CERN Accelerating science

This website is no longer maintained. Its content may be obsolete. Please visit http://home.cern/ for current CERN information.

CERN home pageCERN home pageDocuments by ReferenceDocuments by ReferenceCNLsCNLsYear 2001Year 2001Help, Info about this page

Contents

Editorial Information
Editorial
If you need help
Announcements Special 35th Anniversary Physics Computing Desktop Computing Internet Services and Network Scientific Applications and Software Engineering Desktop Publishing The Learning Zone User Documentation
Previous:Internet Services and Network
Next:LocalTalk Networking End
 (See printing version)



Computer Security at CERN: Risks are Increasing

Denise Heagerty , IT/IS (CERN Computer Security Officer)


Abstract

Computer security incidents are increasing across the Internet as a whole. Intruders target academic sites, such as CERN, to profit from their powerful systems and good Internet connectivity. This article outlines some key risks and how you can help to reduce them.


Your responsibility
Almost every week new threats and incidents are followed up by CERN's computer and security specialists. Every CERN computer user and system administrator has a responsibility for CERN's computer security, as defined in Operational Circular No 5, available at http://www.cern.ch/ComputingRules.

Protect your passwords
The most common form of computer break-in at CERN is via accounts with passwords that become known to intruders. This may be because the password has been guessed or has been discovered by an intruder. You must choose passwords which are difficult to guess and keep them private. When you are travelling and need to access the CERN network from a remote site, you should check with your contacts there for the most secure way to connect to CERN. It is not uncommon for intruders to run software which can collect passwords, either when typed on a system or when passing in clear text (unencrypted) on a network. You should therefore take care to use a securely managed computer and where possible use software which encrypts your password.

Prevent viruses and SPAM
Viruses and unsolicited e-mail, known as SPAM, remain a constant annoyance for us all. There has been a significant increase in both of these across the Internet as a whole. Viruses are often spread by innocent users opening unexpected attachments. Do not open attachments which you are not expecting or that you find suspicious. E-mails warning of viruses are almost always a hoax and can be deleted, along with other unwanted SPAM mails. E-mail which requests you to forward it to many people is also usually a hoax, as are e-mails requesting money or support for a cause. Delete such e-mails without answering or forwarding them. A database of known viruses and hoaxes can be checked from the CERN security web pages, http://cern.ch/security. Anti-virus software, plays an important role in reducing the impact of viruses and should be run on all CERN PCs. If you suspect your system has a problem related to a virus then contact Helpdesk@cern.ch.

The CERN mail service plays a key role in reducing unwanted viruses and SPAM entering CERN. Restrictions on attachment types which regularly contain viruses have been introduced for CERN mailing lists and these restrictions will soon be extended to the CERN mail servers. Unfortunately complete prevention of unwanted e-mail will remain impossible.

Disable non-essential applications
Another common computer break-in is the exploitation of security holes in operating systems and networked applications, with web and ftp servers being prime targets. If you administer your own computer then make sure you are aware of the applications you require and disable all others. You may have applications running which you do not need. All applications have a risk of containing security holes which if exploited can impact more than your own system since an intruder can then use it to attack others. If you do not need to run web, ftp or other applications on your system then
you will reduce the security risk for all of us by disabling them.

Regularly install security patches
Insecure systems on the CERN network increase the risk for the whole site. System administrators need to keep their systems regularly updated with security patches, both for the operating systems and every application service accessible on the network. System administrators running CERN-certified operating systems can profit from IT Division's services which apply tested patches automatically or provide them for manual installation. To help keep common applications secure, we have recently started network security scanning. This is initially targeted to help web server security but will be extended to ftp and other applications. Further information on network security scanning at CERN is available at http://cern.ch/security/scans.

Summary
Increasing computer security problems are a sign of the times and we must all adapt to reduce them. Protecting passwords, not opening suspicious or unintended e-mail attachments, preventing unnecessary access to computers and applications, and regularly installing security patches are a good start in the right direction.


About the author(s): Denise Heagerty is the CERN Computer Security Officer.


For matters related to this article please contact the author.
Cnl.Editor@cern.ch


CERN-CNL-2001-002
Vol. XXXVI, issue no 2


Last Updated on Fri Aug 03 12:02:34 CEST 2001.
Copyright © CERN 2001 -- European Organization for Nuclear Research