InfoTech Tuesday is Kansas State University's information technology news source.
  Jan. 24, 2006 Previous issue   |   Next  

   In this issue

Another credit union phishing scam hits K-State

by the K-State Security Incident Response Team
published Jan. 24, 2006

A new phishing scam is hitting K-State inboxes today that appears to be from the K-State Federal Credit Union. Don't be fooled; this is an attempt to steal your account number and password. The credit union does not e-mail customers when their online access has been locked. Call the credit union at (785) 776-3003 whenever you have questions about e-mail that is purportedly from that office.

K-State is now blocking the bogus log-in credit union page (which is located in Korea) and has contacted the Internet service provider to get that website shut down. This is a good example of how criminals can steal logos and create a deceptively realistic site -- in this case, one that was targeted at thousands of K-State e-mail addresses. See the spotlight section below for tips on dealing with phishing scams and other IT security threats.

Personal Identifier Initiative at K-State

by L. Carlin, Data and Information Administration
published Jan. 24, 2006

K-State is accelerating its efforts to protect the Social Security numbers (SSNs) of students, faculty, staff, and others through the Personal Identifier Initiative. Coordinated by the Vice Provost for Academic Services and Technology, the initiative has several objectives. These include broadening awareness of the risk of identity theft linked to disclosure of the SSN; reducing unnecessary collection, storage, and use of the SSN; and developing and implementing consistent SSN policies in accordance with federal, state, and university requirements.

The removal of the SSN from Wildcat cards as required by state law is one of the first steps of this initiative. During the past month, the K-State ID Center has replaced the Wildcat cards of faculty and staff. Students will receive their new cards in April, to be used beginning May 22.

Additional steps to be taken this academic year include modifying the Scantron system for student testing to accept the new Wildcat ID number on student cards, developing university policy on the SSN, and creating an inventory of university information systems that include the SSN.

Once the policy and inventory are completed, a schedule and plan for making changes to information systems will be developed in coordination with affected university organizations. Though the movement away from reliance on the SSN by university organizations will take time and effort, steady progress can be made over the next few years.

A website has been created at www.k-state.edu/InfoTech/personalid to keep K-Staters updated on this initiative and how it affects them. Visit the site and send questions, concerns, and suggestions to pid@k-state.edu.

K-State recommends Software Update Services (SUS) for Windows

by R. Cheung, Computing and Network Services
published Jan. 24, 2006

K-State's Security Incident Response Team (SIRT) recommends that all Windows 2000, 2003, and XP users (both on and off-campus) configure their computer to use Microsoft Software Update Services (SUS) to automatically download and install critical system patches onto their computers. Once SUS is installed, your computer will check for updates on the K-State server every day at a pre-set time and automatically install any new updates. Using SUS reduces the chance that your computer will miss getting an update and eases the usage of Internet bandwidth when checking for updates on Microsoft's website.

In the case of immediate threats and virus outbreaks, it is faster to reach the K-State update server rather than the Microsoft website, which may not be available due to high-volume access by computers all over the world. Please be aware that most of the security patches require you to reboot your computer to complete the installation. For detailed instructions and installation procedures, see Using CNS Windows Update Services.

National Webcast Initiative Feb. 16

by A. Hagedorn, Information Technology Assistance Center
published Jan. 24, 2006

In support of security awareness and providing education for our users, K-State will once again participate in the National Webcast Initiative sponsored by the U.S. Department of Homeland Security. At 2-3 p.m. Thursday, Feb. 16, in Union 213, participants will learn about identity theft and what steps to take if they become a victim of identity theft. This hour-long event is free of charge and requires minimum technical knowledge. Stay tuned for conference details in future issues of InfoTech Tuesday.

IDT Roundtable series starts Jan. 26

by S. Mukherjee, Office of Mediated Education
published Jan. 24, 2006

The first session of the Spring 2006 series of the Instructional Design & Technology Roundtable will be 11 a.m.-12:30 p.m. Thursday, Jan. 26, in Room 212 of the K-State Student Union. The topic will be Online Assessment and Student Learning Outcomes. In particular, the presentation will focus on Different Strategies for Online Assessments. Why assess online learners? Better yet, how? Discover the rich variety of assessment strategies and tools on K-State Online. Come learn how to use online assessment to measure your student learning outcomes.

Three instructional designers will offer an overview of different online assessment strategies based on Angelo and Cross's "Classroom Assessment Techniques". Bring your ideas and questions! Learn more about IDT Roundtable sessions. Coffee, tea, and water will be available, and you are welcome to bring your lunch. RSVP to the Center for the Advancement of Teaching and Learning (catl@k-state.edu, 532-7828).

IT by the numbers: President Bush's Landon Lecture Jan. 23

by the editors, InfoTech Tuesday
published Jan. 24, 2006

For President George W. Bush's Jan. 23 Landon Lecture at Bramlage Coliseum, K-State information technology staff -- Telecommunications, Office of Mediated Education, and Computing and Network Services -- worked through the weekend to provide voice, data, and media services for the White House staff, Secret Service, and broadcast media. These are the numbers:

  • Internet bandwidth was doubled to handle audio and video streams
  • 32 voice lines were provided for the lecture
  • 32 additional voice lines were extended inside Bramlage (provided by SBC to the building)
  • 3 wireless access points were provided
  • 25,856 weekend hits to the Landon lecture homepage
  • 226,053 hits Monday to the Landon homepage (through end of lecture)
  • 2,720 unique IPs requested the webcast (video)
  • 1,433 unique IPs requested the audio stream
  • 523 peak webcast (video) connections
  • 517 peak audio connections

In addition, Educational Communications Center staff worked closely with White House staff and media teams days in advance on all facets of the coverage of the president's speech, including:

  • Video to the DynaVision big screens in Bramlage
  • Live video and audio to Cox Cable Channel 8 for Manhattan, Junction City, and the K-State residence halls
  • Recording and re-airing on Cable Channel 8 at 3 p.m. and 7 p.m.
  • Assisting all local media with their coverage
  • Was the only media service using a multi-camera production

Bush's lecture is available as a webcast, audio file, and in text form on the Landon Lecture Series' past speakers webpage.

Feedback

Questions on @k-state.edu, LISTSERV reply setting

by the editors, InfoTech Tuesday
published Jan. 24, 2006

Why did InfoTech Tuesday's Jan. 17 article say @ksu.edu is going to be used in the People Directory, but that same article used @k-state.edu in an e-mail address?

The newsletter now uses @k-state.edu in both web and e-mail addresses, as noted in a Jan. 3 article. The upcoming change in the People Directory doesn't affect other K-State webpages. For the record, both addresses continue to work.

You suggested doing a reply-to-owner to keep inappropriate replies from going to a list. Wouldn't it be better to simply moderate the list? It would be easier to approve all messages than to manually redirect only replies to the list.

Good suggestion, especially since list replies can be set up in several ways. Specifying a list moderator is another good method to monitor and control what's posted to a list. For more information, K-Staters can see LISTSERV documentation on the Reply-To keyword and list maintenance and moderation keywords.

If you need assistance with your list's settings, send e-mail to listhelp@k-state.edu.

Questions? Input? TellTuesday@k-state.edu.
InfoTech Tuesday is a weekly newsletter about information technology at K-State.

Archive
Subscribe
Search archive
Send news

Managing editor:
     Betsy Edwards
Executive editor:
     Rebecca Gould

Popular IT

Antivirus
eIDs
E-mail
IT Help Desk
IT home
IT Index
Labs, computing
Passwords
Policies
Projects
Security
TechBytes (seminars)
Tech classrooms
Training calendar

IT events
and deadlines

Jan. 1-Feb. 8
Change passwords on eIDs for spring semester.

Jan. 3 and on
Faculty/staff new ID cards available for pickup. 8 a.m.-5 p.m. ID center

Jan. 26 (Thu)
Instructional Design & Technology Roundtable. 11 a.m.-12:30  Union 212.

Feb. 16 (Thu)
National Webcast Initiative sponsored by the U.S. Department of Homeland Security. 2-3 p.m. Union 213.

Feb. 22-24
EDUCAUSE conference in Austin, Texas.

May 23-24
Annual CHECK conference will be at K-State this year.

June 30 (Fri)
Last day Windows 98/SE/ME/NT computers can connect to K-State's network.

K-State Online: Tip of the Week

Link to it. Don't forget to take advantage of the World Wide Web as a resource. Add hyperlinks to sites other than your K-State Online course content by clicking Manage Files from the Tools view of your course.

Use the left navigation pane to select a module you want to create a link in. Click the New Item button above. A new window will open. Choose hyperlink from the pull-down menu. Type in the link text you wish your students to see and the full web address for the site you are linking to. Click the Create button.

Once the hyperlink is created in Manage Files, click the red X in the Pub column to turn it to a green plus sign and publish.

E-mail suggestions for tips, or send questions to the K-State Online Help Desk, 532-7722.
  Spotlight
 

Security watch: phishing, botnets, and more

by A. Hagedorn, Information Technology Assistance Center
published Jan. 24, 2006

Over the past year, several security threats have proven their longevity to computer users. Here are some quick online safety tips to avoid these headaches:

Phishing
Don't be fooled by phishing e-mails that try to trick you into disclosing personal information. Instead, think before you act. Remember these steps when managing personal information online:

  1. Don't use links in an e-mail to get to a webpage unless you are 100 percent sure of the validity of the message. If unsure, contact the company by phone or type the company's address directly into your web browser.
  2. Avoid filling out forms in e-mail messages that ask for personal financial information.
  3. Log in regularly and check your online accounts.
  4. Visit the Phishing Archive to check whether a suspicious e-mail is a phishing scam.
  5. Check your bank, credit, and debit card statements regularly to ensure all transactions are legitimate.
  6. Use the most up-to-date browser versions and make sure all security patches are applied.
  7. Choose an e-mail provider that blocks spam messages. The latest versions of Thunderbird and Pegasus now identify phishing e-mails.

Botnets
Botnets are spread through instant messaging applications -- AOL, MSN, Yahoo, etc -- by clicking live links or attachments in messages. For example, if someone clicks a link that installs the IRC bot on their computer, immediately the bot will send the same message to everyone in the buddy list. That's why users have a false sense of security that receiving links from a known person is OK to open. It's not.

Avoid botnets by thinking before you click:

  • Don't open links or attachments you receive in an instant message. While it is very tempting to see pictures of friends at a party, or a link of something cool that your friend sent, resist the urge to click.
  • Call or e-mail the sender to make sure the message is real.
  • Share this information with others in your buddy list, because protecting their systems helps protect you.

Online communities
While online communities are a great way to bring together people with common interests, they're also a place for strangers to lurk and find out information about you that you probably wouldn't share if you knew better. Consider safety first before sharing information online:

  1. Be real. Do not exaggerate or be daring with information that you post online. Any information you post could potentially be available forever.
  2. Don't share embarrassing details. Before you publish anything, consider if you want to read about it during a job interview, your campaign for public office, or when applying for that CEO position.
  3. Guard your privacy. Limit personal information that you post online. Do not share your SSN or birthdate online. In an online community for K-State, your information could be seen by all 27,000 K-Staters who have an eID, including faculty/staff.
  4. Think twice about your headshot. If you decide to post a picture of yourself online, consider that everyone in the world can see it, download it, and use it. Assume that any picture you post on the Internet will be available forever. Once it is online, you cannot ever get it back, and you will never know how many people downloaded and copied the image. Remember that pictures are also easily copied to mobile phones.
  5. Stick with your friends. Use good judgment if you choose to meet an "online friend" face to face. Always tell someone you trust about your plans to meet any stranger.

If you have questions about any of these security issues, or believe that your computer has been compromised in some way, contact the IT Help Desk at (785) 532-7722.