Stanford University School of Earth Science
 
Home
News
New Users
Policies
Email
Web Hosting
Get Help
Net Connections
Macintosh
Windows PC
Unix/Linux System
Pangea Server
School Resources
    Use Policy
   Network
   Computer Labs
   Printers
   Security
   Univ Resources
   FAQ
Using Unix

Security risks

Last revision July 21, 2004

Computers attached to the Earth Sciences network are connected to every single other computer on the Internet. Because they are interconnected, there is the risk that a hacker could connect to your computer and do potentially damaging things or steal sensitive data. That risk exists if any part of your computer is listening for and accepting outside connections. Remote logins, file sharing, web hosting, and FTP serving, among others, all involve listening for connections from the outside. Hackers can potentially break into your system in several ways.

Guessing passwords

The first way a hacker can gain access to your computer is by somehow obtaining your password. If you have a very easy to guess password that uses common English or foreign words, you are at risk. Hackers have programs that can sequentially try to connect to services using many possible passwords. Those programs try to guess passwords using various permutations of common English and foreign language words. The pangea computer system actually runs one such program on your password when you set or change it to make sure it isn't easily crackable. Or, a hacker may be able to intercept your password when you login to a network service.

Network scans

The second way hackers get in is by exploiting security holes, or bugs, in the software that provides the network service. Hackers generally search for these bugs by "scanning" the network. That is, using a computer of their own, or more likely, a computer belonging to someone else that they have taken control of, the hacker's program will attempt to connect to every possible IP address within a given range (for example, all addresses on the Stanford campus). The connection attempts will be carefully crafted to determine if this computer has a known bug. If so, the scanning software notifies the hacker, who can then exploit that bug to take control of the computer.

On average, a new hacker scan of the Stanford network starts every few minutes! If you put your computer on the network with open accounts or other well-known security bugs, it will be compromised by a hacker within an hour.

Many software companies try to combat this problem by regularly releasing updates to their software whenever a security hole is found.

Eavesdropping

Eavesdropping is another security risk posed to networks. Because of the way some networks are built, anything that gets sent out is broadcast to everyone. Under normal circumstances, only the computer that the data was meant for will process that information. However, hackers can set up programs on their computers called "sniffers" that capture all data being broadcast over the network. By carefully examining the data, hackers can often reconstruct real data that was never meant for them. Some of the most damaging things that get sniffed include passwords and credit card information.

The School of Earth Sciences wired network is constructed as a fully switched network. This means that data packets exchanged by two computers are not broadcast to any other computers on the network. This limits the ability to "eavesdrop" on network traffic within the School. But connections into our computers from home or other institutions may be vulnerable to eavesdropping.

 


Comments?

Stanford University    |