Security and Computing
Threats to computing infrastructure evolve daily. Awareness of these emerging threats is vital to building a safer and reliable computing experience in any organization. CMU (and more specifically SCS) leverages a network connection to the internet that does not utilize a traditional firewall as would be expected in many enterprise scale networks. While some specific groups may implement additional security on their local networks and we do block some common ports (as well as some common Windows ports), there is no traditional firewall implementation between the SCS network and the internet (Why?).
As a result, our network gets scanned several hundred times per day. Every year, there are numerous break-ins to SCS hosts. The vast majority of these break-ins happen because of the following, mostly preventable, causes:
- Unpatched software. Unpatched hosts are often quickly (meaning within minutes/hours of being placed on the network) broken into.
- Poor passwords.
- Passwords that are sent over the network unencrypted and get sniffed.
- Viruses/worms on Windows hosts.
- Poorly configured software (open shares on Windows hosts, unrestricted NFS exports, etc).
- People not recognizing phishing attacks, and thus typing their credentials at phishing sites.
As stated above, one of the most important elements of computer security is users being aware of customized, social or phishing attacks that leverage practices of redirection, sending/executing malicious code and focus on obtaining access via compromised credentials.
Resources
Carnegie Mellon University's Information Security Office (ISO) strives to keep all University affiliates informed about the latest cyber security threats, safe computing practices and relevant information security policies and compliance issues.
In addition to being proactive in testing our network infrastructure and monitoring the CMU network, ISO offers guidelines and training resources for all of the CMU community. Visit their security training website for more information at https://www.cmu.edu/iso/aware/index.html.
Articles
- Compute securely:
- Crowdstrike Endpoint Prevention, Detection, and Response (EDPR)
- Phishing Attacks, Internet Hoaxes, and Scams
- Password Security
- Use SSH for secure login, file transfer, and network connections
- X Server Security
Was this page helpful?
Use this box to give us feedback on this webpage and its content. If you need a response, please include your Andrew ID.
Need technical support? Submit a ticket