NTSG 5 minute security list

Windows 95/98/ME/NT/2000 users should run "Windows Update"from the Start--Windows Update link. Almost every time you run it there will be a "Critical Updates" package selected. Download & install the update.This will keep you almost totally up to date. Windows update should be run at least once a month.

The Service Packs are listed further down the list. You can usually tell what service pack you are patched up to by right clicking on "My Computer" and selecting properties.

You can also get to Windows update via Windows Update.

Windows NT & 2000 users also have this option Security Checker This will do a scan of your system and let you know what you should do to patch it up.

All users should make sure they've got some type of password protection for file sharing. Most of the Mac labs have a common username/password that works well. The entire disk should not be shared for Guest access for any reason. Anybody can replace/remove/add items to the System folder. As you may imagine, this is not a good thing!

PC users should share folders on an "as needed" basis instead of sharing their entire C,D etc. drive. If you ran the "Critical Updates" package from the Windows update site, you'll be protected from the Share Level Password security risk (among a host of other security risks).

CERT and SANS are great security related sites that have current information.

All users (Mac & PC) should have current virus definitions. Everybody who has a system on campus should schedule weekly Live Update sessions. You will also have to upgrade your copy of Norton Antivirus once a year as the subscriptions expire every year. We have a copy of Norton Antivirus 2002 for PCs available on Uoneuro.

This link should bring up a window with the file in it. If you can't drag & drop the file via your web browser, you can get it via your favorite ftp program by going to ftp.neuro.uoregon.edu using username/pw combination: ionguest/zfish.

Mac users will need to download NAV7 from ccpublicdomain via the chooser.

Other items of interest: Turn off Javascript in your browser. Here's a link to Cert's site that explains how to disable this feature.