Last Updated: 24 Oct 2002
is necessary if you are connecting to the network
by any means, and wise even if you aren't.
Lab computers supported by lab staff are already secured;
student-administered and professor-administered computers often are not.
Please note that physical security is paramount to truly securing
a computer -- once someone has physical access to the computer, anything
can happen... including compromising
the system by resetting passwords and
removing the hard disk and attempting to read its
Physical security may very difficult to achieve in an open lab environment,
although one possibility is locking the case of the computer,
disabling the ability to boot from CDs or floppies
and setting up a BIOS password (please tell lab staff what it is!).
Disregarding the physical security aspects,
the main things you want to protect against then, is an
electronic attack that originates from outside of the computer.
- Virus prevention
Without a network connection, about the only attack
that can happen is via a file you transfer to and/or
run on your computer -- that file
might have a virus attached to it.
Once on the network, downloading files, visiting certain web sites, opening
email attachments, and other network-based activity can cause a virus to
infect your computer.
About the only thing one can do is to install a virus prevention program,
which, of course, can only try to protect your computer from known virii
(via their signature;
although some software can use heuristics to capture unknown ones).
- For Windows workstations:
The UW has a site license for
- For Windows servers:
The UW has a site license for
- For Linux:
We are aware that virus scanners for Linux exist, but have not investigated
You must set up these virus scanners to periodically and frequently update
their signatures and even the virus scanning engine. If you
you get a lot of things already configured for use here.
Otherwise, this is best done by
pointing to an ftp site that has them, such as
Securing network and
Some people like to break into your computer to:
- vandalize your information
- steal financial or other information
- watch what you are doing
- subvert your computer into attacking other computers
- modify your information for their own purposes
To borrow from a house analogy, if you put locks on your doors you
may feel safer from entry by the doors,
but you may have neglected to lock the windows. And how much protection
is a window, anyway, to a determined person? In reality, due
to cost and cleverness, all we can do
is hamper a truly-determined person or group from breaking into something.
- buy good locks (make hard-to-break passwords)
- change the locks (our passwords) often
- lock up infrequently used access points (firewall: block network ports not in use)
- don't let in strangers (block computers that are unfamiliar, if possible)
- use a wall safe (encrypt files)
- periodically check unused areas (scan for compromised files)
But that's about as far as the house analogy goes. We have to get out of
the house sometimes, and take our cars on that network we call the
highway system. Anyone can watch and track our departure and arrival, as
well as see who is in the car (in most cases).
This is very similar to watching or snooping network traffic. If one has the means
to view the network (the "road"), then one can see the packets of information
(the "cars") and see what their payload is (the "occupants").
With a wired Ethernet network, one can fairly easily peek at network packets
if a computer is attached to the network, as Ethernet broadcasts its information.
Ethernet switches (vs. hubs) may help somewhat with this.
Wireless networks are much easier to snoop, especially because they are
not physically constrained by where a wire is, and there is ample leakage of
the signals. Even the wireless encryption
protocol (WEP) cannot help, as it is inherently flawed, and there is no other
standard currently available.
This is one reason why we as a university
transitioned to secure transport protocols for
file transfers and email access... with the advent of wireless transmission,
it would be much easier to see packets with login and password information,
thereby compromising the security of a login account.
Because we need the network, we sometimes need to secure data that travels
over the open highway, so to speak, so we encrypt it to make it more difficult
to read... just like people tint their car windows or use cargo vans to
conceal their contents.
For the web, SSL
(Secure Sockets Layer) is often used to protect financial
information between client and server. For file transfers, the SSH
(Secure SHell) protocol is often used.
Modern authentication protocols are also secure; older ones such as ftp and
telnet are not -- passwords are sent in plain text.
What this means for servers or services that you set up are:
- change your passwords often to avoid the possibility that the password file
was stolen and someone is trying to crack it (which takes time)
- use a
IP filtering mechanism to block access to TCP/UDP ports that
are not in use
They are not panaceas -- see
NAT and Firewall Limitations
UW Network Security Credo for details.
- keep operating system and application software up to date
Often a security hole in an operating system is known and quickly
fixed before it is widely exploited. By keeping up with updates,
you can avoid many problems that plague computers.
System Scanning Tools for details.
- Securing files
Sometimes you don't want anyone else to read your files, especially if they
contain sensitive information such as passwords and your own hard-won
solutions to assignments.
If you share your computer with other people or put it on
the network and you don't have
file access permissions set up properly, your files may be readable by
One reason for login accounts is to authenticate people, to attempt to
verify they are who they say they are. One can then use the presumed
authentication to allow access to some resources, such as files, which
is a process called "authorization". A good operating system, such as Windows
2000 or Linux, can protect files from casual viewing -- although all files
are visible from privileged accounts ("Administrator" or "root"), since some
people get into trouble over-protecting their files.
Ideally, you would set up only the accounts that you need on a computer,
use strong passwords which are changed often,
block guest login accounts, and ensure that file permissions are set by
default to only the owner of the files... you can expand them later.
As an extra measure of file readbility defense, you can encrypt a file.
Doing so without a backdoor (like Windows 2000's second key for
Administrators) is dangerous,
since you could lose the contents of the file if you forget or lose
the password. Of course, having a backdoor is also dangerous, but overall
it may prevent most users from being able to read the file.
Programming for security is a fairly new area for most programmers.
The whole Java security model is based on trying to keep everything
well-contained to prevent inadvertent access to resources. However,
embedding passwords in JDBC connection strings is one area where
the model falls short of its designer's goals.
- Intrusion detection
A good security person is ever vigilant, and takes proactive steps
toward determining if the system is still sound.
Intrusion Detection Systems for details.
|24 Oct 2002