NACS would like the campus community to be aware that there are increasing numbers of people who use their Internet access to attempt to compromise security on computers connected to the network. Their intentions are more often to “have some fun” rather than to steal anything. Simply gaining access, causing pointless network traffic, and the like, is sport for them. This means you need not have something “important” on your system for it to be a target. If hackers come, they will be disruptive — perhaps just in terms of the target system itself, but more likely in terms of the network as a whole.
LINUX, like other powerful, multi-user operating systems, is a frequent target among hackers. Last summer we had at least 10 Linux systems broken into. The hackers caused downtime, started “ping bombs” on local UCI networks that caused significant network slowing, forced users to re-install operating system software, and forced NACS to disconnect parts of the network at times to prevent greater outages/security-issues.
System Owner Responsibilities
Hackers will not stop at UNIX-based systems like Linux; Windows NT and other systems are also at risk. If you are the owner of a NT, Linux, UNIX, or other multi-user system, you should be aware of the possibility of network attacks. To reduce the likelihood of attacks, someone must follow security alerts and install patches on your computers as necessary. Further, your systems should be regularly inspected for signs of a break-in. If you need help, contact your local computing supporter or NACS for advice.
NACS Actions to Protect the Network
To maintain the integrity of the network, NACS must occasionally disconnect systems that have been violated. Every attempt is made to contact local supporters and/or system owners before taking such a step. Please take appropriate steps to make your systems secure to avoid losing network connectivity and to keep the campus network secure overall.
NACS also has a “firewall” router in place that controls flow of all traffic between UCI and the rest of the Internet. The firewall is occasionally used to disallow access from certain hosts or parts of the Internet that are the source of network problems or hacker attacks. Such access restrictions are announced to the Network Operations Mailing list, UCINET-OPS-NET@UCI.EDU, and are removed as soon as the appropriate authority can be notified and correct the situation. The firewall allows NACS to keep UCInet up and running despite the anti-social activities of a few.
NACS Security Team
NACS has recently created a team of NACS and other staff to review campus network and computer security, make recommendations on how to improve it, and act as a coordination device when network attacks occur. If you have questions, concerns or other input about network security, please contact NACS.