Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gareth Smith RAL PPD HEP Sysman. April 2003 Security Changes at RAL.

Published byGodfrey Stafford Modified over 9 years ago

Similar presentations

Presentation on theme: "Gareth Smith RAL PPD HEP Sysman. April 2003 Security Changes at RAL."— Presentation transcript:

1 Gareth Smith RAL PPD HEP Sysman. April 2003 Security Changes at RAL

2 Gareth Smith RAL PPD HEP Sysman. April 2003 Firewall Arrangements Firewall blocks all incoming connection requests unless specifically allowed. –New tool available to view the blocks https://eagle.cis.rl.ac.uk/fwruleset/index.html https://eagle.cis.rl.ac.uk/fwruleset/index.html

3 Gareth Smith RAL PPD HEP Sysman. April 2003

4 Gareth Smith RAL PPD HEP Sysman. April 2003 Recent and Proposed Firewall Changes All incoming telnet blocked. (CERN have made a similar change). Will block incoming POP and IMAP to Exchange server. (Will allow secure versions).

5 Gareth Smith RAL PPD HEP Sysman. April 2003 Telnet/ftp issues Ssh has been around long enough that for most users the withdrawal of telnet was not an issue. ‘Bastion Host’ at RAL provides a route in. Useful graphical interface to scp for Windows users: iXplorer from http://i-tree.org/

6 Gareth Smith RAL PPD HEP Sysman. April 2003 iXplorer

7 Gareth Smith RAL PPD HEP Sysman. April 2003 Blocking IMAP and POP Force use of secure versions of IMAP and POP (I.e. over ssh tunnel). Many clients already support this: –Netscape, Eudora, Pine –For Pine set inbox-path to {exchange13.rl.ac.uk/ssl/user=abc25} Stunnel application allows any application to use a ssh tunnel. (See http://www.stunnel.org/) In future will also block MAPI interface from outside.

8 Gareth Smith RAL PPD HEP Sysman. April 2003 PPTP Point to Point Tunnelling Protocol is now an essential tool. –CERN opened up PPTP outbound to certain sites (including RAL) at about Christmas time. –This has enabled the tightening up of other protocols/systems.

9 Gareth Smith RAL PPD HEP Sysman. April 2003 Updates and Anti-Virus Move to Sophos anti-virus. (Includes home PCs of members of staff.) Application of regular updates “required” E.g. sendmail, some MS patches, some browser plugins (Quicktime, Shockwave).

10 Gareth Smith RAL PPD HEP Sysman. April 2003 Other Issues We filtering being tried. –Use of a blacklist of sites. Concern over ‘illegal software’ and the possibility of having to investigate this. Security audits –Documented procedures, appropriateness of backups, disaster recovery, application of updates, …..

11 Gareth Smith RAL PPD HEP Sysman. April 2003

Download ppt "Gareth Smith RAL PPD HEP Sysman. April 2003 Security Changes at RAL."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
D2 – ICT Don’t worry about IT. Services offered  Desktop support 2000, XP, Vista, Windows 7 \ Windows 8.1  Windows Server and Windows SBS 2000\2003\2008.

D2 – ICT Don’t worry about IT. Services offered  Desktop support 2000, XP, Vista, Windows 7 \ Windows 8.1  Windows Server and Windows SBS 2000\2003\2008.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Lesson 4: Web Browsing.

Lesson 4: Web Browsing.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Henry Nebrensky – CM26 – 24 March 2010 Computing Panel Discussion: SSH Bastion Henry Nebrensky Brunel University 1.

Henry Nebrensky – CM26 – 24 March 2010 Computing Panel Discussion: SSH Bastion Henry Nebrensky Brunel University 1.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
CT NIKHEF Nov 2003 1 Mail NIKHEF CT system support.

CT NIKHEF Nov Mail NIKHEF CT system support.
Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.

Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Gareth Smith RAL PPD HEP Sysman. April 2003 RAL Particle Physics Department Site Report.

Gareth Smith RAL PPD HEP Sysman. April 2003 RAL Particle Physics Department Site Report.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
14th April 1999Hepix 19991 Oxford Particle Physics Site Report Pete Gronbech Systems Manager.

14th April 1999Hepix Oxford Particle Physics Site Report Pete Gronbech Systems Manager.

Similar presentations

Ads by Google