Frequently Asked Security Questions

Topics

Antivirus Software Confidential Data Storage Data Backups DNS Security Enhancement Email Attachment Restrictions Email Virus Filtering Encryption Firewalls Identity Theft IRC Bots

Passwords Phishing Software Patch Updates Spam Filtering Basics Spam: Allow/Deny List Basics Spam: Sample Filter Settings Spyware Viruses Vulnerability Scanning and Remediation Wireless

Anti-virus Software

What is it?
Anti-virus software protects email, instant messages, and other files by removing viruses and worms. It may also quarantine infected files to keep a virus from spreading on your computer and can repair infected files so you can use them without fear of damaging your computer or spreading a virus to others.

What risks are involved?
If your computer isn't fortified against the most recent viruses, you leave your system wide open for every bug, worm, and virus floating around the Internet. These debilitating bugs and viruses can cause your computer to malfunction. They may also make your computer vulnerable to identity thieves and hackers.

What can I do to protect myself?
Install anti-virus software on your computer and run daily updates. Sophos anti-virus is free to all UC Davis students, faculty and staff, and can be used on home and work computers. See the Software License Coordination web site to download Sophos.

How do I know if I have anti-virus software on my computer?
A computer with a properly installed anti-virus software will generally prompt you to update the program every once and a while. If your computer doesn't ask you to update virus definitions, you may not have virus software properly installed. Some of the most common antivirus packages include: Sophos, McAfee, and TrendMicro.

Back to top

---

Confidential Data Storage

What is it?
Confidential data is any information you don't want others to obtain without your permission, including (but not limited to) your social security number, home address, phone numbers of friends/family/colleagues/students, your drivers license or bank account numbers, a list of all your passwords, your home address or phone numbers, your employee ID number, digital images, word documents containing personal text, etc. Most people store confidential data of some kind on their computers within Word files, address books, or application settings.

What risks are involved?
If unauthorized persons gain access to the confidential information you are storing, they could alter the information or use it to commit identity theft.

What can I do to protect myself?

• Only store confidential information on your computer if it is absolutely necessary.
• Store confidential information on portable media, such as a CD, flashdrive, ZIP disk or floppy disk. Secure the portable media in a locked cabinet when it is not being used.
• Encrypt files containing confidential data. Encryption is available on some operating systems. Refer to your operating system help center for instructions.
• Physically secure your computer (laptop or desktop) to the desk where it sits. You can purchase a simple cable lock (similar to a bike lock) at any tech-supply store for around $30 that will deter and usually prevent theft.
• Set your computer to ask you for an account password at login. If someone else is sneaking onto your computer, this will prevent them from gaining access to your files. For instructions on setting passwords, refer to your operating system help center.
• Be sure to disable the "Guest" account, as use of this account is likely to be untraceable.

Back to top

---

Data Backups

What is it?
To back up your files, simply create a second copy of your important documents somewhere other than your computer's hard drive.

What risks are involved?
If you don't back up your data, you run the risk of losing it. Your files could disappear due to a virus, computer crash, accidental keystroke, theft, or external disaster.

What can I do to protect myself?

• Back up critical and essential files on a daily basis and non-critical files on a weekly or monthly basis. You can back up your data to a CD, to an online back up service (for a small monthly fee), flash drive, USB key, or to a server, if you can get access to one from your Internet Service Provider or commercial vendor. Some companies offer automatic backups when you purchase their programs.
• Keep all your critical files in one place so you can easily create a duplicate copy.
• Store your backup media (CDs, disks, backup server, etc.) in a safe and secure place away from your computer, in case of fire or theft.
• Periodically test the capability to restore from the backup media. It's of little value to have a backup that is unreadable. To ensure that your backup files are reliable, simply upload the files to your computer.
• Faculty/Staff: Check with your department's Technical Support Coordinator (TSC) to find out if he or she runs regular backups of departmental computers.

Back to top

---

DNS Security Enhancement

What is DNS?
DNS stands for Domain Name System. DNS servers are a critical part of the campus network infrastructure and the Internet because they allow information on the Internet to be available when you enter a URL in your Web browser. UC Davis disabled one capability of the DNS servers --recursive DNS - to help improve security.

What is recursive DNS?
One example of recursive DNS is when someone who subscribes to an ISP (e.g. Comcast) configures their computer to use the UC Davis DNS servers rather than their ISP DNS servers to access the Internet.

How do I know if I'm using the UC Davis DNS servers?
If your DNS configuration uses 169.237.250.250 or 169.237.1.250, you are using the UC Davis DNS servers.

Why are my DNS server settings blank?
Most ISPs provide DNS server information automatically, so you won't see anything in the DNS server settings even though your computer is properly configured. Check with your ISP to be sure.

What security risks are involved in recursive DNS?

1. Cache poisoning: An attacker could redirect users attempting to reach one site, say a bank site, to a malicious site without their knowledge. For more information about this type of attack, see http://www.lurhq.com/dnscache.pdf.
2. Recursive DDoS attacks: An attacker can send streams of DNS queries to caching servers. As all of these servers answer the queries, the victim host is targeted with a massive distributed denial-of-service attack (DDoS). For more information, see http://www.us-cert.gov/reading_room/DNS-recursion033006.pdf.
   

Back to top

---

Email Attachment Restrictions

What are email attachment restrictions?
To help prevent the spread of viruses, the campus prevents certain attachment types from entering the campus email system. If someone sends you an email message with a file attached and that file is one of the restricted file types, you will not receive the attachment, but you will still receive the email message.

How will I know if attachments are removed from email messages I send/receive?
Recipients will receive a message clearly stating that an attachment was removed, the name of the attachment, why the attachment was removed, and options for resending the attachment as an unrestricted file type. However, senders of restricted file types will not receive notification that the attachment was removed.

Is there a list of file types that are being restricted?
Yes. See Attachment Restrictions page.

What can I do if a file type I want to send is on the restricted file type list?
If you need to share a file type that is on the restricted list, consider renaming the file to an unrestricted file type or using Web-based file sharing (such as MySpace, the file sharing section of MyUCDavis) or removable media (e.g. CD, Zip).

Does this mean that all attachments I receive will be safe?
No. You should continue to use caution when opening email attachments. Do not open attachments you were not expecting or from senders you don't know. Attachment restrictions reduce but may not eliminate the number of virus-infected attachments that reach the campus.

Back to top

Email Virus Filtering

What kind of email virus protection does UC Davis offer email users?
The virus filtering software detects and deletes known viruses attached to all the incoming and outgoing email messages that are processed through the central campus email servers.

Who benefits from this email filtering service?
All those who send or receive email through the central campus email servers will benefit from this service.

Why is email virus filtering necessary?
Not only are viruses annoying, but they can corrupt essential data stored on your computer, thereby compromising the integrity of your computing system. Since 87% of viruses originate or transmit themselves via email, the campus considers email filtering an important part of computer security.

How does the virus filtering system work? What do I have to do?
As an email user, you don't have to do anything to benefit from this service. Here's how it works: When you send an email, it always travels through an email server where it is routed to the recipient (the person to whom you're sending it). The servers with this new filtering software will act as "checkpoints," searching all incoming and outgoing email messages for known viruses.

What happens if I send a virus-infected email message?
If a known virus is attached to your message, the software on the server will detect it and delete it, protecting the recipient of your message from receiving the virus. As the sender of the infected message, you will receive a short message notifying you of the virus attached to your outgoing message.

What should I do if I get a notification message that I sent a virus-infected email?

• Be aware that the message and any attachment in question will not have been sent to the intended recipient.
• While the virus infection will be removed from the email, the infected computer from which the email originated will continue to be infected until virus removal efforts are complete. Check for virus conditions on your computer by running anti-virus software.
• Since certain viruses are clever enough to forge sender names, you might not actually have a virus on your computer. Contact IT Express (754-HELP) or your department's TSC for advice.

How do I know if my email goes through the central campus servers where this virus-scanning occurs?
If you have been receiving email at an "@ucdavis.edu" address, you will automatically benefit from this filtering service. If you receive email at an address that contains the name of a department (such as "@dept.ucdavis.edu"), your email processes through a separate department server.

My email doesn't go through the central campus servers. How do I find out what kind of protection my department email server provides me?
Contact your department's Technology Support Coordinator. If you don't know who your TSC is, visit the TSC directory to find out.

What else can I do to keep my personal computer virus-free?
The email filtering system will catch viruses in your email, but it is up to you to make sure your computer is protected. The best way to do this is to:

• Configure your computer to seek virus definition updates from your anti-virus software vendor on a daily basis. For more advice, contact IT Express at (530)754-HELP.
• Not open any attachment to an email that has a suspicious subject line, file name, or message. Remember: some viruses can forge themselves to appear as if they are from someone you know; therefore, the "from" line alone cannot be trusted.

Back to top

---

Encryption Basics

What kinds of information should be encrypted?
Restricted information such as:

1. Identity information (Social Security numbers, California driver’s license or identification card numbers)
2. Financial account information (checking, savings and credit card account numbers)
3. Student record information (grades, financial aid information)
4. Medical record information (diagnoses, treatment information, identity information included in medical records)

Why should I protect restricted information?
Several federal and state laws say that you must.  Several UC and UC Davis policies say that you must.  Failing to protect restricted information can have serious consequences, including financial penalties for you, the campus and the University. 

What is encryption software and what does it do?
Whole disk encryption software – like Pointsec for PC – garbles information stored on computers so that it cannot be understood if accessed without using the password (or key) that you use to un-garble (or decrypt) the information.  If your computer is lost or stolen and you have encryption activated, information on the computer will not be readable by individuals who try to access it.

Will Pointsec for PC work on my computer?
At this time, Pointsec only works on computers running Windows XP, Windows 2000 and Windows Vista operating systems. 

What will I see after Pointsec for PC is installed on my computer?
Once installed, Pointsec for PC encryption software is virtually invisible except when you boot or power on your computer.  Whenever you boot your computer, you will need to enter your password. 

If I have Pointsec for PC installed, is my computer encrypted whenever I’m not using it?
No. Your information is encrypted only when your computer is off or hibernating, or when you have turned on your computer but not yet entered your Pointsec password.  To ensure your data is protected by encryption without shutting down completely, select Hibernate.

How do I know if Pointsec encryption is right for me?
If you must store restricted information on your computer for business purposes, you may need to use encryption.  To help you determine if encryption is the right solution for you, please contact your technical support staff for assistance.  If local technical support is not available, Desktop Enterprise Solutions (DES) is available on a re-charge basis.  Contact desktop@ucdavis.edu or (530) 757-8907.

If I have my technical support person install Pointsec on my computer, will they have access to data on my computer?
Your technical support person will have access to data on your computer only if they also have a valid Windows account on your system.

Will my technical support person know my password? 
No.  Normally, the user account name and password are both reset during the first login.

What should I do if I forget my Pointsec password?
Contact your technical support person or cybersecurity@ucdavis.edu (UC Davis faculty and staff only) to help you reset your password.

Can I get help on campus with Pointsec ME and/or Pointsec for Linux?
These items are available but not supported at this time.

What types of files can Pointsec ME encrypt?
Pointsec ME will encrypt almost any file type. If you have difficulty encrypting a file using Pointsec for ME, please contact cybersecurity@ucdavis.edu.

Do I have to purchase Pointsec through campus Software Licensing Coordination?
The UCOP agreement requires a minimum order of 25 licenses.  If you are ordering 25 licenses or more, you may purchase directly or via Software Licensing.  If you are ordering fewer than 25 licenses, you should purchase through campus Software Licensing Coordination (https://my.ucdavis.edu/software).   

Back to top

---

Firewalls

What is a firewall?
A firewall acts as a protective barrier between your computer and the internet, monitoring all incoming and/or outgoing traffic and allowing only the network traffic you permit. Firewalls come in the form of software, which nestles itself between your operating system and your network card. They also come in the form of hardware; for many home and small office users, it is a simple router device that sits between your computer's network jack and the wall connection. You can customize the level of protection the firewall gives you, setting it to filter information flow from specific domain names, addresses or types of network traffic.

How does a firewall work?
Hackers search the Internet in a way akin to dialing random phone numbers. They send out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these random calls. If your computer doesn't respond, hackers won't know it's there.

What are the risks of not having a firewall?
If your computer, like most, is automatically set to enable file sharing or to keep network ports open while you are online, you could be susceptible to a variety of attacks. If you don't have a firewall, which will monitor ports to stop unwanted traffic from slipping through, you have to know how to manually close ports and disable file sharing in order to control risky traffic from coming in to your computer.

What do I need to know before installing a firewall?

• A firewall is not the single solution to computer problems. As with other computer security measures, malicious programs disguised as friendly ones can circumvent a firewall.
• Like any add-on to your computer, a firewall can interfere with other applications on your system.
• Firewalls may prevent campus vulnerability scanners from alerting you of a problem on your computer.
• Depending upon which department and network you belong to, there may be restrictions on the use of personal hardware firewalls/routers.
• If your computer comes with basic firewall capability or if you are thinking of installing a firewall, you should contact your tech-support person first.
• Faculty and staff should consult with their department's Technical Support Coordinator (TSC) before installing a firewall. Students can contact IT Express (754-HELP).

Does UC Davis use a firewall?
Campus departments may now purchase Netscreen firewall products through Corsa at a 35% discount. To receive this discount, purchases must reference the UC Davis blanket purchase order number. For additional information, visit the firewalls page.

Back to top

---

Identity Theft

What is identity theft?
Identity theft occurs when personal information is obtained by unauthorized individuals who then use that information to commit a crime such as fraud or theft.

Who is at risk for identity theft?
Everyone. Careful management of personal information, identification, and passwords can help minimize your risk.

What are the risks?
Victims of identity theft often have to spend time and money cleaning up their personal and financial records. In the meantime, they may be refused loans, housing or cars, or even get arrested for crimes they didn't commit.

What is the campus doing to protect my personal information?
No matter what your affiliation with the campus, your personal information resides on at least one campus computer system. The campus minimizes the number of systems on which personal information resides and mandates a high level of security on these systems. Individuals will be notified in the event that their information is obtained via a security breach.

How can I protect my personal information?

• Order a copy of your credit report from each of the three major credit bureaus - Equifax, Experian, and TransUnion. Make sure it's accurate and includes only those activities you've authorized. California residents can order one free copy of their credit report from each bureau annually. For more information on how to obtain your free credit report, visit the California Office of Privacy Protection.
• Place hard-to-guess passwords on your credit card, bank, and phone accounts. Keep your passwords and PIN numbers secret. Don't share your Kerberos password!
• Use a shredder when discarding documents containing personal identification.
• Don't send personal information via email.
• When shopping online, make sure the site is secure by looking for the padlock icon in the corner of the page that asks you to input your personal information.
• Don't keep personal information stored on computers unless necessary and encrypted.
• Ask about information security procedures in your workplace.

Back to top

---

IRC Bots

What are they?
IRC is short for Internet Relay Chat. IRC appears in software such as AOL Instant Messenger, Yahoo! Messenger, and ICQ.
A bot, or robot, is automated software set to perform certain functions. Many programs feature bots, which are not always malicious programs. An example of a peaceful IRC bot is a digital chat room moderator that boots and bans users who flood the channel with spam. Over the years, however, many malicious IRC bots have integrated themselves into popular programs and are proving to be a growing security risk.

What risks are involved?
A malicious bot could record everything you type in your IM program. Should you mention sensitive information such as credit card or bank account numbers, you are at risk for identity theft.  Bots can also create backdoors on your computer, giving hackers quick access to your system.

What can I do to protect myself?
Malicious bots tend to be both partnered with unofficial modifications to the IRC and integrated into spyware applications. To avoid these bots, never download an unofficial addition to a legitimate program and be sure to:

• Run an anti-spyware program on a weekly basis
• Virus scan all files on a weekly basis
• Download and install the latest operating system patches
• Enable Windows Firewall and/or purchase a third party firewall program

How do I know if I have an IRC bot on my computer?
You may not notice the presence of some bots. Others may slow your computer or show symptoms similar to those of spyware and viruses.
The CERT-In: Indian Computer Emergency Response Team site explains the functions of an IRC bot in detail and lists a technique to help Windows users locate IRC bots that may be running on their systems.
Securityspace.com offers a free malicious IRC bot vulnerability test for registered users (registration is free) at http://www.securityspace.com/smysecure/catid.html?id=14841.

Back to top

---

Passwords

Are passwords really an important part of security?
Yes, strong passwords can prevent unauthorized people from accessing the information you store on your computer, the applications you use that allow you access to others’ information and to services you use online (e.g. banking and shopping).

What is a strong password?
Strong passwords are those that would be difficult for others to guess – even those who know you well. Let’s face it, most of us choose passwords that we can easily remember, which usually means that we use a word, phrase or name we use in our daily lives. These are weak passwords because anyone who knows you could probably guess them.

How do I create a strong password?
To create a strong password, use a combination of uppercase and lowercase letters, numbers and symbols. The strongest passwords are 14 characters or longer. Avoid repeating characters or using sequences.

How do I know if a password is strong?
There are a number of password checkers available on the web, including Microsoft’s Password Checker: http://www.microsoft.com/protect/yourself/password/checker.mspx.

---

Phishing

What is it?
The term "phishing" (pronounced "fishing") refers to a form of fraud that uses email messages that appear to be from a reputable business (often a financial institution) in an attempt to gain personal or account information. The email message typically includes a link to a fake Web site that appears identical to a legitimate page. The fake Web page is used to collect the requested information. This information is then used for fraudulent purposes.

What risks are involved?
Once personal or account information is obtained, "phishers" may access your bank or credit card accounts, open new accounts in your name, or cash counterfeit checks on your account.

What can I do to protect myself?

• Be suspicious of messages requesting personal or account information.
• Be suspicious of messages threatening to close or suspend your account on short notice.
• Do not click on links in email messages. The text you see as the link may not be where the link takes you. Instead, type the Web page address in your browser.
• Check the authenticity of email messages by calling a company phone number known to be genuine.
• Use caution when making donations online.
• File a complaint with the Internet Fraud Complaint Center.

Back to top

---

Software Patch Updates

What is it?
Patches are updates that "fix" flaws in your operating system, the basic program that runs your computer (e.g.Windows 2000, Windows XP, Windows Vista or Macintosh OS X). Patches are released on an as-needed basis from your operating system vendor (such as Microsoft or Apple) and should be installed as they become available.

What risks are involved?
If your operating system goes unpatched, it leaves your computer vulnerable to hackers as well as viruses.

What can I do to protect myself?

• Windows users: Set your computer to download operating system updates on a regular basis. Look in your Control Panel and find System or Automatic Updates. You can also find Windows updates in the Tools menu in Internet Explorer, or by visiting Microsoft's Web site at http://windowsupdate.microsoft.com/.
• Mac OS X users: Consult the "software update" pane in the System Preferences utility to manually or automatically schedule updates.

What is UC Davis doing to protect me?
UC Davis provides resources to assist you in protecting your computer.

• The IT Express Help Desk will help you configure settings for automatic updates or help you with manual updates.
• Announcements are posted on TechNews and the Computer and Network Security Web site when new patches are released.
• Technical Support Coordinators (TSC) are available for faculty and staff in departments across campus.

Back to top

Spam Filtering Basics

What is spam?
Spam is unsolicited commercial email, or that junk mail that you get in your email inbox.

What is spam filtering?
Spam filtering helps reduce the amount of spam you receive in your email inbox.  There are a number of ways this can be done.

Does UC Davis filter spam?
Yes, UC Davis uses a number of techniques to identify and filter spam, and enables you to customize spam filtering for your campus email account.

How does the campus spam filtering service work?
UC Davis employs several different methods for identifying spam.  These methods work together to assign scores to potential spam email messages.  The scores assigned are based on lists of characteristics of known spam messages. 

Does every email message receive a spam score?
Most email messages will receive a spam score, but not all. Messages receiving a score of 4 or lower are more likely to be legitimate email messages.

Can spam filtering accidentally delete legitimate messages?
Spam filtering is not 100% accurate, so you may want to check your UCD-spam folder for false-positives. Through Geckomail or MyUCDavis, click UCD-spam from the list of folders on the left. Your UCD-spam folder is not accessible from email client like Outlook or Eudora unless you use IMAP.

Can I change the way the campus filters spam to my email account?
Yes, you can customize the way the campus filters spam to your email account by visiting http://email.ucdavis.edu/secure/spamfilter.php.  You can change the point at which spam is filtered to your UCD-spam folder and when it is automatically rejected.  You can also create allow and deny lists.

I have my campus email redirected to a non-UC Davis email account. Will the campus filter my email before it is redirected?
No, email is redirected before it is filtered.

My email is redirected to a departmental account at UC Davis. Will the campus filter my email before it is redirected?
No. Not unless your department's system administrator or Technology Support Coordinator is using the campus scanning and tagging service. Nonetheless, consult your administrator, as they may have local filtering.

How will these measures affect class mailing lists or other address lists that go to UC recipients?
List owners who have configured their lists to filter spam should see less spam get through. People posting from off-campus may have difficulty if they're routing mail through blocked mail servers, but that would be just as true if they were trying to mail an individual on campus--the fact that the addressee is a mailing list rather than an individual is not a factor.

Does UC Davis provide specially tailored filtering rules that I can use with my email program, as an alternative to using the central campus spam filtering utility?
UC Davis not provide specific spam filtering rules, but does provide instructions for setting up spam filtering on campus-supported email programs. You may access these instructions and learn more about spam filtering options by visiting the Campus Spam Filtering page.

What can I do if spam filtering set-up instructions are not available for my email program?
Most email programs allow you to set up filters. You should consult help resources for your program to see what anti-spam measures they offer.

If all messages with a high score are sent to a spam folder that is only accessible through MyUCDavis and Geckomail, how can I make sure that the spam filter is not sending legitimate email to this folder if I never use MyUCDavis or Geckomail?
The folder will be visible to any IMAP client; Geckomail is merely one example of an IET-supported IMAP client. If a user has an email program configured to connect to their server via IMAP, then no change in behavior will be required. Those who have configured their email program to POP can change that configuration to IMAP. For more information about POP and IMAP configurations, see The IT Express Knowledge Base article on POP and IMAP.

Back to top

Spam: Allow/Deny Lists

What are allow and deny lists?
Allow and deny lists enable you to further customize the campus spam filtering service. All email originating from addresses on an individual’s deny list is prevented from reaching that individual’s inbox. All email originating from addresses on the individual’s allow list is permitted to reach that individual’s inbox, even if it would otherwise have been marked as spam and filtered away from the inbox.

Why implement Allow/Deny Lists?
No single spam filtering measure filters 100% of spam. Allow and deny lists add an extra layer of protection against spam. Legitimate email messages from news lists or subscriptions to professional online magazines or other publications may be filtered as spam (a “false positive”). By placing the sender’s email address on their allow lists, recipients of these types of messages ensure that they will not be filtered as spam.

How do I create allow and deny lists?
Go to http://email.ucdavis.edu/secure/spamfilter.php.

Can I change allow and deny lists at any time?
Yes, and changes to accept and deny lists are effective immediately.

Can I add @ucdavis.edu addresses to my allow and deny lists? 
Yes, campus email addresses can be added to allow and deny lists.

Can I add a domain to an allow list?
Yes.  If you receive email from a particular domain (@ucdavis.edu, for example) that you do not want the campus spam filters to scan (and possibly send to your UCD-spam folder or delete), you can add it to your allow list.  This will ensure that you get all email from that domain.

Can I add a domain to a deny list?
Yes.  If you receive email from a particular domain (@ucdavis.edu, for example) that you always want the campus to send to your UCD-spam folder, you can add it to your deny list.  This will ensure that no email from that domain will reach your inbox.

Back to top

---

Sample Spam Settings*

	Reject Spam**	Aggressive**	Cautious (Campus Defaults)	Deliver All Mail
Filter spam	Yes	Yes	Yes	No
To UCD-spam folder	None	5	5	None
Summary	No	Yes	Yes	No
Delete Spam	5	10	15	15
What you can expect if you choose these settings.	All spam scoring 5 or above will be rejected automatically. No email will be sent to your UCD-spam folder.	Most spam will be rejected automatically, but some will be stored in your UCD-spam folder.	Most spam will be either rejected or sent to your UCD-spam folder.	You will receive all spam scoring less than15 that is sent to your email account.
Who might want to choose these settings?	Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder.	Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder	Most of the campus community will find that these settings provide the greatest level of accuracy with the least amount of spam delivered.	Individuals who want to receive all email that is directed to their email account, regardless of whether it is spam.
Other considerations	Set up allow lists to exempt certain email addresses or domains. Set up deny lists if you repeatedly receive spam scoring less than 5 from a particular address or domain.	Set up allow/deny lists to further customize your email filter.	Set up allow/deny lists to further customize your email filter.	Set up spam filtering using your email program’s junk mail or spam control features.

*You may want to make incremental changes to these settings until you find your desired combination. Messages receiving a score of 4 or lower may be legitimate email messages, so please use caution when filtering or deleting messages with very low scores.
** Please be aware that the more aggressively you filter spam, the more likely you are to receive false positives.

---

Spyware

What is it?
Spyware is software that gathers information about your Web-surfing habits for marketing purposes. Spyware "piggybacks" on programs you choose to download. Tucked away in the fine print of user agreements for many "free" downloads and services is a stipulation that the company will use spyware to monitor your web habits for business research purposes.

What risks are involved?
Spyware takes up memory and space on your computer. It can slow down your machine, transmit information without your knowledge, and lead to general computer malfunction. You may choose to keep certain spyware programs on your computer in exchange for the free services that accompany them, but you should be aware of how that might affect your computer.

What can I do to protect myself?

• Closely read user agreements for free programs before clicking, "I accept." Watch for allusions to spyware and adware in user agreements.
• Regularly scan your computer with an anti-spyware program.

Back to top

---

Viruses

What are they?
Malicious small programs that easily replicate themselves, infect your computer, and often spread to others' computers via email attachments or network traffic.

What risks are involved?
Virus programs can delete files, format disks, attack other computers or slow your system. They can also create "back doors" that allow hackers to run programs on your computer or to gain access to your files.

How do I know if I have a computer virus?
A computer infected with a virus may suddenly act in unexpected ways. For example, it may take longer to access files or to start up programs, or it may lock up often. You may also notice uncommon sounds being played from your speakers, a variety of images popping up on the screen, or problems starting your computer. These are all signs that your computer could be infected with a virus.

What can I do to protect myself?

• Install anti-virus software on your computer and run daily updates. Sophos Anti-virus is available to all UC Davis students, faculty and staff for free on the Software Web site.
• Install "patches" at your operating system's Web site to keep your computer fortified against possible attack.
• Mac users: http://www.apple.com/support.
• Windows users: http://v4.windowsupdate.microsoft.com/en/default.asp.
• Visit the Vulnerability Self-Test page to scan your computer for the virus infections and other critical security risks for which the campus scans.
• Do not open email attachments with suspicious subject lines, file names, or messages. Some viruses can forge themselves to appear as if they are from someone you know, therefore, the "from" line alone cannot be trusted.
• Be aware that viruses may come to you in links sent via Instant Messaging, email attachments, infected disks, freeware, shareware, or file-sharing.

What is UC Davis doing to protect me?
Virus filtering software checks every incoming and outgoing @ucdavis.edu email message for viruses. Widely-recognized viruses will automatically be filtered out of your incoming email. New viruses may still sneak through until the filter is trained to recognize them, which usually takes no more than 24 hours.

Back to top

Vulnerability Scanning and Remediation

What is vulnerability scanning?
The campus scans computers that are attempting to connect to secure campus services, (i.e., those requiring Kerberos passwords for authentication) and then denies access to those determined to be vulnerable or infected. If no vulnerability or infection is found, the user will be logged into the network without interruption. Most people may not even realize that their computers have been scanned.

What will happen if my computer is vulnerable?
If an infection or high potential for infection is found on your computer, you will not be allowed to access the campus network. Instructions for solving the problem and regaining access will then be provided to you.

What happens if the campus encounters a problem on my computer that cannot be fixed?
The campus may occasionally scan for critical problems for which no fix is yet available. In this case, you may be warned of the problem; however, access to the campus network will not be denied until a fix is available.

Will the campus scan my computer if I am attempting to connect to the campus network from off-campus?
No, the campus only scans computers attempting to access the campus network from a campus location.

What is the Self-scan service?
It allows you to test your computer for major viruses and vulnerabilities. Information for repairing any vulnerabilities and/or infections found are provided as needed when the scan is complete. To scan your computer, visit selfscan.ucdavis.edu and click "Test My Computer."

Where can I get more detailed information about this service?
Additional information is available at http://security.ucdavis.edu/secure/sysadminresource/vulnscan_faq.cfm. Access to this page is restricted to campus system administrators. To request access, contact itsecurity@ucdavis.edu.

Back to top

---

Wireless

What is it?
The freedom to browse the Internet while sitting at your favorite cafe or relaxing on the UC Davis quad. Wireless networks are sprouting up everywhere, including UC Davis.

What risks are involved?
Because wireless access points don't require a user to plug into a port, the networks are often more difficult to monitor and secure. Many off-campus wireless areas won't require you to sign in with a username and password. If you're buying things online or logging on to Internet applications, it's a lot easier for someone to record your keystrokes and steal your identity.

What can I do to protect myself?

• When on campus, use MoobilnetX. See http://wireless.ucdavis.edu/ for more info.
• Restrict your online shopping to wired connections.
• Don't open programs that contain identifying information while you're on a wireless network. In fact, don't keep your social security number, driver's license number, or bank account numbers anywhere on your computer, period.
• Keep your computer secure by applying operating system corrective patches when they are released by the software manufacturer and keeping your anti-virus program up to date. Other computers participating in the wireless connection could be infected or compromised and may attempt to spread virus infections or attempt to hack into peer computers attached to the wireless network.
• Disable file sharing so that others can't help themselves to files on your computer. For instructions, refer to your operating system help center.

Back to top