Skip to Content

Intrusion Protection

intrusion

Intrusions

Intrusions are unauthorized attempts to enter a network or computer. These attempts may take several different forms, but the goal is the same: to gain entry so the attacker can either destroy or steal data, gain control of equipment or gather information about the network for later use.

While the old-fashioned methods are still used, attackers now will frequently use trojans attached to innocuous looking files to introduce tools for later exploitation. Trojans can be introduced in a number of ways. They can be posted to newsgroups or IRC channels where users will download them, sent through email as attachments or simply placed on a website for the unwary to acquire. They can even be installed on the victim's machine without their knowledge when they visit a web site. Using weaknesses in the security of the victim's web browser, the attacker can bypass the existing security controls and drop a trojan into a directory on the victim's hard drive.


What can you do to protect yourself?

If you practice good security habits, you may reduce the risk that your computer will be compromised:

  • Never open email attachments unless you know exactly what they are and you are certain they are safe.
     
  • Always protect your passwords and your account information. (See the Password Security page for proper procedures.)
     
  • Never share your password for any reason.Texas State professionals should never ask you for your password. If they do, you should report them to their supervisors immediately.
     
  • Be careful what you throw away. It may be the one piece of information an attacker needs to get in to the network. Use a shredder for anything that might reveal confidential information.
     
  • Use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage. Because attackers are continually writing new viruses, it is important to keep your definitions up to date. Some anti-virus vendors also offer anti-rootkit software.
     
  • Install a firewall - Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer and limiting the traffic you send. Some operating systems actually include a firewall, but you need to make sure it is enabled.
     
  • Use good passwords - Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices. Do not choose options that allow your computer to remember your passwords.(See the Password Security page for proper procedures.)
     
  • Keep software up to date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
     
  • Follow good security practices - Take appropriate precautions when using email and web browsers to reduce the risk that your actions will trigger an infection. See Best Practices
     
  • Never visit web sites you don't completely trust with any kind of active content capability. Turn off JAVA, Javascript and Active Scripting in your web browser. (With some browsers, you can configure security zones for "Untrusted Sites" [e.g. Internet Explorer.] With others, you have to use profiles to protect yourself. Create a profile called "Untrusted" with active content turned off, and create a second profile called "Trusted" with active content turned on. NEVER use the Trusted profile to visit new or unfamiliar web sites.)