SIUC - College of Science - General Information


COS Computer Support
		Within the past six months, Geology and Plant Biology both fell victim to active, direct attacks by hackers outside the campus. In at least one of the cases, the machine was used for possibly illegal activity. Files were made available from these machines to the Internet. Information Technology informed us that these computers were causing an "extreme" amount of network traffic. That was the only hint the machines had been compromised. Several factors facilitated the hackers' success. One was unfettered access to the machines. We do not provide any "firewall" between the wall jack and the Internet. Hackers constantly scan computers on campus for weaknesses. They note the IP addresses of machines that can be attacked. The other factor? Passwords. If a hacker can guess the user name and password, he or she can gain access to that machine based on the rights of the users. If that user is "administrator" of the machine, the entire machine is at the hacker's disposal. "Administrator" is built into every copy of Windows. It's not too hard to guess that user name. Our two machines never stood a chance. Newer operating systems like Windows NT, 2000, and XP have better networking components. They also have stronger security measures as well. The added networking capability makes them more suited for hackers to compromise for their nefarious ends. The security measures make them less easy but not impossible to breach. When we install a new machine and use the built-in Administrator account with a simple (or no) password, that machine becomes an easy target. What can you do? Do not use the Administrator account for normal access. Create a new user with "power user" privileges for normal operation. You can add and change users from the control panel - users and passwords module. Put a strong password on each user account. WARNING: Do not lose the administrator password! It will still be required for computer maintenance. A strong password is at least 7 digits, is not a word or name, contains at least one number and one special character like !@#$%^& and uses a mixture of upper and lower case letters. Passwords with names and words are easily cracked using common hacker tools. Consider installing a personal firewall on each PC. I have had good luck with ZoneAlarm but there are many options including Sygate Personal Firewall, BlackIce, Norton P ersonal firewall and McAfee Personal Firewall. Here's one you've heard from me before - keep Windows updated. Use the Windows Update page or use their automated update program. While antivirus didn't help in either case, it can't hurt. McAfee will detect most "Trojan" files used by hackers to compromise a computer. Remember, the campus has a site license for McAfee VirusScan (XP? Install SP1 too). It's free to use and distribute amongst faculty, staff, and students. This and other software can be downloaded from the SIU FTP Server. If you have any questions about this topic, please call Tom at 453-2934 or e-mail at tharbert@cos.siu.edu. I would rather help make computers more secure than help recover from a hacker.
Comments and questions regarding the College of Science: dean@cos.siu.edu Comments and questions regarding this web site: webmaster@cos.siu.edu SIUC / College of Science / General Info URL: http://www.science.siu.edu/cos/pcpasswordst.html Last updated: 6 Nov 02/twh

COS Computer Support