Presentation is loading. Please wait.

Presentation is loading. Please wait.

On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer

Published byFrederica Walters Modified over 9 years ago

Similar presentations

Presentation on theme: "On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer"— Presentation transcript:

1 On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer rdc@slac.stanford.edu

2 6 October 1999SLAC Computer Security2 Security Issues Passwords - problems with cleartext, reused –Easily guessed/cracked –Shared passwords (people/systems) –Sniffed password (switching is NOT a solution) Poorly maintained systems –Multiple use vs. single use –OS and app release and patch levels –Dependence on “firewall”

3 6 October 1999SLAC Computer Security3 Clear Text Passwords email - POP and IMAP –email appliance under investigation –supports SSL and possibly kerberos telnet and rlogin –ssh is replacement, computing / unix pages –try for September 1, 1999; ssh version 1 ftp –later; use sftp in ssh version 2

4 6 October 1999SLAC Computer Security4 Issues Problems with ssh? –Available daemons? (VMS) –Available clients? (Windows) –Other options? (SecureID) Problems with schedule? –Need to move forward GAO Audit, pressures from DOE –It’s time

5 6 October 1999SLAC Computer Security5 Other Publicity BaBar Collaboration Presentation - 25June SLAC Publications –SLAC Users Group –SLAC Bulletin Board –QuickNews –Web page with Questions/Answers

6 6 October 1999SLAC Computer Security6 Actions by Security Staff Assist in installation of ssh –OS/2 –Outdated Digital Unix Personal email to telnet/rlogin users –System logs –IDS logs Warn security officers at other labs Temporary Exemption for SSRL

7 6 October 1999SLAC Computer Security7 Lessons Learned Getting the word out is VERY difficult –People are too busy to read publications –Language difficulties Need to be flexible but firm Let other sites know your plans –They can help with the publicity Easier than we expected - surprising support

Download ppt "On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer"

Similar presentations

Create a Web Site with Publisher 2000 for Marilyn Seguins Class.

Create a Web Site with Publisher 2000 for Marilyn Seguins Class.
Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC.

Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC.
Introducing SysAid 5.1 New Features. 12/ 2 Content New Knowledgebase and FAQ abilities Improved Search Additional email protocols Improved history and.

Introducing SysAid 5.1 New Features. 12/ 2 Content New Knowledgebase and FAQ abilities Improved Search Additional protocols Improved history and.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or 415.514-3333 UCSF Campus VPN.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
HEPNT/HEPiX meeting Oct 6, 1999 1 Securing mail access with Kerberos and SSL Wolfgang Friebel DESY.

HEPNT/HEPiX meeting Oct 6, Securing mail access with Kerberos and SSL Wolfgang Friebel DESY.
File Transfer and Use of Clear Text Passwords Update NERSC Users Group Meeting Stephen Lau NERSC June 21, 2015.

File Transfer and Use of Clear Text Passwords Update NERSC Users Group Meeting Stephen Lau NERSC June 21, 2015.
Information Search Tutorial 9.200 Information Systems for Management1 Tutorial: Information Search.

Information Search Tutorial Information Systems for Management1 Tutorial: Information Search.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Collaborative Tools Sharing Knowledge: Media Wiki and other collaborative tools -- Matt Bellis Sharing Code: Distributed version control and social development.

Collaborative Tools Sharing Knowledge: Media Wiki and other collaborative tools -- Matt Bellis Sharing Code: Distributed version control and social development.
Computer Security Update Bob Cowles, SLAC stanford.edu Presented at HEPiX - TRIUMF 23 Oct 2003 Work supported by U. S. Department of Energy.

Computer Security Update Bob Cowles, SLAC stanford.edu Presented at HEPiX - TRIUMF 23 Oct 2003 Work supported by U. S. Department of Energy.
Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.

Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Introduction to Computer Administration System Administration

Introduction to Computer Administration System Administration
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.
User Services. Services Desktop Support Technical Support Help Desk User Services Customer Relationship Management.

User Services. Services Desktop Support Technical Support Help Desk User Services Customer Relationship Management.
14th April 1999Hepix 19991 Oxford Particle Physics Site Report Pete Gronbech Systems Manager.

14th April 1999Hepix Oxford Particle Physics Site Report Pete Gronbech Systems Manager.
National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.

National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.

©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.

Similar presentations

Ads by Google