SCS Computing
 Services and Solutions
  links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 » How to… 
 » Accounts & passwords 
 » AFS 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Support lifecycle 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 


There is no firewall between the SCS network and the internet (Why?). As a result, our network gets scanned several hundred times per day. Every year, there are numerous break-ins to SCS hosts. The vast majority of these break-ins happen because of the following, mostly preventable, causes:
  • Unpatched software. Unpatched hosts are often quickly (meaning within minutes/hours of being placed on the network) broken into.
  • Poor passwords.
  • Passwords that are sent over the network unencrypted and get sniffed.
  • Viruses/worms on Windows hosts.
  • Poorly configured software (open shares on Windows hosts, unrestricted NFS exports, etc).
  • People not recognizing phishing attacks, and thus typing their credentials at phishing sites.

How to

Related documentation

About Kerberos and Kerberos instances in SCS.
SCS password overview
An overview of the various types of passwords in SCS.

Additional information

The following offsite links will open in a new browser window:

CMU Computing Services Information Security Office
Guidelines for secure computing at CMU
Security advisories and lots of good information.
Security Focus
Security news, and home of various mailing lists, including bugtraq archives.
SANS Institute
See their reading room for a large collection of security-related articles.
The home of Nmap, along with other security-related resources, including some good lists of security tools.