SecurityThere is no firewall between the SCS network and the internet (Why?). As a result, our network gets scanned several hundred times per day. Every year, there are numerous break-ins to SCS hosts. The vast majority of these break-ins happen because of the following, mostly preventable, causes:
- Unpatched software. Unpatched hosts are often quickly (meaning within minutes/hours of being placed on the network) broken into.
- Poor passwords.
- Passwords that are sent over the network unencrypted and get sniffed.
- Viruses/worms on Windows hosts.
- Poorly configured software (open shares on Windows hosts, unrestricted NFS exports, etc).
- People not recognizing phishing attacks, and thus typing their credentials at phishing sites.
- Compute securely:
- Protect yourself against phishing attacks, internet hoaxes, and scams
- Choose good passwords
- Protect your passwords when they go over the networkUse SSH for secure login, file transfer, and network connections
- Use WebISO authentication to authenticate when accessing SCS and campus web-based services
- Configure your X server software to prevent snooping
- Deal with a Windows break-in
- Deal with a Unix/Linux break-in
- Remove Symantec Endpoint Protection from a PC
- About Kerberos and Kerberos instances in SCS.
- SCS password overview
- An overview of the various types of passwords in SCS.
The following offsite links will open in a new browser window:
- CMU Computing Services Information Security Office
- Guidelines for secure computing at CMU
- Security advisories and lots of good information.
- Security Focus
- Security news, and home of various mailing lists, including bugtraq archives.
- SANS Institute
- See their reading room for a large collection of security-related articles.
- The home of Nmap, along with other security-related resources, including some good lists of security tools.