Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Security

There is no firewall between the SCS network and the internet (Why?). As a result, our network gets scanned several hundred times per day. Every year, there are numerous break-ins to SCS hosts. The vast majority of these break-ins happen because of the following, mostly preventable, causes:
  • Unpatched software. Unpatched hosts are often quickly (meaning within minutes/hours of being placed on the network) broken into.
  • Poor passwords.
  • Passwords that are sent over the network unencrypted and get sniffed.
  • Viruses/worms on Windows hosts.
  • Poorly configured software (open shares on Windows hosts, unrestricted NFS exports, etc).

How to

Related documentation

Kerberos
About Kerberos and Kerberos instances in SCS.
SCS password overview
An overview of the various types of passwords in SCS.

Additional information

The following offsite links will open in a new browser window:

CMU Computing Services Information Security Office
Guidelines for secure computing at CMU
CERT
Security advisories and lots of good information.
Security Focus
Security news, and home of various mailing lists, including bugtraq archives.
SANS Institute
See their reading room for a large collection of security-related articles.
Insecure.org
The home of Nmap, along with other security-related resources, including some good lists of security tools.