CSC Logo     Computer Service Centre
   
General I T Services
  MPI Home
General I.T. Services
  Helpdesk
 
 
 
 
 
 
 
 
 
 
 

Services for Students
Services for Staff

Search CSC
Contacts
About CSC
  Internet Security and Web Content Filtering Service
 

What is the Internet Security and Web Content Filtering Service?

  Macao Polytechnic Institute implements a Internet Security and Web Content Filtering Service to better protect campus computers and to prevent user information leakages due to the access to spyware, adware, phishing, and viruses’ prone web sites.
  The Internet Security and Web Content Filtering service screens all web pages accessed from the campus network. The service operates at gateway level blocking the access to any URLs matching a list of blacklisted addresses. The blacklist categories and database are provided and maintained by a leading security company, Websense.  It is designed to seek out Web sites with particular categories of content, such as pornography and incitement to unlawful behaviours.
  Instructions for possibly infected users
   
  Press releases on recent phishing attacks published by Hong Kong Government's InfoSec web site:
  Chinese version
http://www.infosec.gov.hk/chinese/general/protect/antiphishing.htm

English Version
http://www.infosec.gov.hk/english/general/protect/antiphishing.htm

   
  Frequently Asked Questions
  1. What are the threats on Internet?
  2. How will CSC Web security and Internet filtering service help us?
  3. What are the current policies of Web security and Internet filtering service?
  4. The browser popped a window with message “Campus Internet use policy alert”; what should I do?
  5. What action should I take to further protect my computer and data?
  6. What about my privacy?
  7. Why not use only an anti-spyware to protect our computer from threats?
  8. How web content filtering service improves web browsing performance?
   
 
  1. What are the threats on Internet?
 

Spyware and adware [Wikipedia]

Spyware is computer software that collects personal information about users without their informed consent. The term, coined in 1995 but not widely used for another five years, is often used interchangeably with adware and malware (software designed to infiltrate and damage a computer respectively).

Personal information is secretly recorded with a variety of techniques, including logging keystrokes, recording Internet web browsing history, and scanning documents on the computer's hard disk. Purposes range from overtly criminal (theft of passwords and financial details) to the merely annoying (recording Internet search history for targeted advertising, while consuming computer resources). Spyware may collect different types of information. Some variants attempt to track the web sites a user visits and then send this information to an advertising agency. More malicious variants attempt to intercept passwords or credit card numbers as a user enters them into a web form or other applications.

Phishing web site [Wikipedia]

In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

Malicious software

Malware or malicious software is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a portmanteau of the words "malicious" and "software". The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

bandwidth consuming protocol

P2P file sharing such as BitTorrent, eDonkey, and Kazaa iMesh. These protocols can consume most of our bandwidth and result in very slow Internet browsing.

   
  Return to Top
  2. How will CSC Web security and Internet filtering service help us?
  Web security and Internet filtering service will adopt Websense web security suite as a gateway filter appliance. It blocks the web page if it includes spyware and harmful content. Also if the web page is suspected to have inappropriate content, a warning page will be popped up and your confirmation is required in order to continue displaying the content of that web page. Websense will also block the web page and protocols which are bandwidth consuming, so it can provide our staff a faster Internet browsing experience.
   
  Return to Top
  3. What are the current policies of Web security and Internet filtering service?
 

Our principle is to block harmful websites which include Spyware and malicious code.

A warning message will be prompted to the users if they are trying to access a web site which might include inappropriate content such as sex, weapons, violation, etc. In addition, some non-business and non-academic related web sites will also require users' confirmation before accessing them.

  Detailed Filtering Policy
   
  Return to Top
  4. The browser popped a window with message “Campus Internet use policy alert”; what should I do?
 

There are two kinds of web page that will give our users a warning message.

Warning Page

This message is a warning that tells our users they are trying to access a web page with possibly inappropriate or non business related content. If you still want to access to this web page, please press the “Continue” button.



 

Block Page

If the web page you are trying to access might include harmful content (i.e. spyware, virus, phishing), a similar warning message will be prompted but only the “Go Back” button is available.  You must click “Go Back” button to return to the previous web page.

   
  Return to Top
  5. What action should I take to further protect my computer and data?
 

Please refer to our web page on http://csc.ipm.edu.mo/security/.

   
  Return to Top
  6. What about my privacy?
  Every URL that user accesses will be recorded for possible web security problem investigation. The content of the webpage will not be recorded. Investigation will only be carried out by Information Security staff under strict guidelines that take the privacy of individuals into account.
   
  Return to Top
  7. Why not use only an anti-spyware to protect our computer from threats?
  For personal computer at home, it is true that the most effective solution is to install standalone anti-spyware software. However, in MPI, there are about 1,200 computers running different version of operating system (e.g. Macintosh and Linux) and some students might also use their own notebook on campus. It is hard to find ”standard" software applied for all operating systems, and the deployment will also be very labour intensive. Anti-spyware software can only protect against threats when the threat is already known. It could not stop the user accessing phishing (fake) web sites. Our web security service operates at gateway level and therefore it requires no client software installation. It is based on web site (or IP address) reputation which can block unknown threat, phishing sites and help us to identify the virus or spyware infected computers easily as their computers keep accessing the harmful websites.
   
  Return to Top
  8. How web content filtering service improves web browsing performance?
  The web security service can block the most popular Peer to Peer (P2P) file sharing and prevent accidental access or download of malicious codes/threats. It also can limit some non-business related bandwidth consuming services (e.g. online games, web TV...etc.). Therefore, it could provide our users "a faster and cleaner" Internet browsing environment.
 

  Any comments or feedback, please send email to websecurity_admin@ipm.edu.mo

Last updated: by Computer Service Centre.