The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics

Slides:

Advertisements

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Advertisements

... Objective Internet Working ISP TOT, TT&T, CAT,SAMART Dial up ADSL Leased Line Satellite.

Site report for KFKI RMKI Piroska Giese HEPiX ‘99 meeting at RAL April.

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Technology Update TSAG Meeting 9/12/02. Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Infrastructure Mark Rosenberg UCCSC. UCCSC – August 9, 2005 What is LBNL? A Department of Energy National Laboratory, operated by the University.

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

CT NIKHEF Nov Mail NIKHEF CT system support.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

Technical Coordinators Meeting Chris Bongaarts Steve Siirila January 11, 2006.

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

The PC Evolution  Began in the late 1970’s with the development of 4 bit and 8 bit microprocessors  Market penetration started with the MAC and IBM PC.

IT:Network:Applications Fall  Running one “machine” inside another “machine”  OS in Virtual machines sees ◦ CPU(s) ◦ Memory ◦ Disk ◦ USB ◦ etc.

Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Virtual Company Group 8 Presentation Date: June /04/2017

© 2010 Cisco Systems, Inc. All rights reserved. 1 CREATE Re-Tooling Discovery Server Installing and Using it in the Discovery and Exploration Classes Angel.

Click Tools, then Account Settings. Click New… Click Microsoft Exchange, POP3,IMAP, or HTTP, then Next.

Computing services for the Traveling Physicist Alberto Pace CERN – Information Technology Division.

Webmail. Agenda Why use webmail? Why use webmail? What is webmail What is webmail – basic » system MDA MDA MTA MTA MUA MUA »Protocol SMTP SMTP.

Postacademic Interuniversity Course in Information Technology – Module C1p1 Chapter 3 Applications of Data Communications.

N ETWORKED & D ISTRIBUTED COMPUTING S YSTEMS L AB Programming Assignments EE323 Computer Networks.

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e

Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.

Chapter 6: Packet Filtering

By Kyle Slinger.  A network is where you can send information to and from different PCs.

Week 1 – Seneca Networking Environment. Agenda Overview of Seneca Server names How to access servers Terminal Emulation (Putty) Browser – IE, Netscape,

Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦

CERN’s Computer Security Challenge

Copyright © 2002 Pearson Education, Inc. Slide 3-1 CHAPTER 3 Created by, David Zolzer, Northwestern State University—Louisiana The Internet and World Wide.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Sakai/OSP Portfolio UvA Bas Toeter Universiteit van Amsterdam

Paul Scherrer Institut 5232 Villigen PSI HEPIX_AMST / / BJ95 PAUL SCHERRER INSTITUT THE PAUL SCHERRER INSTITUTE Swiss Light Source (SLS) Particle accelerator.

15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.

The Internet Just the Facts. Protocols TCP/IP are the TRANSPORT protocols of the Internet Services use TCP/IP to connect to other computers on Internet.

MySQL and PHP Internet and WWW. Computer Basics A Single Computer.

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

KFKI CA József Kadlecsik KFKI RMKI

TSAG Meeting 1/09/02 Update on Current Technology Initiatives Steven Fitzgerald.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.

1CEA – DAPNIA - Saclay05/19/2003 CEA Saclay site report Amsterdam.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Linux Operations and Administration Chapter Twelve Configuring a Mail Server.

PINE. What is PINE? PINE is a light weight yet very powerful open source console based client developed by the University of Washington. It has.

Small Business Server 2003 Linux Small Business Server versus Linux functionality.

Overview Concern about free speech issues –One person’s SPAM is another person’s valued Have used a combination of: –policy, –staff follow up, and.

XXIII HTASC Meeting – CERN March 2003 LIP and the Traveling Physicist Jorge Gomes LIP - Computer Centre.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

FNAL Central Systems Jack Schmidt, Al Lilianstrom, Ray Pasetes, and Kevin Hill (Fermi National Accelerator Laboratory) Introduction The FNAL .

WARCS (Wide Area Remote Control for SPring-8)‏ A. Yamashita and Y.Furukawa SPring-8, Japan Control System Cyber-Security Workshop (CS)2/HEP Oct

Getting Connected to NGS while on the Road…

Fix Roadrunner Common Issues Call Roadrunner Support.

A few points to mention There are two Olympus machines!

Welcome To : Group 1 VC Presentation

Getting Connected to NGS while on the Road…

Communications & Computer Networks Resource Notes - Introduction

Presentation transcript:

The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics

Background Five independent research institutes sharing a common backbone network: KFKI Atomic Energy Research Institute KFKI Research Institute for Particle and Nuclear Physics Research Institute for Technical Physics and Materials Science Research Institute for Solid State Physics and Optics Institute of Isotopes and Surface Chemistry

Access control Redundant stateful packet filter at the border Only gateway machines available from outside on given service port(s) Outgoing client access is not limited (usually) Proxies, reflectors: VRVS reflector running H.323. Gatekeeper & proxy, planned VNC reflector, planned

Central services DNS service (delegated domains) Time service SMTP gateways, POP/IMAP, mailing lists Campus web server, webmail CA, planned Hosting: Grid cluster (50 CPU, 2TB)

Central SMTP service Three redundant mail gateways Postfix MTA + amavis + McAfee virus scanner Body checking for “dangerous” content Spam filtering Outgoing is not forced trough the mail gateways

No central... User management File service POP/IMAP service – but centralized IMAP support via webmail

One-way travelling Lack of big experimental equipment – physicists hosted occasionally Institute members travel regularly: CERN, US labs, fusion labs (Garching, JET), etc. Exception: cluster for Grid Planned Tier-2 center Planned access control via packet filtering and/or using PKI

Guests Temporary accounts opened From the accounts they have as much right as the local users Use local resources lightly, mostly to get access to their home institute

Access from outside The gateways are available only over: Telnet – will be closed down in April Ssh POP/IMAP – will be closed down in April POP/IMAP over SSL/TLS Floating licence servers from selected places SMTP AUTH access over SSL/TLS planned for travelling physicists, ADSL and cable modem users Password authentication

Specialized tools Webmail: main internal IMAP servers are available from outside over HTTPS No VPN support yet

Internal informations Informations are usually available freely to anyone: Addresses Phone book addresses Organizational informations Internal mailing lists and archives are protected

Supporting travellers Travelkit, available from the web: Putty binary Complete installation, configuration and erasing instructions in Hungarian Carrying hardware-autodetecting CD-based Linux system (Knoppix) suggested, CD image available from the web ADSL/cablemodem users are regarded as anyone outside (SMTP AUTH is a missing bit)