Last Updated: 15 Sep 2015
is necessary if you are connecting to the network
by any means, and wise even if you aren't.
Your supplied office computer is already secured to some degree; this
information is intended for any additional computers you set up for
any purpose on campus.
Please note that physical security is paramount to truly securing
a computer -- once someone has physical access to the computer, anything
can happen... including compromising
the system by resetting passwords and
removing the hard disk and attempting to read its
However, assuming that your office remains locked for other reasons, you
have some level of physical access protection.
The main things you want to protect against then, is an attack that originates
outside your office.
- Virus prevention
Without a network connection, about the only attack
that can happen is via a file you access from
a CD/DVD or a USB flash/thumb drive.
If you attempt to run that file on your computer, it
might have a virus attached to it. This may be especially problematic for faculty
who need to run student programs to verify that they work -- the student
may have inadvertently or maliciously attached a virus.
Once on the network, downloading files, visiting certain web sites, opening
email attachments, and other network-based activity can cause a virus to
infect your computer.
About the only thing we can do is to install an anti-virus or
end-point protection application. An anti-virus application
can only try to protect your computer from known virii
via their signature;
although some software can use heuristics to capture unknown ones.
End-point protection software may offer additional protection mechanisms.
The UW has a site license for
for Windows, Macintosh or Linux. Sophos can be installed on campus
computers, or on personal computers for as long as you are associated
with the UW.
Anti-virus tools periodically and frequently update
their signatures and even the virus scanning engine.
They require a network connection to do that.
- General Protection Mechanisms
Hackers, organized crime, and nation-states imay attempt
to break into your computer to:
- vandalize your information
- steal financial or other information
- watch what you are doing
- subvert your computer into attacking other computers
- modify your information for their own purposes
To borrow from a house analogy, if you put locks on your doors you
may feel safer from entry by the doors,
but you may have neglected to lock the windows. And how much protection
is a window, anyway, to a determined person? In reality, due
to cost and cleverness, all we can do
is hamper a truly-determined person or group from breaking into something.
- buy good locks (make hard-to-break passwords)
- change the locks (our passwords) often
- lock up infrequently used access points (firewall: block network ports not in use)
- don't let in strangers (block computers that are unfamiliar, if possible)
- use a wall safe (encrypt files)
- periodically check unused areas (scan for compromised files)
But that's about as far as the house analogy goes. We have to get out of
the house sometimes, and take our cars on that network we call the
highway system. Anyone can watch and track our departure and arrival, as
well as see who is in the car (in most cases).
This is very similar to watching or snooping network traffic. If one has the means
to view the network (the "road"), then one can see the packets of information
(the "cars") and see what their payload is (the "occupants").
With a wired Ethernet network, one can fairly easily peek at network packets
if a computer is attached to the network, as Ethernet broadcasts its information.
Ethernet switches (vs. hubs) may help somewhat with this.
Wireless networks are much easier to snoop, especially because they are
not physically constrained by where a wire is, and there is ample leakage of
the signals. Even the wireless encryption
protocol (WEP) cannot help, as it is inherently flawed; use of WPA 2
This is one reason why we as a university
transitioned to secure transport protocols for
file transfers and email access... with the advent of wireless transmission,
it would be much easier to see packets with login and password information,
thereby compromising the security of a login account.
Because we need the network, we sometimes need to secure data that travels
over the open highway, so to speak, so we encrypt it to make it more difficult
to read... just like people tint their car windows or use cargo vans to
conceal their contents.
For the web, TLS
(Transport Layer Security) is often used to protect financial
information between client and server. For file transfers, the SSH
(Secure SHell) protocol is often used.
Modern authentication protocols are also secure; older ones such as ftp and
telnet are not -- passwords are sent in plain text.
What this means for servers or services that you set up are:
- change your passwords often to avoid the possibility that the password file
was stolen and someone is trying to crack it (which takes time)
- use a
port filtering mechanism to block access to TCP/UDP ports that
are not in use.
They are not panaceas -- see
NAT and Firewall Limitations
UW Network Security Credo for details.
- keep operating system and application software up to date
Often a security hole in an operating system is known and quickly
fixed before it is widely exploited. By keeping up with updates,
you can avoid many problems that plague computers.
- Securing files
Sometimes you don't want anyone else to read your files, especially if they
contain sensitive information such as passwords, student grades, and personnel
issues. If you share your computer with other people or put it on
the network and you don't have
file access permissions set up properly, your files may be readable by
One reason for login accounts is to authenticate people, to attempt to
verify they are who they say they are. One can then use the presumed
authentication to allow access to some resources, such as files, which
is a process called "authorization". A good operating system, such as Windows
Mac OS/X or Linux, can protect files from casual viewing -- although
are visible from privileged accounts ("Administrator" or "root"), since some
people get into trouble over-protecting their files.
Ideally, you would set up only the accounts that you need on a computer,
use strong passwords which are changed often,
block guest login accounts, and ensure that file permissions are set by
default to only the owner of the files... you can expand them later.
As an extra measure of file readbility defense, you can encrypt a file.
Doing so without a backdoor (entrusted to a system administrator)
since you could lose the contents of the file if you forget or lose
the password. Of course, having a backdoor is also dangerous, but overall
it may prevent most users from being able to read the file.
- Secure programming
Programming for security is a fairly new area for most programmers.
The whole Java security model is based on trying to keep everything
well-contained to prevent inadvertent access to resources. However,
embedding passwords in JDBC connection strings is one area where
the model falls short of its designer's goals.
Secure programming for web applications
is another area of concern.
One must sanitize any input coming into the server, as someone can try
to inject some SQL code into a simple database-backed web application.
- Intrusion detection
A good security person is ever vigilant, and takes proactive steps
toward determining if the system is still sound.
Events from the operating system and applications are often written
to a logging facility. They are a good source of activity and a first
place to look for abnormal activity.
Intrusion detection systems ("IDS") exist, both for the network and for
individual computers or "hosts". Normally, a network IDS is placed
at the connection to the internet, so it can watch all packets as they
enter or leave an organization. They work similarly to anti-virus programs,
looking for signatures of malware in the packets. However, most non-network
administrators do not run a network IDS, as maintaining one is difficult
and there can be a lot of false positives.
A host IDS may be more useful. It also monitors network packets, but as they
enter or leave a host computer. For intrusion prevention, a host IDS may
also keep a copy of all files somewhere, and after an intrusion is detected,
compare the files it has to the saved copies, and alert people if there
is a change -- or automatically replace the changed files. Host IDSes
have to know when software, including the OS, is being updated, so it
doesn't undo updates, as well as to update its saved copies with the valid
|15 Sep 2015
||Updated links and some information, especially for "Intrusion Detection".
|23 Oct 2002