Saturday, March 26, 2005

One Security Technique

MSMS Alumni Association FAQ: "What went wrong and why:
As far as alumni were concerned, Garfield was pretty much the same at this point. But, since alumni and students could login, the firewall wasn't exactly serving its purpose. For example, Garfield was hacked by outside persons (non-alumni) and much havok was caused. In addition, a group of students were caught hacking garfield. This (plus the fact that if you can login to the proxy server you can circumvent the proxy server) caused a decision to be made to not allow telnet access to student or alumni. In fact, telnet access from the outside is disallowed completely. Mysteriously, login access disappeared for everyone, causing much confusion. It was at this point that I (David Bradley) came over to MSMS to discuss the status of garfield with the network administrator. Garfield (due to repeated security problems) was sent off to UrLabs to be reinstalled. As a consultant to MSMS at the time, I (David Bradley) zipped up all the user accounts, the website, mail, etc., and burned them to CDs because alumni couldn't exactly retrieve those files themselves. To this day, those CDs have remained on a shelf next to the server, waiting to be called upon in the event someone had a really important file in their account. When the machine returned from UrLabs, they have reinstalled everything, updated the version of the OS and the proxy software."

Well, yes, I suppose that they've secured their server. Disallow all access. Burn the content to CDROMs and keep them next to the server. But what a price.

No comments: