Presentation is loading. Please wait.

Presentation is loading. Please wait.

On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer

Similar presentations


Presentation on theme: "On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer"— Presentation transcript:

1 On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer rdc@slac.stanford.edu

2 6 October 1999SLAC Computer Security2 Security Issues Passwords - problems with cleartext, reused –Easily guessed/cracked –Shared passwords (people/systems) –Sniffed password (switching is NOT a solution) Poorly maintained systems –Multiple use vs. single use –OS and app release and patch levels –Dependence on “firewall”

3 6 October 1999SLAC Computer Security3 Clear Text Passwords email - POP and IMAP –email appliance under investigation –supports SSL and possibly kerberos telnet and rlogin –ssh is replacement, computing / unix pages –try for September 1, 1999; ssh version 1 ftp –later; use sftp in ssh version 2

4 6 October 1999SLAC Computer Security4 Issues Problems with ssh? –Available daemons? (VMS) –Available clients? (Windows) –Other options? (SecureID) Problems with schedule? –Need to move forward GAO Audit, pressures from DOE –It’s time

5 6 October 1999SLAC Computer Security5 Other Publicity BaBar Collaboration Presentation - 25June SLAC Publications –SLAC Users Group –SLAC Bulletin Board –QuickNews –Web page with Questions/Answers

6 6 October 1999SLAC Computer Security6 Actions by Security Staff Assist in installation of ssh –OS/2 –Outdated Digital Unix Personal email to telnet/rlogin users –System logs –IDS logs Warn security officers at other labs Temporary Exemption for SSRL

7 6 October 1999SLAC Computer Security7 Lessons Learned Getting the word out is VERY difficult –People are too busy to read publications –Language difficulties Need to be flexible but firm Let other sites know your plans –They can help with the publicity Easier than we expected - surprising support


Download ppt "On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer"

Similar presentations


Ads by Google