"Phishing" is any fraudulent attempt to get you to hand out your personal information to people who shouldn't have it. MarvQuin offers eight savvy tips for protecting yourself from phishing scams. Read the entire article for the full scoop, but here's a quick rundown:

1. Be immediately suspicious when an email message asking for personal information is particularly urgent, or particularly disappointing.
   
2. Never click on links in any mail that you are the least bit suspicious of, especially if the mails asks for personal data. Call the company instead.
   
3. Use only secure websites when providing personal and/or financial data (all modern browsers use a special padlock icon on the browser window to notify you that a site is secure).
   
4. Look carefully at the URL of any site asking for personal information, to make sure it belongs to the organization you think is doing the asking.
   
5. Use the phishing protection tools in your browser (if any are available).
   
6. Look at your online accounts periodically to make sure nothing's amiss.
   
7. Keep your browser updated.
   
8. Report phishers -- there are several commercial and governmental organizations fighting phishing, and they have addresses set up to take reports of illegal activity.

   Again, consult the article for full details. Good tips to keep in mind as you browse the web.

Every second Tuesday Microsoft releases patches for the Windows OS and related software.
This second Tuesday of June Microsoft released 6 patches.

5 vulnerabilities were for remote code execution
1 vulnerabilitie was for Information Disclosure

ITS has approved these patches to campus. You should update your home computer(s).

The affected products or components affected are:

Visio 2002 and 2003
Windows 2000, XP, and 2003
Windows Vista
Internet Explorer
Outlook Express 6

Every second Tuesday Microsoft releases patches for the Windows OS and related software.
This second Tuesday of April Microsoft released 7 critical patches.

7 vulnerabilities were for remote code execution

ITS will approve these patches to campus. You should update your home computer(s).

The 7 products or components affected are:

Microsoft Excel
Microsoft Word
Microsoft Office
Microsoft Exchange (Mail Server)
Internet Explorer
CAPICOM (Cryptographic API Component Object Model)
RPC running the DNS Server

Every second Tuesday Microsoft releases patches for the Windows OS and related software.
This second Tuesday of April Microsoft released 6 patches.

5 vulnerabilities were for remote code execution
1 vulnerabilities were for elevation of privilege

ITS has approved these patches to campus. You should update your home computer(s).

The 6 products or components affected are:

Graphical Device Interface (GDI)
Microsoft Content Management Server
Universal Plug and Play
Microsoft Agent
Windows Client/Server Run-Time Subsystem (CSRSS)
Windows Kernel

Every second Tuesday Microsoft releases patches for the Windows OS and related software.
This second Tuesday of February Microsoft released 12 patches.

During the winter break ITS will upgrade its software and equipment for SPAM protection and blocking. We anticipate that the result will be more accurate SPAM blocking (less SPAM reaching your mailbox as legitimate mail) and a more convenient interface for checking your personal quarantine.

ITS has been upgrading its entire portfolio of servers over the past several months. During November, the College’s SPAM control system, PureMessage, will receive a version and performance upgrade.

One of the main components of PureMessage is an heuristics engine that analyzes every incoming message to assess its likelihood of being SPAM. The engine assigns a score representing this likelihood and, depending on the score, messages are either dropped, quarantined, or delivered normally. The PureMessage quarantine is the component that most users see or use nearly every day; you receive notification that something is held in quarantine for you, along with a hyperlink to the quarantine. As you visit the quarantine Web page, you may then delete the messages or have them delivered normally.

Because spammers are constantly changing the content of their messages, the detection engine needs to be able to learn on the fly about new types of junk mail messages. Enhancements in the detection heuristics help ensure that PureMessage continues to differentiate between mail that should be delivered normally, mail that should be held for personal examination, and mail that should be rejected.

The new version of PureMessage will also streamline the notification process for messages held in quarantine. The url for checking the quarantine will no longer vary from day to day, but will be the same, allowing users to bookmark the page for future reference.

The volume of messages we process every day has also put stress on the system. When we install the new version, it will be on newer, higher performance hardware.

As you’ve probably noticed from your own mailbox, we have seen a sharp increase in the amount of spam email being received by Davidson College. In a recent 15-day time span over 1 million spam messages were diverted by our email servers before they were delivered to individual mailboxes. But the spammers are clever. They work to alter their messages to circumvent the multi-layered protection we have in place to thwart them.

ITS uses a combination of anti-spam defenses including software on our email gateway servers (PureMessage with Internet Mail Filtering enabled). While every effort is made to catch as much spam as possible, not all spam will be caught. To combat spam that makes it through PureMessage, you can help by using the junk e-mail filters available in Outlook 2003, Outlook Web Access (OWA), and Entourage. Office 2003 users have this option turned on by default. By default, it is set to "low," but if you continue to get a lot of spam in your inbox, the filter can be set higher. (Actions / Junk E-mail / Junk E-Mail Options.) You can customize the junk filter for your particular email as well; for more information, search Outlook's Help for "junk e-mail filter." To quickly add a name to the blocked senders list, right-click the junk e-mail message, and click Add Sender to Blocked Senders List from the shortcut menu.

Entourage, Office 2000, and OWA users will need to turn on this filter via OWA by following the steps outlined on this Web page.

ITS continually evaluates how we can improve our anti-spam efforts. Be sure to read the Security Suggestions for more information.

File sharing seems to be a great way to get any music or video you want without paying for it. But whether you know it or not you already are paying for it. File sharing across the Internet takes up bandwidth on our connection to the Internet, so we have to pay for a connection that is about twice the size that we would need without file sharing. That eats up a little tuition.

When a file sharing application gets out of control and requires that we find out what went wrong on the network, that takes away time that we could otherwise use to improve network services. When we get a notification from a media company that someone on campus is sharing a file out to the Internet, we spend time finding whose computer the file was shared from. When we find out, we temporarily suspend the network connection for that computer to make sure that the sharing stops. We do this to protect campus network participants from being sued by media companies. The Dean of Students, VP of Academic Affairs, or the staff member’s supervisor talks with the person involved to make sure he or she knows the college's policy on file sharing. And finally we require a form to be filled out to make sure that file sharing has stopped. All this causes us to lose otherwise productive time and subtracts from the quality of services provided by the staff involved.

Occasionally when some new twist on file sharing occurs, we meet with Deans and Vice Presidents and sometimes lawyers to ensure that we are following both the law of the land and the spirit of life on campus. Again this subtracts from their time in trying to make the college function as smoothly as it can. Although you might not notice it now or even while you are at Davidson, it is the fine grit that slowly wears away the gears that run the college. When your parents see another bump in tuition or when you graduate and are asked to give to the college, remember that you are paying a little bit of that for something that you thought was free.

Because we respond quickly to requests by media companies to stop sharing their content, we believe that the likelihood that any individual on campus will be sued is very low. If it ever happens though, that individual will, in effect, foot the entire bill for everyone’s dine and dash habits.

It’s probably a sign of the times that security updates for computers are now national news. Read any of the Internet news outlets—The New York Times, CNN, or MSNBC—and you’ll see stories about security vulnerabilities in our software and what the vendors are doing about it. During April both Apple and Microsoft released sets of patches deemed “critical.”

Automatic Updating

Whether you use a Mac or a PC for your personal use, patch distribution can be handled either automatically or manually. For Davidson-owned Windows systems, patches are pushed out by a system called “Windows Server Update Services” or WSUS. The WSUS server synchronizes its patch inventory with Microsoft. After a period of testing and evaluation, most patches are approved for distribution. If your system ever asks you if it’s ok to apply patches, you should save your work first, and answer "yes." Automatic updates may also be configured on non-Davidson Windows machines. It’s one of the property settings of “My Computer.” On April 11 Microsoft released several critical patches, one in particular that addresses vulnerabilities in Internet Explorer. Whether your system is Davidson-owned or not, you don’t need to visit the Microsoft Update site yourself; your system can handle updates automatically for you.

On the Macintosh side, the security patches were bundled into a “point upgrade” of OS 10.4—specifically 10.4.6. These point upgrades are more like the service packs periodically released by Microsoft for its Windows operating system. Various Macintosh support programs also received minor upgrades making the complete suite of updates over 100 MB. Like a Windows machine, there are various ways of handling updates, the most common is by configuring the “Software Update” application under “System Preferences.” The Apple updates were released on April 5.

Exploits Typically Addressed

Often the types of updates released by Apple and Microsoft are very similar in the types of exploits that they address. The two main categories that they address the most often are buffer overruns and privilege elevation. The buffer overrun vulnerability can allow savvy attackers to execute their own programs that might attack your computer or take control of it. The privilege elevation vulnerability can allow an attacker to gain administrative control of your computer and cause further damage. At Davidson we make every effort to stay ahead of the curve when it comes to patching. The modern operating systems we use the most, such as Windows, OS X, and Linux, are extremely complex so vulnerabilities are bound to crop up. Staying up to date on security patches, like staying up to date on virus scanning software, is an important way to ensure the integrity of your system.

Many of us have access to sensitive information that needs to remain private. We must protect this information from unauthorized access. The following are examples of things you should consider personal information: social security number, financial information, any other personal information you would prefer to remain secret. There are also state and federal regulations that classify certain information as private and protected.

There are many steps that can easily be taken to protect the privacy of information under your control:

Protect your password so that only you know it.
Consider who can easily see the information displayed on your computer monitor. Consider which direction your monitor faces and who can see it. Privacy screens are available if you regularly view sensitive information in fairly public settings. These privacy screens limit visibility to directly in front of the monitor.
Lock your workstation when unattended.
Secure your workspace and control access when you are away.
Consider where information is stored: shared file space, written to media that can easily be transported, printed to paper, sent in email, stored on mobile devices such as notebooks and handhelds. Secure and control access to each of these media. Many methods are available including door locks, safes, or keeping the media or device with you and in your control.
Protecting the privacy of information takes constant vigilance.

ITS has put processes into place to protect your data including passwords, permissions, anti-virus software, and firewalls. Much of the protection is configured into the computer setup, but by far the most important area to focus on in securing computer data is the people that touch the computers.

Being careful with passwords is extremely important but password security cannot be configured into the computer setup. Because of this, all users need to be aware and watchful. One security vulnerability occurs when someone appears to need legitimate information, but in fact, uses the information for malicious purposes. This is called the "social engineering scenario."

In this scenario, someone trying to gain unauthorized access to our systems or network will contact one or more people and ply them for information. In the beginning the questions may be for names and phone numbers and enough information to sound knowledgeable and legitimate. Then they may use information gained to pose as an insider and ask more pointed questions. So, when you are confronted with someone who appears legitimate and gives a very convincing story and asks for your password, consider that you might be facing a trap to compromise security. Many people fall prey and never even realize it. Know who you are dealing with and verify they are legitimate before revealing confidential and protected information.

Recently, a major security flaw was discovered in Firefox 1.5. This flaw allows malicious persons to gain control of Mac OS X or Linux computers running Firefox 1.5 and run code at their discretion. This flaw is fixed in version 1.5.0.1.

If you are using Firefox, please verify that you are running version 1.5.0.1. You can download the latest version from www.mozilla.com, or by opening Firefox and selection Help | Check for Upgrades. Mozilla rates this flaw as critical. If you have not already upgraded your copy of Firefox, please do so ASAP. While ITS does not support this application, the threat is serious enough that we wanted anyone who uses this software to be aware of the problem.

If I told you that I could surgically enhance you so that you could breathe with 10% less effort and the procedure was mostly safe and very inexpensive, would you have it done? If I told you that it involved drilling a hole directly in your chest and putting a tube directly from your lungs to the outside of your body, would you have it done? If I threw in a bit of window screening on the outside of the tube to keep big bugs from flying into your lung, would that ease your mind a little?

An extra hole might sound good if you have a stuffy nose. Nonetheless, I think I would decline. Although it would keep out the houseflies, the screen would let in a few gnats and millions of microorganisms every minute. I would have a perpetual case of pneumonia. I’d even have to clean lint out of my lungs. Does this sound disgusting enough already?

This scenario is similar to how we have run our Internet connection in the past. We have a firewall to keep unwanted intrusions out. We have Intrusion Prevention Systems and we have various methods of securely coming in to campus. But until recently we have gotten people access from off-campus by putting a hole in the firewall defenses (drilling a hole in the lung).

Now, however, we have ways of getting you onto campus that hit the target and only the target. Secure Remote Access (VPN; secure Outlook client, also called RPC over HTTP; and WebDAV) is now in place. People can connect into the network while keeping their transactions safe and private and protecting the college’s data and yours from prying eyes and intruders. People are signing up to use them in droves. Almost everyone who has a hole in the firewall for their individual use is switching to one of our Secure Remote Access methods. All the defenses that we have in place for the Internet can now do their jobs—keeping out the bad stuff and letting you in. Breathe.

To combat the pervasive problem of spam, ITS implemented PureMessage in May of last year. PureMessage scans email coming in from the Internet and assigns a spam score to each message. Messages that receive a spam score that falls within the spam threshold as defined on the server are quarantined, and messages that receive a spam score below that level are delivered to your inbox.

Fortunately, PureMessage has helped tremendously with the spam problem. Server statistics indicate that, on average, PureMessage has determined that approximately 60% of all email from off campus is spam. However, spam continues to be a problem. Even with the Outlook junk email filter enabled, spam still sometimes makes it to your inbox.

As another layer of protection from spam, ITS will be implementing the Exchange Intelligent Message filter on Monday, January 23. This filter will scan messages that either did not get scanned by PureMessage because they were sent to a distribution list, or messages that received a spam score lower than the PureMessage threshold defined on the server. Messages passing through the Intelligent Message Filter are assigned a “Spam Confidence Level" (SCL) which ranges from 0 (unlikely to be spam) to 9 (very likely to be spam). Initially, the SCL on the server will be set to 9. This should ensure that only the messages that are most likely to be spam will get sent to your junk email folder. This is how the Intelligent Message Filter will work:

If a message receives an SCL of 9, the Intelligent Message Filter checks the recipient’s safe senders list as defined in Outlook 2003 or OWA and then one of two things happen:

If the sender is on the recipient’s safe senders list, the message is delivered to the recipient’s inbox.
If the sender is not on the safe senders list or if no safe senders list is defined, the message is delivered to the recipients junk email folder.
If a message receives an SCL below 9, the Intelligent Message Filter checks the recipient’s blocked senders list as defined in Outlook 2003 or OWA and then one of two things happen:

If the sender is on the recipient’s blocked senders list, the message is delivered to the recipient’s junk email folder
If the sender is not on the blocked senders list or if no blocked senders list is defined, the message is delivered to the recipient’s inbox.
ITS will be monitoring and fine-tuning both PureMessage and the Intelligent Message Filter in an attempt to further reduce spam. Stay tuned for more information and details as they becomes available.

For this process to work correctly each user must have junk mail filtering turned on. Office 2003 users have this option turned on by default. Entourage, Office 2000, and OWA users will need to turn on this filter via OWA by following the steps outlined in the online kb article.