December 16, 2005  


Security Tips for the Holidays from SCCS Computer Security Group

As we all are getting ready to enjoy our Holiday break, lets take a few minutes to talk about safe computing. Below, you'll find some ‘best practices’ and how to make sure your current and new computers and computer equipment don't spoil your Holidays.

• Keep your computer fully patched, no matter what the operating system is. Windows gets all the publicity, but all operating systems and software may have flaws. Know how to get the updates for your computer and software and pay attention to update reminders when you receive them.

• Use a firewall. If you have XP SP2, then use the firewall that comes with it. Otherwise make sure you have either a software or hardware firewall to protect your home computer.

• Have anti-virus software installed and regularly update. Don't open any e-mail attachments unless you are expecting the file. Sometimes the virus files get through to us before the anti-virus software can detect them.

• Have anti-spyware/anti-adware software installed and update it regularly if it isn't done automatically. Using more than one anti-spyware/anti-adware is a good idea because it will give you a better chance of catching more of the spyware, or preventing it from ever getting onto your computer. Remember that none of the products are capable of catching everything.

• Is it an e-mail or is it a phish? It's a phishing e-mail! It is trivial to fake an e-mail to make it look like it is coming from your bank, your work, your family. Even if the sender e-mail address is one you know, it doesn't mean that is really who it came from. Don't click on web links in e-mails unless you are absolutely sure of their validity.

• The same goes for e-cards. You wouldn’t know who they are really from, but they want you to click a link to read them! Don't agree to run ActiveX and don't download ANY files to your computer.

• If you get a new Windows computer, make sure you've got XP SP2 installed with the firewall enabled BEFORE connecting to the Internet.

• If you get a new PDA, you should set a password on it to prevent unauthorized access.

• If you get a home wireless network system, use your router instruction manual to look for the four items we’ve included below (they might be in the ‘advanced’ section of the manual):
-Set up the WEP password. It should be at least 10 chars long and include letters and numbers.
-Change the router's default password, using the same criteria as mentioned above for the password.
-Change the default SSID.
-Enable MAC filtering and only authorize specific computers to connect to your router.

Contact: Teresa Downey, SCCS, Ext. 2903,

The Stanford Linear Accelerator Center is managed by y Stanford University for the US Department of Energy

Last update Tuesday December 13, 2005 by TIP