Use PCLeland and Samson for secure logins to campus servers

last revision August 10, 2004

Suggestions to secure your Windows PC:
  1. Use strong passwords
  2. Install security patches
  3. Share files correctly
  4. Use anti-virus software
  5. Protect against email viruses
  6. Install PCLeland
  7. Minimize open network services
  8. Run a security analyzer
  9. Do regular backups
  10. Apply special Windows XP fixes

Preventing hackers from entering your Windows computer over the network is not enough. You need to make sure that a hacker cannot capture your account name and password when you login from your Windows desktop to campus servers such as pangea, the leland systems, and restricted web sites. A hacker can use a captured password to wreck havoc on your files and information. He may also use it to run his scanning programs on the servers or even as an entry point to try to take control of the servers.

To keep your account information secure, you need to make encrypted connections to campus servers. Encryption encodes your account information so that it is unreadable even if the network traffic is captured by a hacker who is spying on the network (read more about network spying).

Stanford has implemented the Kerberos authentication system to keep your SUNet ID and password safe from spying. The PCLeland program provides the Kerberos service on Windows computers. It works in conjunction with the Stanford version of telnet, called Samson, with all major PC email programs, and with "webauth" protected web pages, so that your ID and password are encrypted whenever you connect to a campus server for telnet login, email, or web access.

Download the PCLeland and Samson programs and get instructions for configuring them for remote logins and email connections at the Essential Stanford Software web site. The default installation for Energy Resources Engineering department supplied computers already includes correctly configured copies of PCLeland and Samson, including Eudora configuration to work with PCLeland.

Comments or Questions?