InfoTech Tuesday, Kansas State University's information technology news source
  Oct. 4, 2005 Previous issue   |   Next    

   In this issue

Botnets reappearing on campus

by the K-State Security Incident Response Team
published Oct. 4, 2005

In the past two weeks, K-State has experienced an increase in botnet attacks on students' computers. Today, more than eight computers were blocked from the network because of a bot.

A botnet is a collection of software robots (or "bots" for short), and they are installed and used without the computer owner's knowledge -- most likely through Instant Messengering (IM). Botnets are often affiliated with trojans or worms, but could be used in just about any type of malicious activity on a computer. For a more extensive definition of a bot, see Wikipedia's IRC bot entry.

Botnets have the ability to launch Denial of Service attacks, monitor your keystrokes, get IDs, seek out your financial information, and send spam e-mail from your email account.

The virus spreads via the Instant Messenger program through a link for you and your friends to click on. When someone clicks on the link, the virus installs onto the computer, and the process repeats itself using the buddy list.

Follow these simple rules to avoid the bot attack:

  • Don't click on any link received from friends through instant messaging.
  • Always check with the sender before clicking on a link.
  • Don't accept file transfers from friends via instant messaging.
  • Be especially leery of "away" messages with links.

If your machine has been infected with a bot or trojan, it will be blocked from the K-State network until it has been reformatted and reinstalled with all security updates and patches.

Students in the residence halls with infected computers should contact Residential Networking at resnet.ksu.edu or 532-2711 for assistance. If you have questions or need advice, contact your department's tech support staff. If you need additional assistance, contact the IT Help Desk, 785-532-7722, helpdesk@k-state.edu.

Reminder: Remove unsafe web browsers

by the editors, InfoTech Tuesday
published Oct. 4, 2005

Last week, a newsletter article covered recently found vulnerabilities in Mozilla-based web browsers that allow computers to be taken over remotely by hackers. Just visiting a bad website can auto-download software to infect your computer.

Two points need to be emphasized:

  1. Upgrade to safe versions of web browsers. Mozilla 1.7.12 and Firefox 1.0.7 are available and are safe from all known risks.

  2. Remove unsafe previous web-browser versions, including Mozilla 1.7.11, Firefox 1.0.6, and Netscape 8 -- as well as earlier versions of those software. It's not enough to upgrade to new versions, because having the old software on your computer still leaves it vulnerable to infection.

On campus, Netscape 4 is used to connect to K-State's calendar server. However, only the connection program is needed -- and the e-mail and web-browsing parts can be uninstalled. Before uninstalling any Netscape version, check with your desktop support staff first.

TechBytes Oct. 7: Audio Presentations and Podcasting

by C. Rodriguez, Information Technology Assistance Center
published Oct. 4, 2005

Have you wondered how you could get audio into a PowerPoint presenation or an Adobe Acrobat file? Do you want to learn about how to do podcasting (audio broadcasting via the Internet)? If so, you don't want to miss out on this session! Demonstrations will cover how to create audio files and embed them into your presentation, and how to create a podcast.

TechBytes seminars are 1:15 p.m. Fridays in 501 Hale Library and are open to the K-State community. To learn more about the series or the sessions, visit the TechBytes website.

TechBytes resources: If you've missed any of the TechBytes sessions this semester, you can watch video of the sessions by going to the Current Series page. You will also find links to handouts and PowerPoints on this page. If you can't physically make it to a session but would still like to tune in, go to the TechBytes website on the day of the session and click on "Live Video".


Q/A:  IT questions from K-Staters
by T. Ramsey, Computing and Network Services
published Oct. 4, 2005

How can I tell if a greeting card is safe? I received one recently and didn't know if it was valid or not, but it gave me instructions on how to go to their website and retrieve it. So I did it, rather than click on anything in the e-mail.

The answer is "No", there is no easy, safe way. The problem is due to several factors.

1. There are vulnerabilities in Internet Explorer for which Microsoft has not yet released any patches. In other words, a fully patched Windows host is still at risk if you use IE to browse random websites.

2. A common hacker tactic is to set up "drone sites", using a compromised computer to host a website for the sole purpose of compromising unsuspecting Internet folks who use vulnerable versions of IE (or other browsers with vulnerabilities, such as Firefox versions prior to 1.0.7). They'll register some official-looking domain, such as ha11mark.com (note how misleading "11" numbers can mimic "ll" at first glance), and point it at one of their waiting drone websites. That website will send you innocent-looking content, but will also silently send you data designed to utilize whatever vulnerabilities they think they can take advantage of.

3. This means that if all you do is click on a hyperlink in an e-mail message, it MIGHT be legitimate, and take you to a bona-fide site where all is well. Or it MIGHT be part of a social-engineering campaign by a hacker to get you to one of their drone sites so they can compromise your computer. How can you tell? Not easily.

If you customize the security settings in Internet Explorer to put the Internet zone at "High" security level, then you are much safer browsing randomly than at the default security level, but at the cost that some sites might not work properly. You can add non-working sites that you need to use to a custom zone at a lower security, but this requires users to do more work.

You can use Firefox 1.0.7 to browse and probably be safe because it has no (publicly) known vulnerabilities. That may change when new vulnerabilities are discovered.

Some valid sites -- such as hallmark.com -- allow you to enter some information to pick up an e-card. Typing in "hallmark.com" yourself is much safer than clicking on a link that LOOKS like "hallmark.com" but might be something malicious.

Have a question or comment? TellTuesday@ksu.edu.


Web watch

IT security quiz

by the editors, InfoTech Tuesday
published Oct. 4, 2005

To determine how safe you are with your computing practices, take the National Cyber Security Alliance's 10-question security quiz.

Find a good site? TellTuesday@ksu.edu.
InfoTech Tuesday is a weekly newsletter about information technology at K-State.

Archive
Subscribe
Search archive
Send news

Managing editor:
     Betsy Edwards
Executive editor:
     Rebecca Gould

What's hot in IT
Antivirus
eIDs
E-mail
Passwords
Projects
Security
TechBytes seminars
Training calendar

Handy IT resources
IT Help Desk
IT homepage
Computer labs
Policies
Tech classrooms
IT Index

IT events
and deadlines

Oct. 7 (Fri)
TechBytes: Audio Presentations and Podcasting. 1:15 p.m. 501 Hale Library.

Oct. 13 (Wed)
IDT Roundtable: Making the Point With PowerPoint. 11 a.m.-12:30 p.m. Hale Library Hemisphere Room. Sign-up by Oct. 10.

Oct. 14 (Fri)
TechBytes: Teaching to Your Students’ Brains. What research tells us about using PowerPoint. 1:15 p.m. 501 Hale Library.

Oct. 21 (Fri)
TechBytes: Free Graphics Tools: J-Album & Serif Photo Plus. 1:15 p.m. 501 Hale Library.

Oct. 28 (Fri)
TechBytes: Adobe Photoshop Overview. 1:15 p.m. 501 Hale Library.

Nov. 2 (Wed)
IDT Roundtable: The Digital Teaching Showcase. 11 a.m.-3 p.m. Hale Library Hemisphere Room. Sign-up by Oct. 28.

Nov. 4 (Fri)
TechBytes: The Feature-packed Firefox Web Browser. 1:15 p.m. 501 Hale Library.

Nov. 11 (Fri)
TechBytes: Getting the Most Out of Your Digital Camera. 1:15 p.m. 501 Hale Library.

Nov. 30 (Wed)
Symantec will drop support of Symantec AntiVirus Corporate Edition 8.0.

June 30, 2006 (Fri)
Last day Windows 98/SE/ME/NT computers can connect to K-State's network.

K-State Online: Tip of the Week

Copying Content. Got a document, webpage, or module you would like to use in more than one of your courses? Copy it to another course.

1. Click "Manage Files" in the course that has the document you wish to move.

2. Select the check box beside the document you want to copy.

3. Click the Edit pull-down menu on the navigation bar above.

4. Select "Copy To". This will pop open a new window with a drop-down menu of all the courses you have access to.

5. Select the course where you want to place the document.

6. Click the destination folder in the menu below.

7. Click "Copy". Your document will be in your other course.

E-mail a suggestion or help areas for the K-State Online tip to help@online.ksu.edu. Questions? Contact the K-State Online Help Desk, 532-7722.
Tuesday's Gem

Stop, Think, Click

by A. Hagedorn, Information Technology Assistance Center
published Oct. 4, 2005

October is National Cyber Security Awareness month. To do our part, we will be featuring a series of security articles, tips, and practices over the next several weeks in InfoTech Tuesday and the K-State InfoTech website. Look for security tips of the week, as well as links to what other universities are doing throughout the United States.

Also this month, Homeland Security and the National Cyber Security Alliance (NCSA) will begin distribution of their national public service announcement, "Stop, Think, Click". They encourage users to "protect their valuable personal data through a variety of online best practices".

To kick off our security series, we want to share with you the Top Eight Cyber Security Practices as listed by the National Cyber Security Alliance. These can be found on staysafeonline.org. We urge you to pass these along to students, colleagues, and associates:

  1. Protect your personal information. It's valuable.
  2. Know who you're dealing with online.
  3. Use anti-virus software, a firewall, and anti-spyware software to help keep your computer safe and secure.
  4. Be sure to set up your operating system and Web browser software properly, and update them regularly.
  5. Use strong passwords or strong authentication technology to help protect your information.
  6. Back up important files.
  7. Learn what to do if something goes wrong.
  8. Protect your children online.