9-18-00

Contacts:
Doug Jacobson, Electrical and Computer Engineering, (515) 294-8307
Jim Davis, Electrical and Computer Engineering, (515) 294-0659
Skip Derra, News Service, (515) 294-4917


SIMPLE STEPS CAN MAKE YOUR COMPUTER MORE SECURE

AMES, Iowa -- Computers are gateways to the vast world of the Internet, but be careful when you go surfing because your computer could be attacked, say two Iowa State University computer security experts.

Recent instances of hackers breaking into corporate and government computer systems should be a sign to all computer users to guard against attacks on their machines, said Jim Davis and Doug Jacobson, both ISU associate professors of electrical and computer engineering. Davis and Jacobson teach ISU students how to identify and thwart cyber attacks. They also are co-directors of ISU's Information Systems Security Laboratory, a National Security Agency Center of Excellence.

"The Internet is constantly being attacked and probed even by our allies," Davis said. "That's the environment in which we live."

There are more than just common viruses, like "Melissa" or the "Love Bug," floating around on the Internet these days. There also are "Trojan Horses" and "buffer overflows" and "denial of service" attacks that can bring a company's, or your, computer system to its knees. But there are steps to make your computer more robust in today's world of computer interconnectivity, Davis and Jacobson said.

Use a secure password. Good passwords are not found in the English dictionary, or a Spanish dictionary, or a computer geek dictionary for that matter. People wanting to gain access to your computer can use "crack programs," password generating programs that work from dictionaries, said Davis. A good password is six to eight characters in length, comprising letters and numbers and is not a word in the dictionary nor should it be connected to information others know about you, like your phone number or birth date.

The value of backing up. It's as old as "an ounce of prevention is worth a pound of cure." And just as often overlooked. Backing up all of your important programs and data will save you time and money should your system be attacked, Jacobson said.

Hold the Java and the cookies. Disable Java and JavaScript in your web browser unless you absolutely need it to access a web site. There are several known security holes associated with Java, Jacobson said. Also have your computer warn you before accepting "cookies," bits of information left on your computer from the web sites you visit. Cookies raise privacy questions and can lead to security holes to your data.

Scanners and firewalls. Get a good virus scanner, which checks all of the files on a computer to see if there are viruses, and be careful of what you download and run on your computer. Personal firewall software will help to protect you when you are surfing the Internet.

Exercise common sense. Take time to read and understand the privacy policies of any web site you give information to. Many sites collect and disseminate information. A reputable site will publish their privacy policies.

"It is amazing how simple preventative tasks early on can save you time, money and a considerable amount of hassle later on," Davis said.

- 30 -

Iowa State homepage

University Relations, online@iastate.edu
Copyright © 1999-2000, Iowa State University, all rights reserved