PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002

PPD & CLRC's response to the (IS) Security Threat

Gareth SmithPPD/CG Christmas Lectures

2002

Christmas 2002 PPD\Computing Group 2

Anti-Virus - move to Sophos.

Move from Network Associatesto

Price & Support issues

As before:Managed from central console.Set to scan PCs at 05:00 each morning, and midday Wednesday.CG automatically notified (e-mail) if virus found.


Anti-Virus at Home

“1 in 30 e-mails has a virus”If you handle e-mail and do not have up-to-date anti-virus protection – you have an infected PC.

Our Sophos Licence covers your home PC.

CD in preparationNot as easy as some other A-V products to update at home.


Home Users

To connect in (via dial-up or PPTP) you are required to have both an up-to-date anti-virus program and a personal firewall on your PCWe have purchased copies of Zone Alarm personal firewall if you need them.


Firewall and Remote Users

Ways into the lab from a remote system:Bastion Host

http://www.bitd.clrc.ac.uk/Activity/BastionServer

Dial-in to RAL RAS service.http://www.pcsupport.rl.ac.uk/netserv/dialup.htm

Use the PPTP server.http://www.pcsupport.rl.ac.uk/netserv/pptp/pptp_intro.htm


Use of PPTP(Point to Point Tunnelling

Protocol)

RAL

Remote networ

k

Internet

firewall


Use of PPTP(Point to Point Tunnelling

Protocol)

RAL

Remote networ

k

Internet

firewall

Pptp01.rl.ac.uk


Security Updates

For windows systems Update Expert – for desktop Windows systems in PPD. Windows Update – for laptops.

If you manage a system (e.g. a LINUX system) – you are required to ensure it is up-to-date with all relevant security patches.(E.g. use autoRPM.)



SPAM mail

If (when ?) you receive SPAM mail, which may be offensive – don’t panic!

Do NOT reply to it (even if it says “ send a mail to …. if you wish to be taken off this list”)Move to the ‘#SPAM’ folder.

Beware of Hoax mailsDo not believe anything that says “…. Pass this on to all your colleagues”.

If in doubt ask CG or CLEO (ext 5730)http://www.cleo.clrc.ac.uk/



‘Nigerian’ or ‘419’ Scam

Letter, typically involving someone in an African country, asking with assistance to gain access to a sum of money.Do not reply – move mail to ‘Nigerian Scam’ folder.May send paper letters or e-mail, and may target church groups & charities.See

http://www.ncis.gov.uk/press/24_01.asp


Your Responsibilities

Awareness of security issues.Appropriate Use of CLRC resources.Correctly managed systems.

CLRC Security PolicyCLRC Codes of ConductCLRC Incident procedures

See the PPD introduction to this at:http://hepwww.rl.ac.uk/ppdcomputing/NT/

Security_Intro.html


Bureaucracy…..

Data Protection Act - 1998 Freedom of Information Act 2000. Regulation of Investigatory Powers (RIP) Act 2000. Anti-Terrorism, Crime & Security Act 2001.

“As a matter of policy, CCLRC will comply with the provisions of the RIP Act. CCLRC will monitor the use of JANET and CCLRC internal telecommunications networks, both to provide assurance that CCLRC staff (and users of CCLRC facilities) are complying with the acceptable use policy and to ensure that there is no illegal use of these networks.”


Passwords

SecureNot saved in an obvious placeOf good enough quality (CLRC ‘rules’)

Including passphrases used to protect certificates.Phasing out ‘clear text’ passwords over the network.

Telnet into site will be blocked from 1st Feb 2003.Anticipate FTP block.


When IT All Goes Wrong….

Ensure important files are saved on disks that are backed up. E.g.

H: drive on Windows desktopsUnix home file system, AFS home file systemEtc.

CG have (and are improving) disaster recovery plans

Documents

PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002