6/14/2010Anti-Spyware Tips
| Anti-Spyware Tip |
Reason |
| Keep your system updated |
Keep your system updated-- including all anti-viral and anti-spyware packages. New spyware comes out every day. Un-patched, un-updated systems are simply asking to be infected. Update the operating system, too. |
| Do not click on links within pop-up windows |
Pop-up windows are often spyware activators. Clicking on a pop-up link may install spyware software on your computer. Close the popup with the "X" on the titlebar and not the "close" link, if any, within the window. |
| Do not download any files from strangers |
Do not download files from strangers even if the subject line sounds like they know you. All it takes is one downloaded file to propagate a virus or install malicious spyware. |
| Be careful when downloading files from the Internet |
Ensure that the source is a legitimate and reputable one. If you are uncertain, don't download the file at all or download the file to a floppy and test it with your own anti-spyware and anti-virus software. |
| Set your Barracuda Web Filter to update automatically |
Over 90 percent of all computers connected to the Internet are infected with spyware. Barracuda Networks automatically updates your Web Filter with the most current spyware rules and definitions every hour for robust protection. |
| Be skeptical of free downloads |
Many sites offering customized toolbars or other goodies are come-ons. Don't download programs from sites you don't trust or know. You may well be exposing your computer to spyware by downloading some of these programs. |
| Don't follow e-mail links offering anti-spyware software |
Be careful! These links may actually install the spyware they claim to be keeping off your system. |
| Don't download browser code |
Many spyware programs pop up an official-looking dialog box asking if you want to download a browser plug-in. These pop-ups may look official, but they are really spyware waiting to install a flurry of pop-ups, undesirable toolbars, or other unwanted content. Certificates won't protect you from adware and other online annoyances carried by these ActiveX controls. |
Anti-Virus Tips
| Anti-Virus Tips |
Reason |
| Do not open attachments from unknown senders |
Do not open any files attached to an email from an unknown, suspicious or untrustworthy source, or any files attached to an email if the subject line is questionable or unexpected. |
| Do not open unknown files or attachments |
Some viruses can replicate themselves and spread through email. Even if you know the sender, it's better to be safe than sorry and confirm that they really sent it. |
| Do not download any files from strangers |
Do not download files from strangers even if the subject line sounds like they know you. All it takes is one downloaded file to propagate a virus. |
| Always scan diskettes or CD disks for viruses |
Always scan diskettes or CD disks that have been obtained from unreliable resources for viruses. If you lend your diskette to someone, scan it when it is returned. |
| Be careful when downloading files from the Internet |
Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site. If you're uncertain, don't download the file at all or download the file to a floppy and test it with your own anti-virus software. |
| Set your Barracuda Spam Firewall to update automatically |
Over 500 viruses are discovered each month, so you'll want to be protected. Barracuda Networks automatically updates your Spam Firewall with the most current virus definitions every hour. |
| Back up your files on a regular basis |
Make sure your important data is backed up regularly and the procedures for restoring your data work properly. This way, should you get hit with a virus, at least you will be able to restore your most important data. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer. |
Anti-Spam Tips
Techniques to stop spam fall into two categories: Filtering out spam and minimizing the exposure of your email addresses
| Anti-Spam Tips |
Reason |
| Use unusual email addresses |
Some spammers use computer programs to guess at email addresses. Using unusual email addresses containing numbers and letters can thwart this tactic. |
| Don't provide email address over IM |
Do not send your email address through chat rooms, instant message services or Internet bulletin boards and newsgroups. |
| Provide a form not an email address |
If you want to enable users of your Web site to contact you online, provide a form. Make sure the "send to" email address is not contained in the page HTML, but in the form processing script. |
| Never reply to spam messages. |
Never reply to spam messages even when they entice you to reply to "remove" you from their mailing lists. Often the instructions are either bogus, or a way to collect more addresses. Replying confirms to the spammers that your email address is active, and you may receive even more spam. |
| Use fake email addresses |
Most Web-based sign-up forms require an email address. If you don't want to hear from the site (and don't need a confirmation e-mail or tech support), don't give a real email address. |
| Opt out |
When you do sign up for or buy something online and you have to give out an email address, remember to opt out of everything you're not absolutely sure you want to receive. |
| Never submit personal information to non-secure Web sites |
Never submit your credit card details or other personal information to non-secure Web sites. Secure Web sites will have a locked padlock icon that appears in yellow, or in a yellow box, on the bottom bar of the order form Web browser. |
| Use a Barracuda Spam Firewall |
Even if you follow the above, you're still going to receive spam. By installing a Barracuda Spam Firewall, your company's spam will be immediately reduced. Try it today and reclaim your email. | 6/9/2010
Most users should already know that when you delete an email from your Inbox it just moves it into the Deleted Items folder. Well, this isn't deleted from the email server; it just sits there indefinitely taking up space. Most of you also know that you can then 'permanently' delete items from the Deleted Items folder. So what do you do if you accidentally deleted and permanently deleted an item and need to get it back?
At Whitley County Consolidated Schools, our email policy retains 'permanently' deleted items for 30-days on the server. During this time period, it is possible for you to recover your deleted email using one of the two methods listed below.
From OWA (Outlook Web Access)
OWA is web mail. This method allows you to recover items from anywhere in the world that you have an internet connection.
- On the Options page, locate Deleted Items on the left-hand side and click it.
- Select the email you wish to recover from the Recover Deleted Items pane.
- Next, click on Recover to Deleted Items Folder. This places the 'permanently' deleted items back into your normal Deleted Items folder. From there, you can move the email back into your Inbox or anywhere else you desire.
From Within Outlook 2007 (at WCCS only)
Outlook 2007 is the email client on your WCCS computer. Recovering 'permanently' deleted items from Outlook 2007 is super-simple as well:
- Open Outlook 2007
- On the menu bar, click on Tools
- Select Recover Deleted Items...
- Now, the Recover Deleted Items window should be open. Select the email you wish to recover.
- Click on the Recover Selected Items icon. [The icon looks like an envelope with a curved arrow over it.]
When finished with recovery, simply close the open Recover Deleted Items window. The recovered items should now be in your normal Deleted Items folder. You may then move them back to your inbox or anywhere else you desire.
** Remember, though, you only have 30-days from the time you 'permanently' delete items until they are no longer recoverable. 11/11/2009Even though we provide an opportunity to purchase select Microsoft products at substantial discounts ( http://wccs.e-academy.com/), it can still be quite cost prohibitive for some users. Well, there is an alternative: Open Source software.
Open Source is an initiative to provide free software under an open licensing framework that prohibits the sale of the software for profit. It's not shareware; it is freeware.
Suppose you cannot afford to buy Microsoft Office 2007, but your student really needs a way to open or create PowerPoint, Excel, or Word documents. The free solution is to download and install Open Office ( http://www.openoffice.org/). Open Office has the ability to open nearly all Microsoft Office file formats as well as creating new, Microsoft Office-compatible files. Open Office is a complete open source office package. It includes software that is comparable to each Microsoft Office software package; MS Word = OO Writer
MS Excel = OO Calc
MS Access = OO Base
MS PowerPoint = OO Impress
...and OO Draw is more powerful than MS Paint.
Open Office can be a great, cheap alternative to Microsoft Office. It is, however, important when saving files that you make sure you save in the Microsoft Office-compatible format. This ensures that files your student creates will still open at school.
Configuring Open Office to Save in Microsoft Format
This is essential for home-to-school compatibility. Micrsoft Office 2007, used at WCCS, does not read Open Office files natively. For school use, all files must be in Microsoft Office-compatible format.
- Open any Open Office application:
- Start | Programs | OpenOffice.org 3.x
- Choose OpenOffice.org Writer
- Within Writer, click on Tools | Options...
- Expand the Load/Save section by clicking the "+" sign
- Click on General
- Locate the sub-section "Default file format and ODF settings"
- Make sure the drop-down box labeled, "Document Type" is set to: Text document
- Click the drop-down box labeled, "Always save as" and choose Microsoft Word 97/2000/XP
- Make sure the drop-down box labeled, "Document Type" is set to: Spreadsheet
- Click the drop-down box labeled, "Always save as" and choose Microsoft Excel 97/2000/XP
- Make sure the drop-down box labeled, "Document Type" is set to: Presentation
- Click the drop-down box labeled, "Always save as" and choose Microsoft PowerPoint 97/2000/XP
- Finally, click OK to close and save the settings in the Options - Load/Save - General window.
Your Open Office installation should now save in Microsoft Office format by default. Again, you should have these settings:
|
Document Type |
Always Save As |
|
Text Document |
Microsoft Word 97/2000/XP |
|
Spreadsheet |
Microsoft Excel 97/2000/XP |
|
Presentation |
Microsoft PowerPoint 97/2000/XP |
==============================
WCCS does not provide support for Open Office. If you choose to download and install this product, you are personally responsible for it's operation. Please, do not contact WCCS about problems with software you have personally installed on your home computer. 11/10/2009
The image above shows the levels of filtering that occurs on all of our inbound email. We also filter our outbound email to ensure that our corporation is not spamming the rest of the world. Barracuda spam filters perform many standard checks throughout the processes of receiving email.
WCCS filters heavily to limit impact on our internal network and users. On average, only 1.5% of ALL the email we receive is actually passed along to the users as legimate email.
SPAM attacks wildly fluctuate our inbound mail flow, too. During a heavy SPAM period, we receive between 80,000 and 130,000 email daily and the percentage passed as legitimate drops to about 0.5%. An average day during normal SPAM periods reduces our daily average to 40,000 to 70,000 daily emails and takes the legitmate email rate back up to 1.5%.
Even with ~1.5% pass percentage, you may still experience the random SPAM message getting through. The SPAM filter updates spam definitions every hour, but new threats and attacks are introduced all the time. When a new attack occurs, the pattern must first be identified, then a filter-rule devised, the filter-rule tested, then made available for the next download cycle to the end-user, us. In that amount of time, it is possible that a certain amount of SPAM can slip through. Once the new definition is applied, though, that particular threat is stopped.
If you receive SPAM, do not open any attachments, click any links or forward it along to anyone else; simply delete the SPAM email. If you notice that you continue to get the same basic SPAM message after several hours, you may then contact WCCS Help Desk at extension 1490 for assistance.
Since April, 2007, our current inbound email filter has processed:
| |
| |
 |
Total |
|
Day |
|
Hour |
|
|
|
|
|
|
|
|
|
|
Blocked |
|
72,064,519 |
|
23,441 |
|
1,194 |
|
|
Blocked: Virus |
|
132,931 |
|
63 |
|
0 |
|
|
Rate Controlled |
|
5,763,321 |
|
518 |
|
33 |
|
|
Quarantined |
|
763,817 |
|
432 |
|
10 |
|
|
Allowed: Tagged |
|
32,190 |
|
24 |
|
0 |
|
|
Allowed |
|
1,106,947 |
|
966 |
|
60 |
|
|
|
|
|
|
|
|
|
|
Total Received |
|
79,863,725 |
|
25,444 |
|
1,297 |
|
|
(current as of 11/10/09)
That's nearly 80-million email to WCCS in just 2.5 years! |
That works out to around 64,000 emails to each WCCS employee per year. Of course, only about 1.5% actually reach the end-user.
9/10/2009
As a result of the current state of the internet not everyone gets every page they want every time. The internet is a huge place and it is not possible for any vendor to categorize every site. Also, uncategorized sites are not usually educational or reliable and many are even unsafe. For this reasons students are denied access to sites that are uncategorized.
You’ll notice that the category on this site is PASSED. This should really read UNCATEGORIZED, but they mean the same thing: the site is not in the 8e6 database.
One thing you should know is that the top 200 uncategorized sites are automatically e-mailed to 8e6 to be categorized automatically. But that may take some time and you are not assured that your site will be opened in a timely fashion.
So what should you do?
Simply email Trouble@wccsonline.com with the blocked URL and we will submit the site to 8e6 for review. They boast a turnaround time of 48 hours, but we have yet to see them take more than 24. This means that most sites will be opened in 24 hours instead of the week it used to take.
In extremely rare occasions the site does not fit any categories. Also, we occasionally have sites in a blocked category that we use for an educational purpose. These few sites will have to be opened using the current internet requests forms.
It seems that some of you have a bit of confusion about our internet filtering system so, it's time to review a little bit about some of the pages you might see with our 8e6 filtering system.
Web Access Authentication
This page signifies that you simply need to login. Generally, when a user logs in to a computer a small program is initiated that takes care of authenticating you to the 8e6 system. If, for some reason, this small program fails to initiate you will be prompted to authenticate with the web page above. Simply enter your normal computer login and password. A second web page will open that must remain open that contains your user name; leave it open. Of course, if you get this page, you can always log off the computer and log back in to initiate the authentication program.
Categorical Classification
8e6 filters internet requests that users make. All users are filtered through 8e6 and their requests are compared to a list of approved categories. Still, you might occasionally see a page as above that says Category: PASSED. If you get this page, you are not being "blocked". This simply means that the page has not been placed into a category by 8e6 systems either because it is obscure or new; either way, it is unknown to 8e6 systems. If you get this page you should submit an Internet Site Use Request Form and note that it is "Uncategorized".
ACCESS DENIED!
Not all categories are allowed, though, and sometimes you may get this page. This page is an Access Denied page and it will tell you specifically why. In this instance, the user was denied access to the category "Online Communities".
The Childrens Internet Protection Act (CIPA) of 2000 requires "...the use of filtering or blocking technology by public libraries and elementary and secondary schools...". Overview of CIPA ACT
Delivery has failed to these recipients or distribution lists:
How many times have you seen that message and wondered, "Why isn't my message deliverable?"
Well, I am going to help you to decipher the bounce that you get back. To do this, we are going to look at an example bounce message.
Deciphering the Bounce-Back
Delivery has failed to these recipients or distribution lists:
someone@yahoo.comAn error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.
Diagnostic information for administrators:
Generating server: barracuda2.wccsonline.com
someone@yahoo.com
#< #5.0.0 X-Spam-&-Virus-Firewall; host c.mx.mail.yahoo.com[216.39.53.2] said: 554 delivery error: dd This user doesn't have a yahoo.com account (someone@yahoo.com) [-5] - mta236.mail.re4.yahoo.com (in reply to end of DATA command)> #SMTP#
In just the first few lines of the bounce-back email, you can quickly determine the nature of the problem. In this example, it is clear that this user does not actually exist at the domain sent to. That is, there is not a someone@yahoo.com to even send an email to. You may also see User Unknown from time-to-time as well.
What Should I Do?
If you receive this message, you have a few options:
-
Check your spelling. Always verify that you did not accidentally misspell the persons address.
-
If the recipient is within your own corporation, open the Global Address List (GAL) and select the user from there. At WCCS, the GAL reads addresses directly from the server and is the most up-to-date option you have. *Note: Relying on the Outlook auto-fill-in is not reliable; use the GAL. The auto-fill-in is only a cache of persons you have sent to over time. That means that if you sent to a bad address, it has cached that bad address and you will send to it again and again.
-
If you can, contact the recipient via telephone. While you are at it, you could request the person's current email address. If you do receive current information, you might consider updating records with that information.
Unfortunately, your corporate technology department cannot resolve all of these issues. They will only be able to help if the intended recipient is within your corporation.
What if the Reason is Something Else?
It is also quite possible that your email was not delivered for other reasons. In the following example, this email was rejected by the recipients email server because it was unable to perform a reverse dns lookup on the sender. Basically, this recipients server wants to confirm that who the sender claims to be is actually who the sender is. But, if the server is unable to determine this information it will reject the email. Many organizations utilize similar configurations in a first-line attempt to diminish spam.
Delivery has failed to these recipients or distribution lists:
someone@somewhere.org
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator. Diagnostic information for administrators:
Generating server: barracuda2.wccsonline.com
someone@somewhere.org
#< #5.0.0 X-Spam-&-Virus-Firewall; host somewhere.org[255.255.255.255] said: 550 No RDNS entry for 254.254.254.254 (in reply to RCPT TO command)> #SMTP#
In this case you would certainly want to notify your technology department. Your technology persons will likely want to correct this issue and re-establish communications with that domain as soon as possible.
How Do I Know?
The first example is obvious. If the address is unknown then there is not a lot that anyone can do about it. Other than that, though, you will probably want to notify your technology department. It's really that simple.
That should about take care of it. Happy emailing!
Delivery has failed to these recipients of distribution lists:
Some of you have been receiving Delivery Failure notices in your email inbox as of late to items that you never sent. The technology industry has seen this quite a bit, too. This is due to spammers finding your email address or our domain on the internet and sending spam all over the world using your address as the Sender. Sure, you didn't really send it, but the server that receives the spam doesn't know that and sends you a Non-Delivery Report (NDR). Now, some of this would be alleviated if mail server admins would turn off the NDR for known spam, but that is beyond our control.
This "spoofing" phenominon is known as backscatter.
Backscatter
Backscatter occurs when a Mail Transport Agent (aka email server) sends a bounce to a person who did not really send the email. Spam Links has a good description of Backscatter and why it happens. Essentially, someone is spoofing the Reply-To field in an email. They then send it to a mail server and it bounces not back to the sending server but to the Reply-To address. Thus you may receive hundreds of spam messages this way.
Symantec, in their April 2008 Spam Report, also noted an upward trend in backscatter attacks. So if you are seeing this issue, you are certainly not alone.
http://www.rackaid.com/resources/rackaid-blog/racktips/bounced_email_or_backscatter/
What can I do?
Unfortunately, there is little we can do to stop backscatter. On WCCS's part, we do not propogate the problem as we have disabled notification on this condition; therefore, we are not "backscattering" others. If you know you did not send the message, simply disregard the NDR report. You'll have a happier day.
|
|
|
|