Desktop Security Guidelines

Both Windows and Mac OS offer peer-to-peer file sharing, which can also expose a computer to viruses or other threats. If you do not need to offer files to other WHOInet computers, it is best to disable file sharing. If you do need to share files, make sure to create user accounts and passwords for the people who need to access them -- and not to allow "guest" or "anonymous" accounts to read and write to your disk.

Most viruses today -- as well as many other threats -- try to enter your system via email, in the form of email attachments. These viruses may appear to be documents sent by someone you know -- or by someone you don't, who happened to have your address on their computer. Don't open suspicious email attachments, even if they seem to come from friends or colleagues.

Anonymous file-sharing services such as "Gnutella" and "KaZaA" provide an excellent breeding ground for viruses and Trojan-horse programs. Do not run any programs downloaded from these services. (Trojan horses are programs that appear to be useful or entertaining software, but actually install "back doors" into your system, allowing attackers easy access.)

Viruses and other attacks can cause you to lose data. Do regular backups so that you can recover data in case of a security incident, disk failure, or other problem. Common ways to back up your files include copying them via file-sharing to a coworker's computer, burning them to CD with a CD-R or CD-RW drive, or writing them to tape.

If you need to log into a Unix workstation or server from your desktop, please use the Secure Shell (SSH) protocol rather than Telnet. Telnet is not encrypted, and allows anyone between your system and the server to eavesdrop on your password and other traffic. A popular SSH client for Windows is TeraTerm SSH, a plug-in for the TeraTerm Pro terminal emulator. For Mac OS Classic, the best client is NiftyTelnet SSH. Mac OS X includes SSH client and server.