Anti-Virus Software for Staff (Windows Users)

All users of computer facilities on the NUI Galway network have a responsibility to follow best practice in avoiding infection by computer viruses, whether you are using University-owned or privately owned equipment.

 

To protect against infection users must follow the steps below:

  1. Install the ePolicy Orchestrator Agent (EPO agent)
    If you are using a Windows computer on the NUI Galway network, you are required to have  the ePolicy Orchestrator Agent (EPO agent) installed. The EPO agent must be installed before installing McAfee VirusScan.

  2. Download and install McAfee version 8.8 
    Suitable for Windows 8, 7, Vista, XP, or earlier 
    Note: Off-campus file download is password-restricted and is available to NUI Galway staff only. 
    Please contact the Service Desk for off-campus password details.

  3. Latest DAT file from the McAfee website  
    Download the latest McAfee XDAT file to the Desktop (Last updated: Monday, May 19, 2014) 
    Go to the Desktop and double click on XDAT download 
    Follow the on-screen instructions to install the DAT file - no restart is required 
    Alternatively go to the  XDAT files section of the McAfee website

  4. Check the SuperDat file version regularly
    Users must ensure that the SuperDat file version is being continuously updated.  
    Do this at least once every month.


    

Anti-Virus Software for Staff (Macintosh Users)

Supported Operating Systems

  • Lion 10.7.x and later
  • Mountain Lion 10.8.x and later
  • Mavericks 10.9 and above
  • Mac OS X server
EPO Installation

Download, expand and install the McAfeeEPO_Agent_OSX.dmg file to install the McAfee EPO agent on your Mac

McAfee Anti-Virus Application

Download, expand and install the EPM210-RTW-1085.dmg file to install the McAfee Anti-Virus Application on your Mac

Installation Instructions for McAfee Anti-Virus Application
  1. The DMG file will download to your Downloads directory on your MAC.
  2. Drag the file to your Desktop
  3. Double click on McAfee End Point Protection (EPM210.dmg) file
  4. You will be presented with a .pkg file. Double click on the file to run it. You may get a message about running the installer. Click Continue
  5. You will be presented with an Endpoint Installation Wizard. Click Continue
  6. Click Continue
  7. Click Continue
  8. Click Agree
  9. Click Install
  10. Enter your Mac password to allow the installation. Click Install Software
  11. The installation will start
  12. Click Close when the installation finishes
  13. You will see the McAfee Shield on the Apple Menu at the top of your MAC
  14. Your Anti-Virus will now begin the auto update process once it is installed.
  15. Then right click over the shield where you will be presented with a number of options
  16. Go to McAfee Endpoint Protection for Mac Console
  17. You will see items such as Last Update, your virus History and Quarantine.
To manually update your AV protections do the following
  1. Go to the Activity menu
  2. Update Now
  3. To scan your Mac, do the following
  4. Go to the Activitymenu
  5. Scan Now

 

Please note that a scan can degrade the performance of the MAC if you are trying to do some work at the same time on your MAC.

If any virus is discovered, McAfee will tell you what it has done. It will either clean, delete or quarantine it.

Malware and Spyware - Phishing


What is Malware?

Malwarealso known as Malicious Software, is software designed to infiltrate or damage a computer system without the owner's informed consent. The term is a portmanteau of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Many computer users are unfamiliar with the term, and often use " computer virus" for all types of malware.

What is Spyware?

Spyware is usually advertising software that gets installed on your computer without your knowledge. Companies use it to pop up advertisements on your computer, track your Internet usage, and gather other personal information about you. These programs are usually not written very well and tend to cause a lot of problems.

Besides invading your privacy, these programs often cause problems with Internet Explorer and other web browsers. If you have a lot of spyware on your computer, chances are that one of these programs has affected your Internet browsing capabilities.

Common Symptoms of Spyware

If your computer is experiencing any of the following symptoms, you might have spyware:

  • Random advertisements that pop up on your computer
  • Unusual slowness of your system
  • Unusual instability in your system (computer crashes more than usual)
  • Odd behaviour in Internet Explorer or other browsers, such as re-direction to search sites that you've never seen, or your homepage has been switched to a different page.

Major Sources of Spyware

The following programs are either spyware themselves or spyware is installed along with the program.

  • KaZaa
  • Gator
  • Morpheus
  • Most web search toolbars (except the Google toolbar)
  • Most pop-up blocking software (except the Google toolbar or built in pop-up blockers in browsers)
  • Download accelerators or managers
  • There are many other sources of spyware. We recommend only installing programs from reputable companies and only if the software is necessary. If a website asks to install software on your computer, always click "no" unless you know specifically what it does.

How do I remove Spyware?

Information Solutions and Services recommends the following spyware detection and removal programs:

What is Spam?

eMail spam, also known as "bulk email" or "junk email," is a subset of Spam that involves nearly identical messages sent to numerous recipients by email. 93% of email address to nuiglaway.ie email address is Spam and blocked by our email security appliances.  eMail which is potentially SPAM is tagged [NUIGspam]. Users can filter [NUIGspam] emails to a separate folder.

What is Phishing?

Phishingis an attempt to fraudulently acquire sensitive information, such as username, password and banking details, by masquerading as a trustworthy organisation or individual in an email message. 

IMPORTANT
 
You should never respond to an unsolicited email requesting personal information. 

How can I protect against phishing messages?
 
Be suspicious of any email with requests for personal information. 
Note specifically that Information Solutions and Services will never send an email asking you to provide us with your password by email. 

If you receive a fraudulent email:

  1. Do NOT click any links 

  2. Do NOT open any attachments  

  3. Do NOT enter any personal details on the fraudulent email or website 

  4. Report the ’phishing’ email to the Service Desk 

  5. Delete the email.

What if I responded and gave my username and password? 
You should change your email password immediately.  Report the ’phishing’ email to the Service Desk 
As your account was compromised you will start to receive a large amount of SPAM emails.  Do not open/reply to any of these emails.  Delete these emails.

ISS Response  
When ISS are alert by an account generating large amounts of outbound email, this usually means SPAM emails

  1. ISS will reset the password on your account
  2. Log on to the account and check the rules. If there is a rule to move all messages as they arrive into Deleted Items, delete the rule.  Usually the SPAMMer creates a rule to move ALL mail to the deleted items as they arrive. This usually delays the users awareness that their account has been compromised and the problem they usually report is that they are not receiving new mail.
  3. Create a new rule to move bounced SPAM to the deleted items folder. This might be based on the subject line.
  4. ISS will ring (if your telephone number is available) and inform you of your new password and the new rule created on your account
  5. A large amount of outbound SPAM emails can sometimes lead to nuigalway.ie emails being blacklisted, depending on the extent of the volume of SPAM.  ISS will follow up with individual service providers to get the block removed.  It can take up to 24 hours for external service providers to remove the block on nuigalway.ie emails

Share Responsibility for Protecting our Community at NUI, Galway

A number of you will have received a recent fraudulent message purporting to be from the NUI Galway "Technical Upgrade Team" or “IT SERVICE webteam” asking for your email login details.

We are all becoming increasingly familiar with the need to protect ourselves against malicious and fraudulent attempts to get us to disclose personal information. Many of you will be familiar with this through your use of Internet banking. On this occasion the fraudsters' objective was to use the University's IT resources to send out Spam on a large scale.

Only a tiny handful of people in our community were unfortunate enough to be deceived by this particular message. However, even this enabled the fraudsters to obtain limited access to our resources. The gaps created have now been plugged.

Despite our best efforts and significant technology investment we cannot guarantee to intercept and block all such messages in future. We have to ask you to share responsibility for protecting our community.

You should be aware of the following key principles:

  1. At work and outside work you should never ever respond to unsolicited emails requesting personal information such as your bank details, your date of birth, or your computer login credentials. 

  2. Remember that Information Solutions and Services will never send you an email asking for your computer password. 

  3. Any "All Staff" email sent by Information Solutions and Services will always be signed off with the name and position of a Information Solutions and Services manager. If you don't know the person or their position then check them out on our website.

  4. In future we will introduce messages from Information Solutions and Services with the words: "Information Solutions and Services / Réitigh agus Seirbhísí Faisnéise". If the message doesn't have this heading then don't trust it.