The University of Arizona

Resources

Avoiding Viruses while Using CS Facilities

The most basic deterrent to viruses is a good anti-virus program that is kept up to date. Sophos Anti-Virus Software is freely available to UA faculty, staff, and students and has automatic update capability.

In addition, there are other ways in which you can reduce the chances of virus infection. Below are some guidelines for safer computing.

Guidelines for Users

  1. Do not run, download, or forward any unsolicited executables, documents, spreadsheets, etc. Anything that runs on your PC should be virus-checked and approved first.

  3. Any email you weren't expecting should be treated with suspicion, even if it comes from someone you know. It is worth calling whoever sent it to you to check that they intended to send you the email.

  5. Do not open any files with a double file extension, (e.g. iamavirus.txt.vbs). These are often used to mask malicious programs or scripts. Under normal circumstances you should never need to use these.

  7. Do not download executables or documents from the Internet except from reputable sources. Do some research to determine that the files are what they say they are.

  9. Although JPG, GIF and MP3 files cannot be infected with a virus, viruses can be disguised as these file types. Jokes, pictures, graphics, screensavers and movie files should be treated with the same amount of suspicion as other file types.

  11. If in doubt, always ask lab for advice before opening a suspicious file or email.

  13. If you think your computer has been infected with a virus, inform lab immediately. Do not panic or interrupt other users.

  15. Some virus warnings are actually hoaxes. Any warning should be sent to lab to be evaluated. Do not forward these warnings to anyone else: unless you are signed up to an official virus alert service it is unlikely to be a genuine warning. See Network Administrator's section below for good sites to check on hoaxes. If you know the individual that sent you a warning that is actually a hoax, then by all means inform that person that they are spreading a hoax and ask them to stop forwarding such warnings to others.

  17. When working at home, follow the same safe-computing procedures as you do at work. Viruses can easily be brought into the department along with work done on a home PC.

Anti-virus software will prevent the vast majority of viruses from entering an organization, but it is not foolproof. It is your responsibility to ensure that your computer(s) do not get infected with a computer virus.

Guidelines for Network Administrators / Project Leaders

  1. Have a strict policy regarding downloading executables and documents so that anything that runs in your group must be virus-checked and approved first. Unsolicited executables, documents, spreadsheets, etc. should not be run within any group. If you don't know that something is virus-free assume it isn't. Ideally, staff should not be allowed to have anything they don't actually need. However, you might want to consider providing a selection of programs/screen savers for staff to use that have been virus-checked.

  3. Virus hoax warnings and chain letter emails can be as disruptive as viruses themselves. Aside from spreading misinformation and wasting staff time and resources, it can be very embarrassing for your organization (or CS) if a member forwards these to others. A firm hoax policy should be put in place. Two good sources of information on virus hoaxes are Symantec or McAfee.

  5. Produce a set of guidelines and policies for safe computing and distribute them among staff. Make sure that: a) every group member has read and understood them and b) that if they have any questions, they know whom to ask.




Last updated January 7, 2008, by John Luiten
Send questions about this page to