Securing Computers
    Main Page
    "How Do I..." Information
 

Last Updated: 24 Oct 2002

Securing computers is necessary if you are connecting to the network by any means, and wise even if you aren't. Lab computers supported by lab staff are already secured; student-administered and professor-administered computers often are not.

Please note that physical security is paramount to truly securing a computer -- once someone has physical access to the computer, anything can happen... including compromising the system by resetting passwords and removing the hard disk and attempting to read its contents.

Physical security may very difficult to achieve in an open lab environment, although one possibility is locking the case of the computer, disabling the ability to boot from CDs or floppies and setting up a BIOS password (please tell lab staff what it is!).

Disregarding the physical security aspects, the main things you want to protect against then, is an electronic attack that originates from outside of the computer.

  1. Virus prevention

    Without a network connection, about the only attack that can happen is via a file you transfer to and/or run on your computer -- that file might have a virus attached to it.

    Once on the network, downloading files, visiting certain web sites, opening email attachments, and other network-based activity can cause a virus to infect your computer.

    About the only thing one can do is to install a virus prevention program, which, of course, can only try to protect your computer from known virii (via their signature; although some software can use heuristics to capture unknown ones).

    • For Windows workstations:

      The UW has a site license for VirusScan.

    • For Windows servers:

      The UW has a site license for NetShield.

    • For Linux:

      We are aware that virus scanners for Linux exist, but have not investigated them.

    You must set up these virus scanners to periodically and frequently update their signatures and even the virus scanning engine. If you install UWICK, you get a lot of things already configured for use here. Otherwise, this is best done by pointing to an ftp site that has them, such as ftp.cac.washington.edu.

  2. Securing network and web access

    Some people like to break into your computer to:

    • vandalize your information
    • steal financial or other information
    • watch what you are doing
    • subvert your computer into attacking other computers
    • modify your information for their own purposes

    To borrow from a house analogy, if you put locks on your doors you may feel safer from entry by the doors, but you may have neglected to lock the windows. And how much protection is a window, anyway, to a determined person? In reality, due to cost and cleverness, all we can do is hamper a truly-determined person or group from breaking into something.

    Consequently, we:

    • buy good locks (make hard-to-break passwords)
    • change the locks (our passwords) often
    • lock up infrequently used access points (firewall: block network ports not in use)
    • don't let in strangers (block computers that are unfamiliar, if possible)
    • use a wall safe (encrypt files)
    • periodically check unused areas (scan for compromised files)

    But that's about as far as the house analogy goes. We have to get out of the house sometimes, and take our cars on that network we call the highway system. Anyone can watch and track our departure and arrival, as well as see who is in the car (in most cases).

    This is very similar to watching or snooping network traffic. If one has the means to view the network (the "road"), then one can see the packets of information (the "cars") and see what their payload is (the "occupants").

    With a wired Ethernet network, one can fairly easily peek at network packets if a computer is attached to the network, as Ethernet broadcasts its information. Ethernet switches (vs. hubs) may help somewhat with this.

    Wireless networks are much easier to snoop, especially because they are not physically constrained by where a wire is, and there is ample leakage of the signals. Even the wireless encryption protocol (WEP) cannot help, as it is inherently flawed, and there is no other standard currently available.

    This is one reason why we as a university transitioned to secure transport protocols for file transfers and email access... with the advent of wireless transmission, it would be much easier to see packets with login and password information, thereby compromising the security of a login account. Because we need the network, we sometimes need to secure data that travels over the open highway, so to speak, so we encrypt it to make it more difficult to read... just like people tint their car windows or use cargo vans to conceal their contents.

    For the web, SSL (Secure Sockets Layer) is often used to protect financial information between client and server. For file transfers, the SSH (Secure SHell) protocol is often used. Modern authentication protocols are also secure; older ones such as ftp and telnet are not -- passwords are sent in plain text.

    What this means for servers or services that you set up are:

    • change your passwords often to avoid the possibility that the password file was stolen and someone is trying to crack it (which takes time)

    • use a firewall or IP filtering mechanism to block access to TCP/UDP ports that are not in use

      They are not panaceas -- see NAT and Firewall Limitations and UW Network Security Credo for details.

    • keep operating system and application software up to date

      Often a security hole in an operating system is known and quickly fixed before it is widely exploited. By keeping up with updates, you can avoid many problems that plague computers.

      See System Scanning Tools for details.

  3. Securing files

    Sometimes you don't want anyone else to read your files, especially if they contain sensitive information such as passwords and your own hard-won solutions to assignments. If you share your computer with other people or put it on the network and you don't have file access permissions set up properly, your files may be readable by anyone.

    One reason for login accounts is to authenticate people, to attempt to verify they are who they say they are. One can then use the presumed authentication to allow access to some resources, such as files, which is a process called "authorization". A good operating system, such as Windows 2000 or Linux, can protect files from casual viewing -- although all files are visible from privileged accounts ("Administrator" or "root"), since some people get into trouble over-protecting their files.

    Ideally, you would set up only the accounts that you need on a computer, use strong passwords which are changed often, block guest login accounts, and ensure that file permissions are set by default to only the owner of the files... you can expand them later.

    As an extra measure of file readbility defense, you can encrypt a file. Doing so without a backdoor (like Windows 2000's second key for Administrators) is dangerous, since you could lose the contents of the file if you forget or lose the password. Of course, having a backdoor is also dangerous, but overall it may prevent most users from being able to read the file.

  4. Secure programming

    Programming for security is a fairly new area for most programmers. The whole Java security model is based on trying to keep everything well-contained to prevent inadvertent access to resources. However, embedding passwords in JDBC connection strings is one area where the model falls short of its designer's goals.

  5. Intrusion detection

    A good security person is ever vigilant, and takes proactive steps toward determining if the system is still sound.

    See Intrusion Detection Systems for details.

Change Log

24 Oct 2002 Original document

Hours  |  Support Information  |  News  | 
Policies  |  Emergencies