February 22nd, 2003 by Dana Roode
When NACS closed NetBios ports at the border router as a critical security measure, it was no longer possible for campus personnel to use Windows file sharing services between work and home, at least not without working through the campus VPN device. (SeeNACSNews 2002.10)
But there is an alternative for those who need to use a campus Windows computer from home or other remote location which does not depend on NetBios ports.
Windows 2000 Server’s Terminal Services (or “Remote Desktop” for Windows XP) are the recommended means of remotely using and administering Windows systems. It’s free, and secure when configured correctly. Moreover, if you use a Macintosh at home, you can download an ICA client which uses the same technology (based on Citrix Metaframe) to access a Windows system from your Mac.
It is important to note that two recent security flaws were detected in these services for which Microsoft has issued a patch, which resolves the problems. All default installations should be patched prior to use on UCInet. An explanation of the issues and a link to the patch may be found on the Microsoft Web site.
As with all security issues, turning this service on is expected to be safe with the patches installed, but may leave the machine open to manipulation if further vulnerabilities are discovered.
February 22nd, 2003 by Dana Roode
Network-based attacks are in the news with increasing frequency. Among the preventative steps NACS takes is to close network “ports” used by these attackers. Two recent examples are “Messenger spam” and the “SQL Slammer Worm.”
The Windows Messenger Service is a normal part of the Windows Operating system, intended to allow system administrators to communicate with computer users. But hackers have figured out how to send pop-up ads to your computer, without your permission, using this same mechanism. Once NACS closed the Messenger network port, UCI computer users could no longer be reached by these innovative spammers.
The weekend of January 25-26, thousands of computers and networks around the country were disabled by the SQL Slammer Worm, aka “Sapphire,” which attacks computers through the MS SQL service. Vern Paxson of LBNL reports,
“This worm required roughly 10 minutes to spread worldwide making it by far the fastest worm to date. In the early stages the worm was doubling in size every 8.5 seconds. At its peak, achieved approximately 3 minutes after it was released, Sapphire scanned the net at over 55 million IP addresses per second. It infected at least 75,000 victims and probably considerably more.”
UCI users hardly noticed the attack that crippled other campuses, and even parts of Microsoft itself, because NACS had previously closed the SQL network port used by the worm (following advice from Foundstone, one of UCI’s security partners).
February 22nd, 2003 by Dana Roode
Some of the tough jobs are those which nobody notices unless you make a mistake. Such a job is the work NACS does behind the scenes to make sure the cabling projects which bring voice and data to your office run smoothly.
NACS sponsored two days of free training on fiber and copper cable termination, fire-stopping, and bonding and grounding at UCI on December 17 and 18.
- Corning Cabling Systems staff discussed and provided hands-on training on fiber optic cabling;
- 3M Fire Protection Products staff spoke about fire-stopping;
- PCC Products, Inc., staff discussed and provided hands-on training on copper termination and Nordx products;
- Harger staff spoke about and demonstrated bonding and grounding.
Attendees included electricians from UCI’s Facilities Management department who are now equipped to do a better job in future cabling projects.