Security
    Main Page
 

Last Updated: 21 Jan 2015

The Problem

A newly-installed operating system or application on the campus network can be compromised (i.e., someone other than you can control that computer) in as quickly as 15 minutes.

Currently, it is estimated that every computer on the network is scanned for vulnerabilities every five minutes.

Consequently, it is imperative that those responsible for installing or otherwise administering a computer that is attached to the network for any period of time know how to secure their computer from current and future attacks, and make the necessary changes.

Responsibility

If you are responsible for administering a computer that is attached to the campus network, you are also responsible for installing and maintaining the security of that computer. The types of computers affected include:

  • personal computers -- notebooks or desktops (see policy on use)
  • student-administered virtual machines

Security Alerts

One good source of information about potential and actual security problems is CERT. Perhaps the best thing to do is to get on their mailing list, so you will get notified instead of having to remember to check their web site.

What You Need to Do

  1. get secure

    Getting secure means that you install or update trusted software in a secure setting. Here is some elaboration on the terms used:

    1. trusted software

      Most of the time, you can trust web content from major companies. One time to be especially careful is when using a search engine to find the software to patch -- if you don't look closely, you might be directed to a site that purports to provide the patch but actually houses a concealed attack. One way to help with this type of problem from main sites (e.g., www.redhat.com), is to verify the patch message digests (a means of validating the contents).

    2. secure setting

      Installing an operating system while still connected to the network is risky -- someone could compromise your computer before you apply any updates. If there is a secured computer, you can often download the updates, burn them onto a CD, and install them while disconnected from the network.

      Installing an application (e.g., SQL Server) while still connected to the network may also be exposing your computer to an attack. If possible, you should:

      1. download the application package AND ALL UPDATES OR PATCHES while connected to the network

        If installing from a CD or DVD, prior to installing, browse to the website for the application and download all updates or patches first.

      2. disconnect from the network
      3. install the package
      4. apply the downloaded updates or patches
      5. configure the application
      6. reconnect to the network

      Installing in an open environment is also risky. Make sure that you protect your installation and update process from internal hacking as well.

    A computer gets secure by installing (as above) the latest OS patches, creating strong passwords, shutting down services you don't need, and using a firewall or port-blocking software where appropriate.

  2. stay secure

    Since new security problems appear frequently, it is not enough to secure your computer once and forget about it. You must remain vigilant, keeping notified of new means of breaking in, as the only thing security measures can do is prevent against known attacks.

    Installing critical updates often, shutting down unnecessary services after updating software, maintaining strong passwords, avoiding sending passwords in plain text over a network, and controlling network port access are good techniques to stay secure.

References

  1. UW Information Systems Security Policy

    This is where the University stands on who is responsible, specific responsibilities, and what to do about security, including security and privacy of data.

  2. UW Guidelines for Implementing Systems and Data Security Practices

    Though referred to by the "UW Information Systems Security Policy", this web page is not linked to that document, and is provided here for easy reference.

  3. UW Minimum Computer Security Standards

    Here is a presentation when it was just a proposal: Presentation: Proposed Minimum Computer Security Standards

  4. UW Minimum Data Security Standards

    This is the University's policy on how to classify and secure data.

  5. UW Computer Security Information

    This is a great campus resource for securing computers.

  6. Presentation: Computer Security for Student-Administered Computers

    You might find some pertinent Windows 2000 and Linux security information in this old presentation.

  7. Presentation: Grey Hat Group: UW Information Systems Security Policy
  8. 16 Feb 2007 NWSEC2007 Presentation: What's Happening? An Introduction to Event Modeling and Correlation
  9. 10 Apr 2007 Presentation: Windows Forensics
  10. 24 Jan 2008 Presentation: Windows Forensics
  11. Compromise Detection, Blocking and Removal Methodology
  12. 7 May 2008 NWSEC2008 Presentation: Malware in the Home

    Scenario:

    A cool breeze awakens you in the middle of the night. That shouldnít happen. You get out of bed and turn on the lights, looking for the source. You find an open window, and something underneath the window is knocked over. It might be your cat. However, you listen for sounds of an intruder in your home. Not hearing anything, you grab something to defend yourself in case of an attack and a flashlight to search the house for signs of an intruder, starting with the valuable things. You notice that some valuable things are missing; you now think there was an intruder: a burglar. If you are brave (or foolish), you search the house thoroughly for where the intruder might hide: closets, basement, attic, dark corners, under the bed, in the garage, etc. You call the police, and they search for the intruder and record the information you tell them. They donít find anyone, and leave.

    You donít want this to happen again, and think that the window must have been unlocked, so you lock it and check all of the rest of the windows and doors. You clean up under the window. Afterwards, you might try to go back to sleep, but your senses are heightened now and it isnít easy. You contemplate getting a dog.

  13. 26 Apr 2010 TINFO 340 Presentation: UW Security Policy and Implementation
  14. 12 May 2011 TINFO 340 Presentation: UW Security Policy and Implementation
  15. 15 May 2012 TINFO 340 Presentation: UW Security Policy and Implementation

Change Log

21 Jan 2015 Changed reference to student-administered computers in a lab to student-administered virtual machines.
6 Dec 2012 Updated UW security links because many of the UW Administrative Policies relating to computer security were missing and replaced by later policy updates.
19 Apr 2010 Added link to "UW Guidelines for Implementing Systems and Data Security Practices" and "What's Happening: An Introduction to Event Modeling and Correlation" and "UW Security Policy and Implementation" presentations.
19 Apr 2010 Added topic on "UW Minimum Data Security Standards" and provided link to " UW Computer Security Standards"
7 May 2008 Added Malware in the Home presentation
13 Mar 2008 Added Compromise Detection, Blocking and Removal Methodology link
24 Jan 2008 Added link to 24 Jan 2008 Windows Forensics presentation.
10 Apr 2007 Added link to Windows Forensics presentation.
5 Mar 2004 Added link to UW Information Systems Security policy.
21 May 2003 Added information to cover application as well as OS installation
7 May 2003 Major revision of content
11 Apr 2002 Original document

Hours  |  Support Information  |  News  | 
Policies  |  Emergencies