Search Stanford:
 

Latest News

• Security Alerts

Security Information for...

• Personal Computer Users
• Technical Professionals
• Administrators, Department Heads, or Principal Investigators

Related Pages

• Information Security Office
• BigFix
• Security Training
• Recommended PC Software
• Recommended Mac Software
• Keeping your software up to date
• Avoiding email viruses

• Information Security Office
• Secure Computing
• ISO FAQ

ISO Frequently Asked Questions

Stanford Information Security Office FAQ

1. What makes a risky firewall rule?
2. Why is FTP or Telnet an insecure protocol?
3. Why is NetBIOS, Samba or RDP an insecure protocol?
4. Are there risks with SSH, HTTP or...
5. What is LoJack for Laptops?  How can it help me?
6. Can I forward my Stanford email to my gmail, yahoo mail or some other email account or calendar system?
7. Can I send a list of names and student id numbers to another office on campus?
8. How do I send Prohibited or Restricted data via email?
9. Is AFS a secure file sharing protocol?
10. What is Angry IP Scanner? Is it malware?
11. Questions we haven't even thought of yet...

Stanford Information Security Office Answers

The purpose of this FAQ is to answer commonly asked questions about hosts or servers behind Stanford's administrative and departmental firewalls..

What makes a risky firewall rule?

Risky firewall rules allow access to a host or server from the Internet on an insecure protocol or service. If you need to make this service or application accessible to the outside world please try and limit it as much as possible.  If all your users are on campus you can limit the access to campus. If the users are affiliated with Stanford but some are off campus you can have them use the public VPN. If the users are off campus and not affiliated with Stanford only then you will need to open the service up to the outside world. The smaller the hole you open in the firewall the better.

The servers behind the administrative firewalls contain critical and sensitive data and therefore are held to a higher standard of security.  Therefore there are additional criteria that may classify a rule as risky.

Why is FTP or Telnet an insecure protocol?

FTP and Telnet are insecure protocols because they use plain text authentication.
This means that when you authenticate to the telnet or ftp server you send your login and password across the network un-encrypted or "in the clear".  In addition to sending the login and password in the clear telnet and ftp also send the data or payload in the clear as well.  It is best to replace these insecure protocols with a more secure replacement such as SSH or SFTP (FTP over SSH).  SSH encrypts the login and password as well as the data.  SSH attempts to gain back some of the additional overhead of encryption by compressing the data at the same time.

Why is NetBIOS, Samba or RDP an insecure protocol?

NetBios, Samba or CIFS (Common Internet File System) are all names for Microsoft file sharing. This family of protocols has a long history of vulnerabilities and insecure default settings.  For this reason these protocols are blocked both inbound and outbound by the Stanford border routers.  RDP, also know as Microsoft terminal services or Remote Desktop Protocol is a very powerful tool.  RDP allows you to connect remotely to a Windows host and control is as if you were sitting at the keyboard.   Due to the dangerous nature of this protocol it is strongly recommended to use the Stanford VPN to RDP to hosts on campus.

Are there risks with SSH, HTTP or ... protocol?

Yes! There can and will be potential vulnerabilites associated with any application or service you allow to run on your host.  The best thing you can do is make sure your operating system is properly hardened and patched.  In addition to patching and hardening the operating system you need to make sure you properly configure and update any applications running on your host.  What is safe today may have a vulnerability tomorrow or next week.

What is LoJack for Laptops?  How can it help me?

LoJack for Laptops is a software product from CompuTrace that can help recovering a lost or stolen laptop.  LoJack can "phone home"  and report its location, using dialup or broadband internet access. LoJack ties into the TPM (Trusted Platform Module) in the bios of many newer laptops making it harder to disable or uninstall.  LoJack will attempt to reinstall itself if the harddrive is replaced.  The premium product can remotely erase and overwrite your files.  CompuTrace has relationships with law enforcement to help you in recovering your stolen laptop.

IMPORTANT NOTE If your laptop contains Restriced or prohibited Data, LoJack DOES NOT ENCRYPT your data.  You will need to use TrueCrypt, EFS, PGP or some similar encryption product to encrypt this data.  If your laptop is stolen it is a data breach and must be reported to the Information Security Office immediately.  Stanford is offering PGP Whole DIsk Encryption for any university laptop that contains Restricted or Prohibited Data.

Adeona is an open source system for tracking lost or stolen laptops that runs on Windows XP/Vista, Mac OSX or Linux.

Remember, neither of these products encrypt your files.  If you have Sensitive or Restriced Data on your laptop and you can not remove it you must use another application to encrypt this data.

Can I forward my Stanford email to my gmail, yahoo mail or some other email account or calendar system?

It is Stanford's policy to protect the integrity and privacy of its data.

Information transmitted using non-Stanford email, calendar or other services are stored on their servers. As a result, if members of the Stanford community use these services to conduct Stanford business, our data is stored on their servers and no longer in our control.

Stanford's email and calendar systems are designed to protect the integrity and privacy of Stanford's prohibited, restricted and confidential information.

For these reasons, all Stanford business email should be transmitted using Stanford email systems and not forwarded.

Can I send a list of names and student id numbers to another office on campus?

Student name and SUNet ID would be classified as Confidential Information.  The Zimbra mail servers are configured to require encrypted connections and are approved for sending Confidential and Restricted data to on campus recipients.

How do I send Prohibited or Restricted data via email?

If you need to send Prohibited or Restricted data via email use the Stanford secure email service.

Is AFS a secure file sharing protocol?

AFS is a secure service if it is configured properly via file permissions and access control lists. If you would like the UNIX group to review the permissions currently on your AFS space, they will be happy to do so.

AFS is a Global file system and therefore anyone can read files with the permission system:anyuser, anywhere in the world.

You can further secure your data by encrypting it on AFS space or even password protecting the file. The UNIX group can assist with doing that for you as well.

What is Angry IP Scanner? Is it malware?

Despite the name and the fact that anti-virus programs frequently label Angry IP Scanner as malware it appears to simply be an open source port scanner:

http://www.angryziber.com/w/Home

http://sourceforge.net/projects/ipscan/

There is even a petition to get the AV vendors to remove it from their malware lists:

http://www.petitiononline.com/angryip/petition.html

Unless you are seeing it scanning when the owner of the system is not aware of it I would not be concerned. Several applications install Angry IP scan when they install themself so it could be installed without the users specifically choosing to install it.  It looks like some applications use it as a "poor man's HP Openview" to check if systems are up rather then polling them with snmp.

Questions we haven't thought of yet...

If you have any additional questions please email the Information Security Office at security@stanford.edu