Security

Two Factor Authentication

At NC State students are required to sign up for 2-factor Authentication (2FA) – beginning September 1, 2020 for graduate students and rolling throughout the Fall 2020 term and Spring 2021 for all incoming students. This allows for improved security for user accounts. For all shibboleth logins, the university uses “Duo” for 2FA.  With “Duo”, you have the option to input a passkey on a trusted device every 30 days, or enable push notifications to your mobile device.  For your NC State Google account, the university recommends “Google 2-Step Authentication.”  This system allows you to create a list of trusted devices to automatically log in, or send push notifications to your mobile device. Visit OIT’s “Two-Factor Authentication” page for more information.

Antivirus Software

Why do I need antivirus software? What is a virus? How do I get one? How do I get rid of one?

What are viruses, worms and Trojan Horses?

virus is a program that replicates itself, usually by attaching itself to other files and programs. A worm is a program that makes copies of itself, but does not infect other programs. Trojan horse programs do not replicate nor copy themselves, but rely on other “manual” methods of distribution. We will use the term “viruses” to cover all forms of infections.

Viruses are spread in a variety of ways, such as:

  • e-mail attachments (such as Klez, Badtrans, MyParty)
  • instant messaging links and attachments (such as Aplore)
  • compromised web servers (such as Nimda)
  • pirated Software (Trojan are often embedded in illegal ‘warez’)
  • Usenet news groups
  • Internet Relay Chat channels
  • floppy diskettes
  • file downloads (many backdoor Trojans are embedded with other files)

All viruses are different. Some remain dormant and benign until a certain day, when they are programmed to activate; others begin to attack the machine as soon as it has been infected.

How can I protect myself from viruses?

To protect your machine from viruses, you should install a virus protection program and keep it up-to-date. Before running a download from an unknown site, or opening an e-mail attachment, always be sure to scan it to ensure that it is not infected. If you do not know the source of a file, do not open it. If you know the person who sent you a file, but were not expecting it, you may want to contact them before opening it. Many viruses automatically send themselves out to addresses found in files on an infected computer.

University Policy requires the use of an approved antivirus product for all Windows and Macintosh computers connected to the NC State network. For further details on the policy please see the University’s Antivirus Software Requirements.

Note: anyone found to be in violation of this policy can have their computer blocked from accessing the network and could face other disciplinary actions.

What is an antivirus program?

An antivirus program is designed to protect your computer from possible virus infections. Most viruses are designed to operate in the background in a way that the user will not notice. Virus protection programs search for, detect, and attempt to remove these viruses. Antivirus programs must be kept up-to-date in order for them to provide adequate protection. New viruses are being created every day and your antivirus program can’t always predict what they will be able to do or how they will work.

Where do I find a virus protection program?

OIT offers a list of anti-virus software approved by NC State Requirements. You can get the recommended software by purchasing them directly from the vendors that provide them.

What if my computer comes with antivirus software?

If your computer comes with antivirus software, you are able to use it, but make sure that it is not just a limited-day trial. If your computer comes with a limited-day trial for either Norton or MacAfee, then you must purchase the program after the trial period ends for it to continue to be effective.

What if I’m running an operating system other than Windows or Macintosh?

Due to the nature of the operating system, Linux, and other UNIX-based operating systems are not as susceptible to viruses; an anti-virus program is not as necessary. However, system security is still very important. If you run Linux, please keep your system up-to-date, do not run services you don’t use, and consider protecting your device with a firewall.

What else should I be doing to keep my computer more secure?

To keep your computer secure, never run programs that you don’t know about or don’t need. Most viruses come in e-mail attachments or in files downloaded from unknown or unreliable sources. By avoiding these types of files, you can significantly reduce the chances of getting a virus. For more information on setting up your e-mail to avoid viruses, spam, etc. see the “NCSU E-mail” tab in Chapter 1.

In addition to e-mail and unreliable download sources, well-known programs can also cause problems. Many file-sharing applications can install spyware on your system to report information back to another source or provide other methods of accessing or obtaining information from your system. Avoid running programs you don’t need to prevent unwanted access to your computer.

An increasingly common problem with program installers that can be downloaded from the internet is the practice of “bundling” other software into the installation. This practice sometimes leaves users with browser add-ons like extra search bars, but are occasionally used to install malignant programs as well. When installing new software, it is important to read each prompt the installer puts on the screen to make sure that software is not being installed inadvertently.

Spyware/Adware

Not nearly as dangerous to your computer as viruses, but more annoying, are spyware and adware. While they do not damage the data on your computer, they can take information from you and use it without your consent.

Webopedia.com defines adware (always spelled lowercase) as any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification for adware is that it helps recover programming development cost and helps to hold down the cost for the user. Adware has been criticized for occasionally including code that tracks a user’s personal information and passes it on to third parties, without the user’s authorization or knowledge. This practice has been dubbed spyware and has prompted an outcry from computer security and privacy advocates.

On the Internet, spyware is programming that is put in someone’s computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can infect a computer as a software virus or as the result of installing a new program. Data collecting programs that are installed with the user’s knowledge are not, properly speaking, spyware, if the user fully understands what data is being collected and with whom it is being shared.

Spyware and Adware programs can be found in many places. Spyware is usually installed along with other programs such as KaZaa, Limewire, iMesh or Morpheus.

Common Spyware programs:

  • Gator/Gain/Claria
  • Spy Sheriff
  • USave!
  • 180SearchAssistant
  • New.Net.Domain.Plugin
  • BargainBuddy
  • BDE
  • Bonsai Buddy

Spyware and adware can cause many recognizable problems on infected computers, such as slow computer function, jumpy internet, and altered home pages in the web browser. While spyware and adware can affect any OS, Windows users are the hardest hit. This is due to the fact that Windows is the most widely used OS across the world. The main program that is used for removing this software on Windows systems is Ad-aware. Instructions for this program can be found below.

Ad-aware — Download

CNET's Ad-Aware download page

It is not uncommon to see internet ads claiming that your computer is infected with spyware or viruses and asking you to click for a “free scan.” These ads are bait for the unwary user, and once clicked on, the ad will lead to a download that will infect the user’s computer with spyware or some other malignant software, all while telling the user that it is removing threats from the computer. It is important to avoid such ads.

OS Updates

Every computer has a piece of software called an Operating System, or OS, that controls the internal hardware of the computer. The developers of these OS’s are constantly releasing updates and patches for their software to protect against new threats that may exploit vulnerabilities in their product. In addition you will also be able to download updates to major software components that accompany your OS.

Thankfully, major OS developers have built in automatic updating software to keep the user from having to manually check for updates for their computer. Your responsibility is to make sure this is enabled on your system. While it is easy to enable automatic updates for your computer, it is also important that you occasionally perform a manual check to make sure your system is staying up-to-date. Many times viruses and spyware will attempt to disable automatic updates to further exploit your system.

How do I know my OS is up-to-date?

Windows 8 or 10

Mac OS X

11 Security Terms

  • Drive-by download: When malware takes advantage of security flaws in your programs to download to your computer without your permission.
  • Zero-day exploit: A serious security flaw for which no fix exists. Hackers can find and use it before the developer can release a patch, because there is no fix.
  • Backdoor: A secret entrance to your computer that lets someone bypass your security. These usually come from program flaws or are intentionally built in by the developer.
  • Virus: A piece of software that can copy itself and spread, just like a biological virus. This is one of the oldest and most recognized computer security terms.
  • Worms: An advanced type of virus that replicates and spreads with little or no action on your part.
  • Botnet: A collection of computers that has been infected with a specialized virus, usually a worm. The worm can control any infected computers, which are then sometimes referred to as “zombies”.
  • Trojan: Like the Trojan horse from Greek mythology, a computer Trojan looks like something trustworthy, but when you download it to your computer, it turns out to be malware. This can be done by hiding or misrepresenting a file extension.
  • Rootkit: A more advanced version of a Trojan. In computer terms, “root” almost always means increased or unlimited control. When one of these gets into your computer, a hacker can do almost anything to your machine. It can also be extremely difficult to detect and remove.
  • Ransomware: Sometimes also referred to as “Scareware”, this type of malware spooks you into parting with actual money, and can take many forms. A common form is a fake anti-virus program that claims you have many viruses and must pay for the full version to get rid of them. Essentially, ransomware is considered any program that demands payment to give you your system back.
  • Spyware: Focused specifically on gathering information about you. Think: data mining.
  • Keyloggers: A program that copies everything you type and saves it to a file or sends the data to the keylogger owner. Technically considered an advanced form of spyware. Normal security software might not be able to shut them down, but they are usually operated by someone in the household or legally by employers.

*Keeping your software, web browsers, operating systems, etc. up to date is the best way to avoid issues caused by these. Also, downloading and regularly running security software. See the full article here: www.komando.com (article no longer available).