Network security resources and reporting problems
Last revision November 30, 2011
Computers connected to networks are exposed to potentially damaging access by unauthorized "hackers". Protecting sensitive data and providing a stable computing environment for academic work is a priority in the School of Earth Sciences.
The prime method for a hacker to compromise your computer is to trick you into running a program that lets him in!
"Phishing" attacks send an official looking email requesting your account or personal identity information to solve a problem or prevent supposed account closure. Never respond to these email requests for your account password or personal identity information. They are always a hoax. Legitimate organizations will never request that information by email.
Other "phishing" attacks send emails with links or attachments promising something interesting or important to look at, but in reality, clicking the link or opening the attachment runs a program that probes your computer for weaknesses so the hacker can take control of it. Never follow links or open attachements in unexpected emails, even if they appear to be from a friend or colleague. Check first if that person really sent it.
Peer-to-peer file sharing programs such as Napster, Kazaa, Grokster, Gnutella, Limewire, and Bittorrent are notorious vectors for hacker compromises of computers. Distribution sites for the programs themselves and files that are distributed are often "contaminated" by hackers with their own malicious programs, that "ride along" and infect your computer while you are downloading files. In addition, these peer-to-peer file sharing programs often expose files on your computer, including those containing identity information, to anyone on the internet. Peer-to-peer file sharing programs should never be installed on Stanford-owned computers and you are strongly discouraged from using them on personally owned computers.
Hackers also probe computers on the network looking for known bugs in the operating system, insecurely configured services, and weak passwords. All computers connected to the Earth Sciences network must implement a basic set of security configurations, including anti-virus software and automatic security patch installation, using the Stanford Network Registration Tool, which is normally run when you register your computer for network access.
Hacker break-ins and compromises of personal computers running various versions of Microsoft Windows have been common on the Stanford campus in the past, before serious attention was paid to improving security. For example, 7000 PCs were compromised in August, 2003, including 70 in Earth Sciences; hundreds more in March, 2004, including 30 in Earth Sciences; 17 in Earth Sciences in August, 2005; and another five in Earth Sciences in September, 2006. The Stanford Network Registration Tool now implements all basic Windows security settings and checks, including anti-virus, and hacker compromises are now rare, except for the occasional person who succumbs to the lure of a phishing attack (see above). If you want to know more, see our general advice on how to secure Windows PCs against hackers.
So far, Apple computers running Mac OS X have generally been immune to hacker break-ins. To help keep it that way, when registering Macs on our network, the Stanford Network Registration Tool does basic checks on password strength; configures Apple Software Update to check automatically for new system updates; and installs the Stanford site-licensed Sophos Anti-Virus program (if no other anti-virus program is detected).
Unix and Linux systems generally offer many network services and are vulnerable to hacker break-ins unless properly configured and maintained with security patches. For example, numerous Linux workstations in Earth Sciences research groups were compromised in the summer of 2006 because their users were not installing system software patches.
The Stanford University Information Security Office provides a good website addressing computer security issues. The Secure Computing site is aimed at computer users and system managers, and provides instructions and links to tools for proactive security.