Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technology Update TSAG Meeting 5/11/04.

Similar presentations


Presentation on theme: "Technology Update TSAG Meeting 5/11/04."— Presentation transcript:

1 Technology Update TSAG Meeting 5/11/04

2 Telephone and Voicemail Update
New Voic System is being installed: May 17 Voic users, via x3100, will be able to Configure their new voic before the cutover Retrieve old voic after the cutover (for a limited time) On the cutover date, x6500 will be remapped from the old voic to the new voic system

3 Udrive, Vdrive & Local Drives
The “Universal” Drive is available to all faculty, staff, and students \\udrive.csun.edu\<account_name> smb://smb.csun.edu/<account_name> Drive letters, U & V, need to be reserved (I.e., local units need to refrain from using these drive letters.) Issues: User must change their password (since last fall) WINS issue: \\ \<account_name> Active Directory: GPO to automatically map for all users done on users side (I.e., ITR must define the GPO) To implement automatic mapping of local drives: Define group via list of CSUN IDs and select drive letter GPO and Global group will be created within AD

4 Cyber Attacks Slammer, Blaster, SoBig, BugBear, Beagle, …, and now Sasser W32/Sasser-A attempts to connect to computers through ports TCP/9996 and TCP/445. If the Windows computers are not patched against the LSASS vulnerability, an FTP script is downloaded and executed, which connects to port 5554 and downloads a copy of the worm via FTP Campus Impact: Overall Internet performance was significantly reduced Several programs lost network connectivity for several days Academic and Business functions were negatively impacted

5 Effects of the attack: Signification Internet performance issues
Local areas: ….. Minor on-campus network performance issues We have sufficient bandwidth and processing power Signification Internet performance issues Its not a bandwidth issue It’s a flow issue Flows and Quarantine VLAN

6 Cyber Attacks (cont.) Assume: Can my machine be compromised? Yes
Antivirus is installed prior to the attack All patches are installed prior to the attack Can my machine be compromised? Yes (Does someone else have control of the machine? Yes) Can my machine participate in the DOS attack? Yes How can this happen? Software download by local user with admin privileges Trojan Horse Back doors How do I fix the problem? Locate and remove the affected code I.e., Reformat the drive and rebuild the machine!

7 Desktop Management All Campus computers must be managed.
Management includes: 1. 2. 3. 4. 5. n-2. All computer must have antivirus software that is up-to-date n-1. All computers must be configured to use a SUS server. Self-maintained computers may live update. n. All computers must utilized a NTP server

8 Campus AntiVirus Policy
All machines attached to the campus network must have antivirus software installed and up-to-date ~8K computers on campus UTBI (University Technology Budget Initiative) 4,000 renewal licenses 4,000 new licenses 36,000? Student and at-home licenses Waiting for May revise (today?)

9 Proposed IntraCampus ACLs
Purpose: to separate the campus into “specific” zones. E.g.,: Administration: client only machines Infrastructure: local servers Student: client only with ACL tight controls All inbound network connections to non-infrastructure subnets can be blocked This will further limit the spread of attacks to desktop computers Desktop standards are still NEEDED! We need information on ALL servers!!!


Download ppt "Technology Update TSAG Meeting 5/11/04."

Similar presentations


Ads by Google