Technology @ QMU

Essential IT for distance & part-time learners

Version 1.3, August 2009

 Contents

About this guide Page 2

1 Getting started – all about your QMU IT accounts 3

2 IT requirements for distance and part-time learning 5

3 Basic health & safety advice for computer users 6

4 QMU IT regulations & acceptable usage policy 7

5 Accessing and using Webmail 10

6 About WebCT – QMU’s virtual learning environment 24

7 Software for use at home 25

8 Remote access with the Citrix Remote Access gateway 26

9 Changing your QMU password remotely 31

10 Frequently asked questions about QMU IT and technology 35

11 Getting help with QMU IT and technology 36

12 APPENDIX - Computer security for ‘home’ users: 37

13 – Antivirus 38
14 – Disabling filesharing 42
15 – Firewall 49
16 – Spyware 53
17 – Windows updates 60

1
 About this guide

Welcome to QMU.

This guide has been created to help distance and part-time learners get
started with IT and technology @ QMU.

You will find information on how to access and use key QMU systems
remotely, as well as how to get support when you require it.

Avril A Brown
IS Systems & Training Manager
August 2009

2
 1 Getting started – all about your QMU IT accounts

Your QMU accounts –

QMU student username:

Password:

Email address:

Your student username and password (usually called your user account)
enables you to access essential QMU resources like your email inbox, your
home directory area, WebCT, ePortfolio and the student portal (called QM:u).

Your username and password are unique and should not be passed to anyone
else.

Your student username is the same as your student number.

NB: You are responsible for all the actions and activities carried out with your
username, even if they were done by someone else.

3
You must be a matriculated QMU student in order to get a student username
and password. You can matriculate online, and you should have received
information from the Registry department with details of how to do this. Once
you have matriculated, your user account will be activated and you will
receive a temporary password.

When you first login using the temporary password, you will be prompted to
change it.

You will be asked to change your password again every 60 days. To change
your password at this time, just follow the on-screen instructions.

If you need to change your password at any other time:

• Press the <CTRL>, <ALT> and <DELETE> keys together and choose
the Change Password option.

Some quick password facts:

• Your password must be at least 7 characters long.

• Your password must contain 3 of these types of characters:
o Uppercase letters (ie A, B, C etc)
o Lowercase letters (ie a, b, c etc)
o Numbers (ie 0, 1, 2 etc)
o Non-alphabetic characters (ie $, !, £, % etc)
• An example of a suitable password might be: Fr@nce98

Remember these important points:

• Your password cannot be the same as your username.

• Your password cannot contain your full name or part of your name.

4
 2 IT requirements for distance and part-time learning

If you are studying at home, you need to have the following:

• Suitable – preferably dedicated – IT equipment.

o This would normally be your own PC or laptop, or perhaps
equipment supplied by your employer.
o NB – QMU does not normally provide loan equipment for students
to study at home. Special circumstances may apply for students
affected by disabilities – if you think this might apply to you, you
can contact the Student Disabilities Advisor who is based in the
Student Services department.

• The IT equipment must be secured in such a way as to prevent

unauthorised access to your QMU data.

• High speed internet connection.

o Broadband is generally preferable.
o QMU does not provide or pay for internet connections – you will
need to organise your own internet service provider.

• The LRC Service Desk will provide telephone and email-based IT support
for distance learning working at home during LRC opening hours.
o LRC opening hours are:
• Monday – Friday 0900 – 2100
• Saturday & Sunday 0900 - 1700
o LRC staff cannot undertake repairs on your own IT equipment.

• If you are working at home, you need to be aware of the health and
safety considerations that might affect you. You can get more
information about this in the next section.

If you are based in a QMU partner institution, you should have access to
IT equipment suitable to support your studies. See the sections on QMU
webmail, WebCT and the QMU remote desktop for details on how to access
your QMU accounts.

5
 3 Basic health & safety advice for computer users

If you regularly use a computer for your studies, there are several things you
can do to avoid hurting your neck, back, hands, wrists and eyes:

• Put the equipment in a comfortable place for you to use it. Rearrange the
desk if necessary.

• Make sure you can see the screen clearly without having to squint or
strain your eyes. Wear your glasses if you have them and if you are
having problems, get your eyes tested.

• If you are based in the UK, your status as student means that you should
be able to get a free eye test.

• Sit up straight with your feet flat on the floor. Do not hunch up or cross
your legs.

• Do not use the computer for very long periods without taking a break.
Aim to do an hour at a time before you have up to a five-minute break.

• Avoid reflections or glare on the screen. Move it or pull the curtains or

blinds.

• For more information on how to set up and use a computer safely, contact
QMU’s Health & Safety Officer.

6
 4 QMU IT regulations & acceptable usage policy

As a distance or part time learner, you may never use QMU computers on
campus. However, any time you access QMU systems remotely, you are still
subject to QMU IT regulations and policies.

It is important that you read the following information carefully and make sure
that you understand the contents. If you are unsure about any part of the
Computing Regulations & Acceptable Usage Policy, then you should contact
the LRC Service Desk. Staff will be pleased to explain the policy to you.

QMU IT systems are provided for your benefit, and we want you to make use
of them to support your studies.

However, all IT systems and services belong to QMU, and there are rules and
regulations about how you can use them.

Your responsibilities

o You are required to treat all QMU IT systems and services with respect.

o You are responsible for everything that is done via your QMU IT user
accounts. As such you must bear the following in mind:

o Do not give out your user account details and password to anyone
else, nor allow anyone else to use your account.
o Do not use QMU computers or systems to offend, harass or
inconvenience others.
o Do not use QMU computers or systems to download or reproduce
materials that may offend or upset others.
o Do not use the facilities for recreational purposes such as games and
chat sites.
o Respect others’ privacy. Avoid sending unsolicited email (inc chain
letters, adverts etc).

7
QMU is flexible

o As an academic establishment, QMU has a flexible attitude towards

internet use and email.

o QMU does not block or filter the words or terms that you can search on,
nor does it prevent you from accessing any sites.

o That does not mean, however, that you can use QMU systems to access
or download pornographic or other offensive or objectionable material.

Unacceptable activities

o Unacceptable activities can take a variety of form, some of which are

listed below:

o Transmitting or downloading obscene or offensive materials.

o Transmitting or downloading threatening material, or material
intended to harass or frighten.
o Transmitting or downloading defamatory material.
o Infringing copyright.
o ‘Hacking’ or other deliberately disruptive activities such as introducing
viruses and other malware to QMU IT systems.
o Interfering with or damaging QMU IT systems.
o Using QMU IT systems to transmit unsolicited advertising, run a
business or other similar activities.

The law

o Your use of QMU IT systems is covered by current UK statutory laws.

These include:
o Computer Misuse Act
o Theft Act
o Defamation Act
o Copyright Designs and Patents Act
o Data Protection Act

o Your use of QMU’s IT systems is also governed by the JANET Acceptable

Use Policy. You can find details of this at:
http://www.ja.net/documents/use.html.
8
Consequences of misuse

o Anyone found to be misusing QMU IT systems will normally be cautioned

in the first instance. We accept that sometimes computer misuse is
accidental.

o Continued misuse will lead to your accounts being disabled. This means
that you will be unable to access any of QMU’s IT and communications
services.

o In cases of serious misuse, your account will be disabled and all access to
QMU systems denied immediately. This will impact on your studies.

o All instances of serious misuse will be reported to your Head of Subject. It

is likely that you will be asked to communicate directly with them to
explain what has happened.

o Your accounts will not be reinstated until appropriate authorisation has

been received from your Head of Subject.

Getting help and advice

o No matter how careful you are using computers, the unexpected does
sometimes happen.

o If the unexpected does happen to you, do not worry and do not panic.
Contact staff at the LRC Service Desk and they will advise you.

o If you are worried about any aspect of IT at QMU, again please contact
staff at the LRC Service Desk. They will be happy to guide and advise
you.

9
 5 Accessing and using Webmail

INTRODUCTION
Outlook Web Access allows you to send and receive emails via a web browser
such as Internet Explorer from any computer in the world with an internet
connection.

LOG IN
¾ You need to make sure that you have a working internet connection.

¾ Launch your web browser, eg Internet Explorer, Netscape, Firefox etc.

¾ Go to this web address: https://mail.qmu.ac.uk/exchange

It is really important that you type in: httpS. This ensures that your
connection to the web-mail pages is encrypted. This will protect the
information that your computer exchanges with the QMU email servers.

Once you have typed in the web address, you will get the following security
alert:

Click on Yes.

You do not have to view the certificate,

as it has already been confirmed by QMU
as being secure.

Your browser probably will not be able to

recognise the issuing company, but this
will not compromise your security or stop
you from logging on.

10
If you use a dial-up modem connection and you feel that it is slow, you may
wish to select Basic Client. You will have reduced functionality but the speed
will be faster.

Note: Do not change the Security section. Leave it as Public.

If your home computer runs the Microsoft Windows Vista operating

system, then you may encounter a problem replaying to emails via Webmail.
Emails can be read, but when you click on the Reply button, a red ‘X’ appears
on screen. If this happens, please contact the LRC Service Desk for
information on how to workaround this issue.

11
VIEW AN EMAIL

Do you like the

Reading pane? If not
switch it off or move it
to the bottom of the
screen by pressing
this button.

Once logged in the screen will show the email in a screen similar to that of
the desktop version of Outlook 2003.

You can choose to either view the email in the preview pane on the right hand
side. Alternatively you can double click the email, and it will open in a new
window. It will display as above.

12
CREATE A NEW EMAIL

Click on the New icon (you must have clicked on the inbox first).

The following screen will appear:

Want to use a
spellchecker?
Just click on
this icon

13
Type in the name of the recipient in the To box.

You can type in the first few characters of the persons name as below then
use the check name facility to verify the name:

If the name is correctly identified by the system it will be underlined as shown

here.

14
You can also click on the To button to add the addresses.

Click here to change

between the global
address list or your
own personal contacts
list

Type in part of the name then click Find.

15
Highlight the name you wish to add then click the To button, add any other
people then click Close.

Should you wish to change the priority or track the email click Options and
choose from the options shown.

Click Close to close the box and return to the new email screen.

16
Write the email then click Send.

17
REPLY TO OR FORWARD AN EMAIL
Just as there are 2 ways to view an email (in the preview pane or in its own
window). There are also 2 ways to respond to an email.

Preview Pane
To respond to an email whilst viewing in the preview pane
y Ensure the email you wish to respond to is highlighted
y Click the appropriate button as below
Reply – Reply to All – Forward

18
Email in its Own Window
To respond to an email whilst viewing in the preview pane
• Double click the email so it is opened in its own window.
• Click the appropriate button as below

19
CALENDAR FUNCTIONS
To access your calendar click on the Calendar icon in the Folder List

To create a Calendar item you can either double click on a blank space within
the middle window or click New.

A blank new calendar item window appears from where you can type in the
Subject and Location as well as adjust the start and end times.

If this is only a reminder for yourself click Save and Close:

20
You can also invite colleagues to attend a meeting and check their calendar to
determine if each person is busy.

To do this click Availability.

The Availability window opens where you can add a users name in and the
persons availability will be displayed.

21
 After a few seconds
the users name will
appear displaying the
person’s availability.

The availability is
displayed on this line.
Blue=busy.

When you have

finished click Send.

Back at the main

screen, you can see
your appointment.

PUBLIC FOLDERS
Outlook Web Access also gives you full access to your Public folders.

To access public folders

click Public Folders

in the left hand pane.

The window above appears from where you can access all the Public Folders
you have access to.

22
HOW TO CHANGE YOUR PASSWORD REMOTELY

You can also use the Outlook Web Access service to change your QMU
password remotely.

Section 9 Changing your QMU password remotely on page 31 has full

instructions.

LOG OFF
It is very important that you log off correctly, especially if you’re using a public
computer on holiday or in an internet café.

The reason we ask you to ensure that you log off correctly is that when you
open an attachment it is saved to a temporary folder on the local computer.
When you log off using the correct procedure the temporary folder is emptied.
If you don’t log off correctly there is the possibility that someone could find
this temporary folder and gain access to any attachments viewed.

When you
have finished
please
ensure you
click Log Off

23
 6 About WebCT – QMU’s virtual learning environment

Open your web browser and go to

the QMU home page at:
http://www.qmu.ac.uk
Go to the Quick links to …. menu
at the top right-hand section of
the screen.
Click on the arrow and scroll down
the menu.
Select WebCT.
Logon to WebCT using your QMU
student username and password.
Please note the following:
Browser Check:
We highly recommend that you
perform a browser check before
logging in to ensure your computer is
properly configured to use WebCT.
Pop-up Blockers:
WebCT makes use of pop-up windows.
If you have a pop-up blocker installed,
please disable it for this site.
Java Security Certificate:
After logging in to WebCT, you will be
prompted to accept a Java Security
Certificate. You must click Yes or
Always or Run to ensure that WebCT
will work properly in your browser.
functionality using Java will

Once logged into WebCT, select Your Learning Resource Centre from the list
of modules available to you.

Click on the Essential Directions link to access the LRC induction material.

24
 7 Software for use at home

QMU has negotiated agreements which allow students to obtain the

undernoted applications for use at home.

Currently the applications you can get to use:

¾ SPSS
¾ Reference Manager
¾ PinPoint

SPSS (currently v15)

Request an SPSS installation pack from the LRC Service Desk. You will be
asked to complete a license form and pay a fee of £10. A deposit of £20 is
required to secure the installation pack. This is refundable on return of the
pack. You may borrow the pack for 2 weeks (10 working days).

Reference Manager
Contact the LRC Service Desk to request the Reference Manager Personal
Purchase form. Follow the instructions on the form to obtain a copy of
Reference Manager directly from the supplier at a reduced price.

PinPoint
Rarely used now, however disk sets obtainable at a cost of £1 per set.
Contact the LRC Service Desk for more information.

Alternatively, you can access all QMU applications from home by using the
Citrix Access Gateway.

25
 8 Remote access with the Citrix Access Gateway

Citrix Remote Desktop is a method of connecting to the QMU network and

running a virtual desktop environment that will give you access to all your
files, the intranet, network applications and all electronic resources that are
available on campus.

The service replicates the thin-client desktop that is available on any campus
based terminal. It is aimed at users who have a broadband connection to the
internet and who need access to QMU applications and files.

Getting started
One of the benefits of this method of remote access is the very limited
configuration that is required to access the system. However, there are a few
steps that must be followed to initiate a stable connection.

• Open your web browser and browse to https://access.qmu.ac.uk/.

Please note the https rather than plain http denoting a secure,
encrypted connection.

• After a short pause where the system checks the configuration of the
computer on which you are working, the login screen will be
displayed. It is important that you read any messages displayed in the
Message Center area of the screen. Click on the link contained in this
area to download and install the client software for your operating
system.

When prompted, save the

executable file to a location that is
easy to remember, for example to
the Desktop.

26
 Once the file has
been downloaded,
click on Run to install
the software. Click
Run again when
prompted.

After a short pause

you will be prompted
to continue the setup
of the client software.
Click on Yes to
continue.

27
 Click Yes on the licence
agreement window.

When installation is
complete, you will be
presented by a confirmation
window. Click OK to
continue.

Close and reopen your browser. This completes the setup phase of the
process and will not need to be completed again on this computer.

28
Making a connection
Once the configuration stage is complete all future connections can be
initiated from this point in the documentation.

Go to:
https://access.qmu.ac.uk/.

Enter your usual QMU network

username, password and enter
QMU as the domain. Click on Log
In to continue.

Click on the QM Desktop icon in

the Applications area of the
screen.

29
 The QM Desktop application will
launch and the Citrix connection
splash screen will display the
connection progress. You will be
logged into the thin-client
environment automatically using
the username and password
entered earlier in the process.

Finishing up
When you have completed using the service, log out of the remote desktop by
clicking on Start, Log Off.

Click Log Off in the browser window. This stage is particularly important if you
share a computer as others who come along later may be able to run a
connection using your credentials.

Printing
Please note – if you use the Citrix Remote Access gateway, then it’s
unfortunately not possible to print documents to any ‘local’ printer you might
have. All printing is configured to be sent to the corporate MFDs on campus.

The only workaround for this is to email your files to yourself. Log out of the
Citrix Remote Access Gateway. Use Webmail to access your email. Save the
files to your local PC. Then print locally. This workaround assumes that you
have appropriate software loaded on your PC.

Sound
The Citrix Remote Access Gateway has been configured so that sound is not
broadcast over the connection. If you need to work from home with any kind
of audio files, then please contact the LRC Service Desk for more information.

30
 9 Changing your QMU password remotely

INTRODUCTION
Passwords for QMU staff and students expire every 60 days. You will be
notified up to 14 days in advance of your password expiring. If you fail to
change your password before the expiry date, your account will be locked and
you will be unable to login.

If this happens, you will need to contact QMU and request that your password
be reset.

For details of how to contact QMU for assistance please see section 10 Getting
Help with QMU IT and technology on page 36.

PASSWORD REQUIREMENTS
• Your password must be at least 7 characters long.
o This is to make it much more difficult for the password to be
‘cracked’ or guessed.

• Your password must contain 3 of these 4 types of character:

o Uppercase letters (ie A to Z)
o Lowercase letters (ie a to z)
o Numbers (ie 0 to 9)
o Non-alphabetic characters (ie $, !, £, % etc)
o An example of a suitable password would be: Fr@nce98

• Your password cannot be the same as your username.

o This would be a very insecure password, as it is very easy to
guess.

• Your password cannot contain your full name or part of your name.

• QMU systems will prompt you to change your password every 60 days.

31
CHANGING YOUR PASSWORD REMOTELY
There are 3 main ways to change your QMU password remotely.

Via the QMU Citrix Remote Desktop service

Using your internet browser, go

to: https://access.qmu.ac.uk

Enter your usual QMU network

username, password and enter
QMU as the domain. Click on Log
In to continue.

If you haven’t already configured

the Remote Desktop service on
your computer you will be
prompted to download and
install the Citrix client.

Instructions on how to do this are available here:

http://www.qmu.ac.uk/it/Remote_Access/default.htm

Once you have logged in to the Remote Desktop service, press the [CTRL]
[ALT] and [DELETE] keys together. This will bring up the Windows Security
dialog box.

Click on the Change Password box.

Input your old (ie current password) where prompted.

In the New password box enter a new password of your choosing.

Enter your new password again in the Confirm new password box.

Click Ok.

Your password has now been changed.

32
Alternative method via the Citrix Remote Desktop service

Depending on your computer setup the [CTRL] [ALT] and [DELETE] option
may not work correctly within the Citrix Remote Desktop environment, and
may fail to bring up the Windows Security dialog box.

Instead, you can launch this dialog box when you are logged into the Citrix
environment by following these steps:

Click on Start.

Choose Windows Security.

This will bring up the Windows Security box.

Proceed as outlined above.

Outlook Web Access

Outlook Web Access allows you to send and receive emails via a web browser
such as Internet Explorer from any computer in the world with an Internet
connection.

You can also use it to reset your QMU password remotely.

Section 5 Accessing and using Webmail on page 10 has full instructions on

how to access the QMU webmail service.

Once you have logged into the QMU Webmail service, you
will see the following on the left hand side of the screen:

Click on Options.

33
Scroll down until you reach the Password area.

Click on Change Password.

Type your username in the Username

box.

Type your current password in the Old

password box.

Then type a new password in the New

password box. Type your new password
again in the Confirm new password
box. Then click OK to change your
password.

34
10 Frequently asked questions about QMU IT and technology

Why do I need a QMU email account?

Academic staff and services like the LRC will communicate with you via your
QM email address throughout your studies. Even if you have your own email
account elsewhere you must maintain and use your QM email account for QM
business.

Help! I’ve forgotten my password.

Contact the LRC Service Desk. Once your identity has been verified, staff will
be able to reset your password for you.

How can I learn how to use Microsoft Excel?

You will find a range of learning materials on a number of IT skills and
applications – including Microsoft Excel – in WebCT. Login to WebCT and
access the module Your Learning Resource Centre. You will find all you need
in the LEARN area.

You may also be able to borrow relevant learning packs from the LRC.
Contact the LRC Service Desk to find out more.

35
11 Getting help with QMU IT and technology

IT support for students is provided by staff in the Learning Resource Centre

(LRC) Any student who has an IT issue or query can contact the LRC Service
Desk.

By telephone

Dial +44 (0)131 474 0000 and ask for LRC or Learning Resource Centre.
Phones are staffed during opening hours.

By email

Email – LRChelp@qmu.ac.uk. Staff will respond to your enquiry during

opening hours.

In person

Face to face services are provided by staff at the LRC Service desk.

LRC Service Desk opening hours are:

0900-2100 Monday – Friday; 0900-1700 weekends

If LRC staff are unable to resolve an issue, then it will be logged and
investigated further.

36
12 APPENDIX - Computer security for ‘home’ users

The tips contained in this section are intended to help students using their
own computers for QMU-related work protect themselves from viruses,
spyware and other threats.

There are 5 main areas covered:

• Anti-virus

• Disabling filesharing

• Firewall

• Spyware

• Windows updates

37
13 Computer security - Antivirus

Virus is a ‘catch-all’ term for any kind of software program, the sole intention
of which is to damage or disrupt computer systems. Virus infections can
affect computer systems in a number of ways, such as causing the computer
to reboot constantly, destroying or deleting data and removing access to key
applications.

Key indicators that a system may be infected with a virus:

1. Specific symptoms of infection

2. Computer system demonstrates slow performance.
(NB computer perfomance may be slow for reasons other than virus
infection).
3. Computer halts or ‘crashes’ on a regular basis.
4. Missing files and folders.
5. Appearance of unexpected files or folders.
6. Large numbers of error messages.
7. Internet browser set to a different ‘home’ page.
8. Appearance of pop-up windows.
9. Changes in the screen resolution.

Avoiding virus infection

The critical step is the installation of current up-to-date antivirus software. A
number of free antivirus applications are available, including AVG Free which
is available from: www.download.com. Other antivirus applications which are
available include Norton, McAfee and Symantec, however these are not free.

Avoid virus infection via emails

To avoid virus infected emails, it is recommended that you do not open any
emails from unknown sources. Additionally, you should not open any email
attachments before first running a virus scan on the file.

38
Avoid data loss from virus infections
Information Services recommends that you regularly backup all your
important documents and files. You can use any kind of removable storage
media, such as CDs, DVDs or USB ‘flash’ disks. Information Services do not
recommend the use of floppy disks, as these are prone to data loss and
corruption. It is also highly recommended that staff important University work
to their networked home directory, which is stored and backed up on the QMU
network.

Be aware of what you are accessing and downloading from the

internet:
Information Services recommends that you do not download from unknown
websites etc, or download material that could have embedded viruses, such as
*.exe files. FTP programs should also be used with care.

Regular house keeping procedures

Information Services recommends that as a minimum, you carry out a weekly
virus scan on your computer to ensure that there are no viruses present.

Update your protection

New viruses appear on a daily basis, and in order to maintain protection it is
vital that antivirus applications are kept current with regular manufacturer’s
updates applied. In addition, Microsoft release regular ‘patches’ and ‘fixes’ for
known issues via a system known as Windows Updates. These updates
should be downloaded and applied wherever applicable.

Who creates viruses?

The authors of viruses are generally people looking for some kind of social
recognition or notoriety within their peer group.

Why do people create and release viruses?

For most virus writers it is less about causing havoc, and more about showing
off and gaining bragging rights over their peer group. There are others who
create and release viruses simply to cause as much damage to infected
systems as possible, often for revenge. Some viruses may be aimed at
specific ‘targets’, such as government systems, particular corporations etc.

39
Different kinds of virus
There are a number of different kinds of virus found in the ‘wild’. Each
exhibits a number of different characteristics and infection vectors. Those
most commonly found are:

1. Trojan Horse
2. Worm
3. Bomb
4. Port Scanner

What is a Trojan Horse virus?

Trojan Horses are impostors – that is, files that claim to be something
desirable but are in fact malicious. The major difference between Trojan and
other viruses is that a Trojan does not replicate itself. A Trojan virus contains
malicious code that when executed can cause data loss or theft of data. A
Trojan is activated by the downloading of the program to a computer, or by
running a file from the internet.

What is a Worm virus?

A worm virus is an infection which will replicate itself from system to system
without the use of a host file on any of these systems. This is in contrast to
viruses that require a host file to spread the infected files. Worms normally
exist inside other files such as Word documents, and use that document to
travel from system to system.

What is a denial of service attack?

A denial of service attack (DoS) is not a virus as such, but is a method hackers
use to deny users access to a particular computer or a system. These types
of attack are typically executed using DoS tools that send huge amounts of
packets of information to a targeted system. This then floods the server’s
resources, thus making the system unusable. Any system that is connected to
the internet and uses the TCP/IP networking protocol is at risk of a denial of
service attack. The following link has some useful information regarding DoS
attacks:
http://securityresponse.symantec.com/avcenter/venc/data/dos.attack.html

If a computer is switched off, can it be infected by a virus?

No. However there could be a dormant virus on the system waiting for a
certain trigger to activate the virus and release its payload.

40
Which are the most dangerous viruses?
How dangerous a virus is depends on two main factors - the damage it causes
and its ability to spread. Therefore, a virus that deletes information and
spreads rapidly over the internet is more dangerous that a virus that can
delete information but does not have the ability to spread.

Further information
The following internet links will take you to various sites that have more
information on viruses and virus outbreaks:
1. http://uk.mcafee.com/virusInfo/default.asp?cid=10474
2. http://www.sophos.com/virusinfo/
3. http://www.sophos.com/support/
4. http://securityresponse.symantec.com/avcenter/vinfodb.html
5. http://www.f-secure.com/virus-info/
6. http://www.trendmicro.com/vinfo/
7. http://www3.ca.com/securityadvisor/virusinfo/default.aspx
8. http://secunia.com/virus_information/
9. http://www.stiller.com/

Online scanners that could be use if a virus is suspected

1. http://housecall.trendmicro.com/
2. http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
3. http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
4. http://windowsxp.mvps.org/Scanners.htm
5. http://www.thefreecountry.com/security/antivirus.shtml
6. http://www.wilders.org/free_services.htm

41
14 Computer security – Disabling file sharing

The Microsoft Windows family of operating systems offers users the ability to
share files and folders over the network. Whilst this functionality has its uses,
users should consider it with caution, as unsecured file sharing may leave the
computer vulnerable to external threats via the internet.

There are a variety of ‘worms’ and hacker tools circulating, which are used to
scan the internet for computers running Windows operating systems. These
tools will then attempt to break into, or to infect these computers using the
Windows file sharing protocols.

If your computer runs a Windows operating system, and you don’t need to
share your files and folders, then Information Services recommends that you
completely disable file sharing on your computer.

If you must share files and folders, then you should increase your security.

42
How to disable file and print sharing – Windows Vista

Go to the Start menu and select Network.

Click Network and Sharing Center.

43
Expand the File Sharing option, select Turn off file sharing, and click
Apply.

44
How to disable file and print sharing – Windows XP

Go to the Start menu and select Control Panel.

Click on Network and choose Internet Connections.

Click on Network Connections.

45
Right-click on your Local Area Network connection and select Properties.

The Local Area Connection Properties window displays all of the protocols
and services currently installed for your network adapter.

• Uncheck File and Printer Sharing for Microsoft Networks if

present.
• Uncheck NetBEUI Protocol if present.
• Uncheck IPX/SPX Protocol if present.
• Click OK.

46
How to disable file and print sharing – Windows 95 / 98

Click on Start and select Control Panel.

Select Network.

47
Choose File and printer sharing for Microsoft Networks.

Click Remove.

Click OK. You will be prompted to restart your computer.

48
15 Computer security – Firewall

A firewall is a software application (or sometimes a hardware device) that

filters information coming from the internet. Without a firewall your computer
may be directly accessible via the internet, thus leaving you vulnerable to
hackers, viruses and other offensive material. You can think of a firewall as a
kind of barrier, which protects your computer from potential destructive
forces. Although a firewall can help protect your computer, it should only
form part of your computer security ‘package’.

What does a firewall protect you from?

A firewall can help protect against:

Remote logins / backdoors – an external attacker is able to log on and access

your computer remotely.
SMTP session hijacking – an external attacker gains access to users’ email
address books, and uses them to send junk email (known as SPAM) to the
contacts.
Email bombs – very large quantities of email is sent to your email system,
filling up mailboxes and preventing the delivery of genuine mail.
Macros and other scripts – a series of computer commands, used by attackers
to disrupt and damage computer systems, and to steal information.

A firewall will help protect your computer, but it is a limited resource. When a
firewall is properly configured, it will block illicit and unauthorised access to
your computer. However, your computer security package should include not
only a firewall, but also antivirus and anti-spyware software as well.

Failure to protect your computer properly means that your files and personal
and confidential information may be accessible via the internet. This may
make you vulnerable to identity theft.

49
How does a firewall work?

A firewall can be modified to offer user specific protection. The higher the
level of security the less will get through. When modifying a firewall its best to
initially block everything and then select what to accept and what block. (this
is often tedious but will offer a more personalised security blanket).

Packet filtering
Information transmitted by computers is split up into small chunks, called
packets. A firewall inspects all the information packets received from the
internet, and compares them to the configured filters before forwarding them
to the appropriate systems. Filters can be defined in many ways, including the
blocking of certain words, websites, types of file etc. Any information packs
which do not get through the firewall are discarded.

Stateful inspections
This is similar to packet filtering, but it is a more thorough process. This time
the firewall checks the contents of the packet, and additionally tries to identify
the source of the packet.

Outbound filtering
Many firewalls only operate in one direction. That is, they only filter
information which is received, and not that which is sent. Outbound filtering
is used to prevent malicious activity from within. For example, it is possible
for a computer to be ‘hijacked’ by an external source, and used to send junk
mail or to attack other systems.

Installing a firewall

Firewalls can either be software- or hardware-based.

Windows XP, for example, is supplied with built-in firewall software. However,
this is rather basic and cannot be modified by users. Service Pack 2, which is
the current update for Windows XP contains Microsoft’s new Security Centre,
which has a more fully featured firewall. The additional functionality includes
the ability to modify the firewall to tailor the protection levels.

Some antivirus software (eg Norton, Zone Alarm etc) also contain built-in
firewalls.

50
Hardware firewalls for home users are supplied as routers. Routers are
devices which connect your computer to the internet.

Firewall configuration

A firewall can be configured to protect your computer in a number of ways:

IP addresses - Every computer on the internet is assigned a unique ‘address’,

made up of four sets of numbers. A typical IP address might look like this:
216.27.61.137. You can block the IP address of any computer which you
don’t want to be able to connect to your computer.

Domain names - Because it is hard to remember the numbers that make up

an IP address, all servers on the Internet also have human-readable names,
called domain names, eg qmu.ac.uk. This means that you can choose to
either block access to specific domain names, or to only allow access to
certain domain names.

Protocols - Protocols are the method which computers use to communicate

with each other. The IP protocol, for example, is the main method used to
deliver information via the internet. HTTP is used for web pages. You can
choose which protocols your computer will accept.

Ports - Any server machine which makes its services available to the internet
uses numbered ports. There is one port for each service which is available
on the server. For example, if a server machine is running a web (or HTTP
server) and an FTP server, then the web server would be available on port 80
and the FTP server on port 21. You can choose to block any port number.

Word filters - Word filters can consist of single words or phrases. The firewall
will sniff, or search through each packet of information for an exact match of
the text listed in the filter. You can include as many words, phrases and
variations of them as you need.

Home uses are likely to be most concerned with domain name, port and word
filters.

51
Additional steps to protect your computer

• Do not set your internet security and privacy levels to low. Lowered
securitylevels may be convenient, but they can make your computer
vulnerable to attack.
• Maintain current up-to-date antivirus and anti-spyware software.
• Install pop-up blocker software.
• Keep your operating system up-to-date, and regularly check for ‘patches’,
fixes and updates.

Further information

www.firewallguide.com
www.howstuffworks.com/firewall.htm
www.microsoft.com/athome/security/protect/default.mspx

52
16 Computer security – Spyware

What is spyware?

Spyware is a type of program which insinuates itself into your computer’s

operating system. Most kinds of spyware target the Windows family of
operating systems, and it is estimated that anything up to 70% of all personal
computers may be infected with some kind of spyware.

Spyware is designed to do a number of things. It may track your internet

browsing, generate annoying pop-ups containing sales offers, or generate
traffic for a host website. What spyware is not, is a virus. A computer virus is
a piece of code which is designed to replicate itself as many times as possible,
and spread from one host computer to any other computers connected to it.
Viruses generally contain payloads which may damage your computer’s
operating system or personal files.

Spyware, however, is not normally intended to damage your computer.

Spyware essentially is any program that gets into your computer without
permission and hides in the background while it makes unwanted changes to
your user experience. Any damage it does in incidental – its primary function
is to serve you targeted advertisements, or make your browser display certain
sites or search results.

Some of the more notorious spyware distributors include: Gator, Bonzi

Buddy, 180 Solutions, Direct Revenue, Cydoor, CoolWebSearch, Xupitor,
XXXDial and Euniverse.

Pop-up banners such as the one illustrated above may conceal spyware.

53
There are other kinds of “Ware” software lurking on the internet:

Malware - a general term for any program which makes changes

(ie does malicious or unwanted things) without your
express permission.

Adware - programs designed specifically to deliver unrequested

advertising.

Stealware - specific spyware designed to capture mouse ‘clicks’ or

website referral credits.

Browser hijacker - a malicious program which becomes deeply embedded

into your internet browser’s code and core functionality.

How does spyware get on to computers?

Spyware usually gets onto computers through the actions of users. Clicking a
button on a pop-up window, installing a software package or agreeing to add
functionality to internet browser software, are known invitations to spyware.
These applications encourage users to install them by using simply trickery
including fake system alert messages to buttons labelled “Cancel”, which
actually do the opposite.

Some of the ways spyware gets onto a computer:

Piggybacked software installation

There are some applications, such as peer-to-peer file sharing clients, which
install spyware as part of the standard installation. To ensure that you are
not getting more than the application you actually want, then you have to
read the installation list very carefully. This is particularly true of any “free”
software versions which are advertised as alternatives to retail versions.

54
 Beware of Kazaa, as it
has been known to
include spyware in its
download package,
despite claims to the
contrary.

Drive-by download
This is when a website or pop-up window automatically tries to download and
install spyware on your computer. The only warning you might receive is a
standard browser message naming the software and asking if it is okay to
install.

This is a standard Internet

Explorer security warning.
If your security levels are
set too low, you won’t even
get this warning.

55
Browser add-ons
These are software which claim to add enhancements to your internet
browser. The most common kinds are toolbars, animated pals or additional
search boxes. Sometimes these do actually do what they claim, but most do
also include some element of spyware as part of the downloand. Other times,
the add-on is simply very thinly disguised spyware.

Bonzi Buddy is an add-

on application that
also includes spyware
in its download
package.

Browser hijackers
These are particularly nasty add-ons, which embed themselves deeply into
your computer’s operating system, and can be very difficult to get rid of.

Masquerading as anti-spyware
This is not uncommon. This cruel type of software attempts to convince you
that it is a tool to detect and remove spyware.

When you run this tool, it tells you

that your computer is clean, whilst in
the background it is installing its own
spyware.

Escape this kind of download by

clicking on the red ‘X’ in the top right
hand corner.

56
Snitches and sneaks
There are computer programs that really do spy on you. These applications
are designed to hide silently on your computer and intercept such personal
information as your usernames and passwords. These programs include
Bugdrop, Back Orifice and VX2. These applications are more like viruses or
hacker tools, than spyware.

What does spyware do?

Spyware can do any number of things once it is installed on your computer.

At the least, most spyware will run as a background application as soon as the
computer is started up. This means that it can hog memory and processor
power. It might also generate endless pop-up adverts, rendering your
internet browser so slow that it becomes unusable. It might also reset your
browser home page.

Other spyware might redirect your internet searches, and control any search
results. This renders your search engine practically useless. Spyware can
also modify the program files which your computer uses to connect the
internet, causing connectivity problems that can be hard to diagnose.

Some spyware types have the ability to modify your internet connection
settings, redirecting your modem dialup to expensive telephone numbers.
Other types modify your firewall settings to permit otherwise unauthorised
traffic through to your computer. Still more spyware has been written in such
a way that it ‘knows’ when you try to remove them from the Windows registry
and can intercept your attempts to do so.

The purpose of spyware is sometimes unclear. Mostly it is used by advertisers

to generate traffic to their sites. Sometimes it can be used to steal affiliate
credit. Some of the major online vendors (eg Amazon.com and Ebay.com)
offer credit to any website successfully directing traffic from their pages.
Some spyware is written to capture your requests to visit these sites and then
claim the credit for the referral.

57
Unfortunately, spyware is not actually illegal in many parts of the world.
Where there is existing legislation, it can be difficult to enforce, and it can also
be hard to find sufficient evidence to link the creators of spyware to their
products.

How can spyware be detected and removed?

If your computer is infected by spyware, then there are several applications

you can use for effective detection and removal. These include:

• Ad-aware http://www.lavasoftusa.com/software/adaware/

• Spybot http://www.safer-networking.org/en/spybotsd/index.html

• Microsoft http://www.microsoft.com/athome/security/spyware/software/default.mspx

All of these offer free personal editions for home users. They work quite
similarly to antivirus software, in that they provide on-going ‘active’ protection
as well as detection. In addition, they can detect internet ‘cookies’ and advise
you which sites these refer back to.

NB: You may require specific removal instructions for certain types of
spyware. Additional information is available from:

http://www.spywareguide.com or from http://www.spywareinfo.com.

There are a number of different ways to block spyware from your computer:

58
Use a pop-up blocker
Many of the current internet browsers, including Internet Explorer 6.0 and
Mozilla Firefox 1.0, have tools which stop websites from serving you pop-up
windows. You can configure this function either to be ‘always on’ or
alternatively to alert you each time a website is trying to deliver a pop-up
window. In addition, the function can tell you where the pop-up originates
from, and it lets you selectively allow pop-up windows from trusted sources.

Disable Active-X
Most internet browsers have security settings in their preferences which allow
you to specify what action websites are permitted to perform on your
computer. As many spyware applications make use of Windows Active-X
coding, it can be helpful to disable Active-X on your browser. It is worth
noting, however, that this will also disallow any legitimate use of Active-X, and
thus interfere with the functionality of some websites.

Be suspicious of installing new software

Generally, it pays to be suspicious if a website prompts you to install
downloads onto your computer. If you don’t recognise the name of the plug-
in, then it makes sense to reject the installation of the download. Most
modern websites are sufficiently sophisticated for most of their functionality to
work inside the internet browser, thus requiring only minimum standard plug-
ins such as Flash, QuickTime, Java etc. It is always sensible to check first and
see if the website will work without the download, and most trustworthy sites
will give you the opportunity to go back and download the component later if
you do really need it.

Use the ‘X’ to close pop-up windows

Get familiar with your computer’s standard system messages. This will help
you recognise any fakes. Stay away from the ‘No thanks’ buttons on the fake
messages. Instead, close the window with the default ‘X’ in the top right
hand corner. Another reliable option is to use the keystroke combination for
“close window” which is built into your software. If you look in your internet
browser’s File menu, the combination should be listed. In Firefox, for
example, the combination is: CTRL and W.

59
17 Computer security – Windows updates

Microsoft Windows updates are crucial for any Microsoft operating system.
They take the form of an online resource, provided by Microsoft and which is
accessible to any user for download.

The downloads update your Windows operating system, resolving any known
issues and problems, and thus helping it to run smoothly and more efficiently.

Microsoft publish numerous updates for hardware and software, such as:

• Critical Updates
• Recommended Downloads
• Window Tools
• Internet and Multimedia Updates
• Additional Window Downloads
• Multi-Language Features

Information Services recommends that you regularly check the Windows

update website for the latest updates. You can find the website at:
http://windowsupdate.microsoft.com

You can also check for Windows updates via the Internet Explorer browser:

In Internet Explorer, go to the Tools menu and select Windows Updates

60
Notes

61