crazy!Dealing
with spam, popup boxes, computer viruses,
spyware, and adware

• ?Mark Branom 650.725.1717
• markb_at_stanford.edu
• May 24, 2005

2
Topics

• Computer Security
• Protecting Against Computer Viruses
• Dealing with Spam
• Dealing with Pop-up Ads and Banners
• Dealing with Spyware / Adware / WebBugs (Malware)
  

3
Computer Security

• Computer security tips and mandates for Stanford
  can be found at http//securecomputing.stanford.
  edu
• Make sure your password/passphrase is easy to
  remember but hard for others to guess. Some
  suggestions for good ones are athttp//unixdocs.
  stanford.edu/passwords.html
• Stanford primarily uses host-based security to
  protect the University network and computing
  systems. This means that every computer and
  system connected to the network needs to be
  protected against hackers and viruses.
• Make sure your computer is patched against
  security holes.
• Download and install the BigFix Patch Management
  Softwarehttp//www.stanford.edu/services/bigfix/
  
• You can also update your computer manually
• Windows users go to http//windowsupdate.microsoft
  .com
• Mac users go to http//www.apple.com/support/downl
  oads

4
Computer Security Encrypting Passwords

• Always use PC-Leland, MacLeland, SSL (Secure
  Socket Layers), or SSH (Secure SHell) whenever
  you send your password across the network. These
  tools encrypt your password and will help prevent
  its theft.
• You can get PC-Leland, MacLeland, SecureCRT, and
  SecureFX from the Essential Stanford Software
  website http//ess.stanford.edu

5
Computer SecuritySniffer log -- No encryption

• Note This is particularly a problem for
  wireless network connections!
• -- TCP/IP LOG -- TM Mon Sep 6 000116 --
• PATH elaine1.Stanford.EDUgt elaine2.stanford.edu
• DATA(255)(253)C(255)(251)X(255)(251)_(255)(251
  )!(255)(251)"(255)(251)'(255)(253)E
• VT100(255)(240)(255)(253)A(255)Amarkb
• g(127) tGtBatU
• logout

SUNet ID
password
6
Computer SecuritySniffer Log of Same
Transmission Using PC-Leland

• TCP/IP LOG -- TM Sun Sep 5 165119 --
• PATH elaine1.Stanford.EDUgt elaine2.Stanford.EDU
• STAT Sun Sep 5 165126, 73 pkts, 128 bytes
  DATA (255)(253)(159)(255)(251)_(255)(253)A(255)
  (253)C(255) (251)(255)(251)(255)(250)_
• PX(255)(240)(255)(250)(255)(240)(255)(253)(2
  55)(250)E(255)(240)(255)(250)AAB(255)(240)
• Samson(255)(240)(255)(250)X

7
Computer SecurityLocking Your Computer When You
Take a Break

• Windows Users
• 1) Log into PC-Leland
• 2) Click PC-Leland (or right-click PC-Leland)
• 3) Choose Lock PC
• Macintosh Users
• Require password to wake the computer from a
  screen saver
• 1) Open System Preferences.
• 2) Click Security.
• 3) Check the box Require password to wake this
  computer from sleep or screen saver.
• 4) Close System Preferences.
• To have your screen saver turn on when you put
  your mouse in a particular corner of the screen
• 1) Open System Preferences.
• 2) Click Desktop and Screen Saver.
• 3) Click Screen Saver.
• 4) Click Hot Corners
• 5) Click the pull-down menu in the desired corner
  and select Start Screen Saver.
• 6) Click OK.
• 7) Close System Preferences.

8
Protecting Against Computer Viruses

• Most people already have anti-virus software on
  their computers. Symantec AntiVirus is available
  at no cost to Stanford users at the Essential
  Stanford Software page http//ess.stanford.edu/
• Your anti-virus program is only as good as the
  last time it was updated with the latest virus
  definitions. These are needed to identify and
  screen for the newest viruses. To update your
  virus definitions, run LiveUpdate.
• Set LiveUpdate to update the anti-virus
  definitions daily.
• Schedule at least weekly scans of your computer
  (daily is better).
• Instructions for installing Symantec AntiVirus,
  checking for new viruses, scheduling LiveUpdate,
  and scheduling scans of your computer are at
• Windows Users http//www.stanford.edu/dept/itss/e
  ss/pc/docs/sav/index.html
• Mac Usershttp//www.stanford.edu/dept/itss/ess/m
  ac/docs/nav9/index.html

9
Spam

• Spam is any unsolicited email that you receive.
• Tips for preventing spam
• Do not reply to spam!
• Some junkmail messages urge you to send an
  unsubscribe reply to get off their list. This
  is a common ploy for harvesting email addresses.
  Instead of getting off their lists, youll be
  added to others (your email address may even be
  sold to other direct marketers), and youll find
  yourself getting more spam than before.
• Dont use complete email addresses on web pages
  or newsgroup postings.
• jdoe AT stanford DOT edu
• lta href"http//stanfordwho.stanford.edu/lookup/?s
  earchJohn20Doe"gt Contact John Doe lt/agt

10
Dealing with Spam

• http//email.stanford.edu/antispam/
• Anti-Spam Filter -- Identifies incoming spam and
  tags it
• If spam still makes it through, you can help
  improve the filters by sending the spam to
  ltfalsenegatives_at_stanford.edugt.
• Spam Deletion Tool -- Catches and discards tagged
  spam messages before they enters your inbox.
• Email filtering -- If you configure your email
  program to shunt tagged spam headed for your
  inbox to a trash or antispam folder instead,
  spam can become manageable.
• Header before the filter identifies and tags
  spam
• Subject Get What You Want
• From eDiets Motivation ltmotivation_at_EDIETS.COMgt
• Header after
• Subject SPAM Get What You Want
• From eDiets Motivation ltmotivation_at_EDIETS.COMgt

11
Dealing with Pop Up Ads and Banners

• Banner ads have become universal as a form of
  advertising on the Web. These are usually narrow
  graphics, sometimes logos, sometimes animated
  signboards, about an inch and a half high and
  about 4 inches long.
• Pop Up ads are usually small windows that pop up
  either when a link or linked item is clicked, or
  by some automatic stimulus. Pop Up ads can
  appear either on top of or behind open browser
  windows.
• Pop Up and Banner Ad Blockers (warning -- these
  can cause trouble with some web-based
  applications such as Kronos or ReportMart)
• Webwasher (blocks both Pop Up and Banner
  ads) http//www.webwasher.com (Windows only)
• AdSubtract (blocks both Pop Up and Banner ads)
  http//www.adsubtract.com (Windows only)
• Google toolbar (blocks Pop Up ads)
  http//toolbar.google.com (Windows only)
• Safari (blocks Pop Up ads) http//www.apple.com
  /safari (Apple OS X only)
• Netscape 7 (blocks Pop Up ads)
  http//www.netscape.com (Mac/Windows)
• Firefox (blocks Pop Up ads) http//www.getfirefo
  x.com (Mac/Windows)

12
Dealing with Spyware / Adware / WebBugs (Malware)

• Spyware
• Any technology or programming on your computer
  that covertly gathers information to sell to
  advertisers or to others.
• Spyware is installed without the user's consent
  (if you give consent for a company to collect
  your data this is no longer considered spying, so
  read online data disclosure statements carefully
  before consenting).
• Spyware can steal your privacy or even your
  identity.
• Adware
• Any software that contains advertisements.
• Some adware includes code that tracks users
  personal information and passes it onto third
  parties, thus making it spyware (see Web Bugs).
• WebBugs
• Web bugs are usually small, invisible graphics
  that are embedded in web pages and HTML email.
  They are used by advertisers to gather and track
  information about users and their activities on
  the Internet.
• Answers.com definition and example of Web
  Bugshttp//tinyurl.com/7xg5f
• Electronic Frontier Foundations definition and
  exampleshttp//www.eff.org/Privacy/Marketing/web
  _bug.html

13
How do you get spyware?

• Spyware applications can sneak onto your machine
  when you
• open spam email (even by simply viewing it!)
• visit a website
• click a pop-up window
• use a file-sharing service (e.g., Kazaa,
  BearShare, Grokster, Gnutella)
• download "free" utilities, games, toolbars, media
  players, etc.
• The download process is often unannounced, so
  that you will remain unaware that your computer
  has accepted spyware -- a drive-by download.
• Some places you can pick up spyware
• Gator (http//www.gator.com) will try to trick
  you into installing the spyware programs if you
  say no, it asks are you sure?
• CometCursor (http//www.cometcursor.com) installs
  a cute cursor, but then tracks your computer
  information and sends it to the company.
• Connect2Party and TheDialer silently disconnect
  your modem, then reconnect using an international
  long-distance number or 900 number.

14
Symptoms That Spyware Is on Your Computer

• You have a modem and your phone bill includes
  expensive calls to 900 numbers you never made.
• Your browsers default search tool changes
  unexpectedly to a search tool youve never seen
  before.
• Your anti-spyware or anti-virus software stops
  working.
• New items appear in your Favorites or Bookmarks.
• Your system runs slower than it used to.
• Pop up advertisements appear when your browser is
  not running.
• Your browsers home page changes to something
  unwanted.

15
Avoiding Spyware

• Install and run anti-spyware applications.
  Remember that your anti-spyware application is
  only as good as its definitions, so keep them up
  to date!
• SpySweeper (http//ess.stanford.edu)
• Stanford University has a site license.
• SpyBot (http//www.safer-networking.org)
• Free, but the tool is developed and maintained by
  a single individual.
• Ad-Aware (http//www.lavasoft.com)
• Only legal to use on home machines do not use it
  on work computers.
• Avoid peer-to-peer file sharing services (e.g.,
  Kazaa, BearShare, Grokster, Gnutella).
• Do not open spam email. As mentioned before, web
  bugs can be embedded in contaminated HTML email,
  and if you open a contaminated email message, the
  bug is launched. It is not safe to open
  unsolicited email.
• Dont install anything without understanding
  EXACTLY what it is. Read the end-user license
  agreement carefully.
• Browser settings can help protect your computer.
  In Internet Explorer, set the Internet Zone to at
  least Medium. Deny the browser permission to
  install ActiveX controls. Firewalls can also be
  used to help prevent hackers and other nefarious
  intruders from attacking your computer -- the
  firewall that comes with Windows XP SP2 is a good
  one.

16
Resources

• Stanford-licensed software at the Essential
  Stanford Software (ESS) site --
  http//ess.stanford.edu
• Computer Security
• Secure Computing at Stanford --
  http//securecomputing.stanford.eduBigFix Tool
  -- http//www.stanford.edu/services/bigfix/Good
  Passwords -- http//unixdocs.stanford.edu/password
  s.htmlWindows OS Updates -- http//windowsupdate.
  microsoft.com Macintosh OS Updates --
  http//www.apple.com/support/downloads
• Spam Stanfords Anti-Spam Website --
  http//email.stanford.edu/antispam/
• Spyware Anti-Spyware Software SpySweeper --
  http//ess.stanford.eduAnti-Spyware Software
  SpyBot -- http//www.safer-networking.orgAnti-Spy
  ware Software Ad-Aware (home machines only) --
  http//www.lavasoft.com
• Pop Up and Banner Ad Blockers
• Webwasher (blocks both Pop Up and Banner ads) --
  http//www.webwasher.com (Windows only)
• AdSubtract (blocks both Pop Up and Banner ads)
  -- http//www.adsubtract.com (Windows only)
• Google toolbar (blocks Pop Up ads) --
  http//toolbar.google.com/ (Windows only)
• Safari (blocks Pop Up ads) -- http//www.apple.co
  m/safari/ (Apple OS X only)
• Netscape 7 (blocks Pop Up ads) --
  http//www.netscape.com (Mac/Windows)
• Spyware Software
• SpySweeper -- http//ess.stanford.edu
• SpyBot -- http//www.safer-networking.org
• Ad-Aware -- http//www.lavasoft.com (only for
  home machines, not work computers)