Last Updated: 21 Jan 2015
A newly-installed operating system or application
on the campus network can be
compromised (i.e., someone other than you can control that computer) in
as quickly as 15 minutes.
Currently, it is estimated that
every computer on the network is
scanned for vulnerabilities every five minutes.
Consequently, it is imperative that those responsible for installing
or otherwise administering a computer that is attached to the network
for any period of time know how to secure their
computer from current and future attacks, and make the necessary changes.
If you are responsible for administering a computer that is attached to the
campus network, you are also responsible for installing and
maintaining the security of that computer. The types of
computers affected include:
- personal computers -- notebooks or desktops (see policy on use)
- student-administered virtual machines
One good source of information about potential and actual security problems
is CERT. Perhaps the best thing to
do is to get on their mailing list, so you will get notified instead of having to remember
to check their web site.
- get secure
Getting secure means that you install or update trusted software in
a secure setting. Here is some elaboration on the terms used:
- trusted software
Most of the time, you can trust web content from major companies.
One time to be especially careful is when using a search engine
to find the software to patch -- if you don't look closely,
you might be directed to a site that purports to provide the
patch but actually houses a concealed attack. One way to help
with this type of problem from main sites (e.g., www.redhat.com),
is to verify the patch message digests (a means of validating the
- secure setting
Installing an operating system while still connected to the
network is risky -- someone could compromise your computer before
you apply any updates. If there is a secured computer, you can often
download the updates, burn them onto a CD, and install them while
disconnected from the network.
Installing an application (e.g., SQL Server) while still connected
to the network may also be exposing your computer to an attack.
If possible, you should:
- download the application package AND ALL
UPDATES OR PATCHES while connected to the network
If installing from a CD or DVD, prior to installing, browse
to the website for the application and download all updates
or patches first.
- disconnect from the network
- install the package
- apply the downloaded updates or patches
- configure the application
- reconnect to the network
Installing in an open environment is also risky. Make sure that
you protect your installation and update process from internal hacking
A computer gets secure by installing (as above) the latest OS patches,
creating strong passwords, shutting down services you don't need,
and using a firewall or port-blocking software where appropriate.
- stay secure
Since new security problems appear frequently, it is not enough to
secure your computer once and forget about it. You must remain vigilant,
keeping notified of new means of breaking in, as the only thing
security measures can do is prevent against known attacks.
Installing critical updates often, shutting down unnecessary services
after updating software, maintaining strong passwords, avoiding sending
passwords in plain text over a network, and controlling
network port access are good techniques to stay secure.
UW Information Systems Security Policy
This is where the University stands on who is responsible,
specific responsibilities, and what to do about
security, including security and privacy of data.
UW Guidelines for Implementing Systems and Data Security Practices
Though referred to by the "UW Information Systems Security Policy", this web
page is not linked to that document, and is provided here for easy reference.
UW Minimum Computer Security Standards
Here is a presentation when it was just a proposal:
Proposed Minimum Computer Security Standards
UW Minimum Data Security Standards
This is the University's policy on how to classify and secure data.
UW Computer Security Information
This is a great campus resource for securing computers.
Computer Security for Student-Administered Computers
You might find some pertinent Windows 2000 and Linux security
information in this old presentation.
Grey Hat Group: UW Information Systems Security Policy
- 16 Feb 2007 NWSEC2007 Presentation:
What's Happening? An Introduction to Event Modeling and Correlation
- 10 Apr 2007 Presentation:
- 24 Jan 2008 Presentation:
Compromise Detection, Blocking and Removal Methodology
- 7 May 2008 NWSEC2008 Presentation:
Malware in the Home
A cool breeze awakens you in the middle of the night. That shouldnít happen. You
get out of bed and turn on the lights, looking for the source. You find an open
window, and something underneath the window is knocked over.
It might be your cat. However, you listen for sounds of an intruder in your home.
Not hearing anything, you grab something to defend
yourself in case of an attack and a flashlight to search the house for signs
of an intruder, starting with the valuable things. You notice
that some valuable things are missing; you now think there was an intruder: a
burglar. If you are brave (or foolish), you search the house thoroughly for
where the intruder might hide: closets, basement, attic, dark corners, under the
bed, in the garage, etc. You call the police, and they
search for the intruder and record the information you tell them. They donít
find anyone, and leave.
You donít want this to happen again, and think that the window must have been
unlocked, so you lock it and check all of the rest of the
windows and doors. You clean up under the window. Afterwards, you might try to
go back to sleep, but your senses are heightened now and it isnít
easy. You contemplate getting a dog.
26 Apr 2010 TINFO 340 Presentation: UW Security Policy and Implementation
12 May 2011 TINFO 340 Presentation: UW Security Policy and Implementation
15 May 2012 TINFO 340 Presentation: UW Security Policy and Implementation
|21 Jan 2015
||Changed reference to student-administered computers in a lab
to student-administered virtual machines.
|6 Dec 2012
||Updated UW security links because many of the
UW Administrative Policies relating to computer security were
missing and replaced by later policy updates.
|19 Apr 2010
||Added link to "UW Guidelines for Implementing Systems and Data Security Practices"
and "What's Happening: An Introduction to Event Modeling and Correlation"
and "UW Security Policy and Implementation" presentations.
|19 Apr 2010
||Added topic on "UW Minimum Data Security Standards" and provided link to "
UW Computer Security Standards"
|7 May 2008
||Added Malware in the Home presentation
|13 Mar 2008
||Added Compromise Detection, Blocking and Removal Methodology link
|24 Jan 2008
||Added link to 24 Jan 2008 Windows Forensics presentation.
|10 Apr 2007
||Added link to Windows Forensics presentation.
|5 Mar 2004
||Added link to UW Information Systems Security policy.
|21 May 2003
||Added information to cover application as well as OS installation
|7 May 2003
||Major revision of content
|11 Apr 2002