CLAS Computing
Originally published in the January 1999 issue of CLASnotes.
There are several matters that I would like to bring to your attention over the next few issues of CLAS notes. This month, I'll address security matters and new faculty desktop computers.
During the late spring and summer, CLAS was granted $150K from the Provost's office for the purpose of upgrading faculty computers as a step towards getting the faculty in compliance with the student computer requirement. These funds, along with a supplement from the CLAS Dean's Office, allowed us to purchase almost 150 desktop machines, which were doled out among the departments on the basis of requests made in the Spring Academic Program Reviews. We intend to continue this process. The Dean’s Office plans to replace a similar number of faculty machines each year, putting all faculty machines on a four-year replacement cycle.
Most of the new machines are Pentium PC's, and are equipped with 2 - 4 GB hard disks. All this space makes it convenient to store documents on your private hard disks. However, storing things on your local disk means that your work will not be backed up unless you or your systems administrator has a backup scheme in place and executes it regularly. Ideally, such backup copies will be stored in a place remote from the original copy. Desktop disk failure problems may mean loss of your work if backups have not been made on a regular basis. On the other hand, if you store things on the CLASnet disks, your H drive, they will automatically be backed up daily, and the backup copies will be stored in a remote location. Details for doing this are available from your departmental computer contact or from consult@clas.ufl.edu.
In another step aimed at bringing the College into sync with the student computer requirement, the Provost has authorized funds to rewire several of our buildings, which presently have old thin-net wiring. Work has started to rewire Bartram/Carr, Dauer, Psychology, and Walker with new cat5 twisted pair. This will include upgrading building switches, which should result in better and faster service for all residents of those buildings.
On a separate note, security against hostile break-ins is becoming an ever more serious need. Chemistry, Statistics, Physics, NWE and Math were all hacked during the fall semester. The first line of defense against hackers is to use a good password. A bad password is one that can be found in a dictionary (English or any other reasonably common language), as many password-cracking programs used by hackers are based on dictionary lookup algorithms. Other bad passwords come from your name, birthday, phone number, social security number, and the like. A better password can be formed by taking a word you can remember and misspelling it such as doadsitn instead of roadsign. Another method is to use the first letters of a phrase that you can remember, such as (now is the time for all good men) nittfagm. The best solution is to sprinkle upper case and non-alphabetic characters in your password, such as nItt;faGm. In no case should you tell anyone else what your password is, nor write it down. (Now that these examples are published, they are no longer secure passwords!) Note that a systems administrator never needs your password.
Another way for hackers to break into a computer is to use a sniffer. A sniffer is a program installed somewhere along the path between your dial-up machine and the machine you want to log into that looks for packets labeled userid and password. Each time such a pair comes across, the sniffer stores the information, and thus builds a table of userids and passwords that the hacker can compile to break into a machine. Since you create such packets each time you telnet or rlogin to a remote computer, the opportunity for hacking is very real. One way around this problem is to use the secure shell (SSH) for remote logins, rather than telnet or rlogin. This system avoids sending the password packets, and thus avoids the possibility for hacking. To use SSH, it must be installed on both the home-based machine and on the server to which you wish to log in. The CLAS servers and most departmental servers are now equipped with SSH capability, and free or inexpensive SSH packages for your home machines are available from the Net for most computers. The Dean's Office will soon have a Web page concerning security problems accessible from the computing option on the CLAS home page (http://www.clas.ufl.edu/computing) which will provide further information about security issues and will help with the installation of SSH and similar packages.
Credits
Writer
Jack Sabin, CLAS Director of Information Resources and Technological Programs
