Editor's note: This is the second article in a two-part series on computer network security at Penn State. The first part of the series on e-mail security appeared in the Jan. 20 issue of Intercom.
By Heather Herzog
Computer and Information Systems
In the last decade, the World Wide Web has transformed universities into globally linked, interactive communities. Faculty share information across continents on a daily basis. Instructors post syllabi and course tips at Web sites for students to access 24 hours a day; and Web-based distance education enables students to study courses such as Penn State's "Turfgrass 230" from places as far away as Australia and the Middle East.
Unfortunately, this digital interchange is under siege, according to network security officials.
Deborah Hurley, director of the Harvard Information Infrastructure Project, a Harvard University research program involved in defining national and international Internet policy, notes that while there's a lot of good news about information and communications technologies, intrinsic security is generally growing worse.
"There are more computers, more networks, more data and information and, most significantly, more fallible human beings connected to and using the system," said Hurley. "We rely on the goodwill of many people, around the world, not to use their technological knowledge in deleterious ways. At the same time we are more dependent than ever on the continued functioning of critical information systems."
Although scholars may find it increasingly convenient to scroll through electronic journals and periodicals for their research needs, security experts caution they should be on the look out for some carefully hidden dangers.
"While still rare, it is becoming increasingly possible to acquire hostile code while surfing the Web," said Kathy Kimball, director of computer and network security at Penn State. "So it's important to be aware of the preventative measures that can be taken before starting on these ventures."
One of the most important things users can arm themselves with to protect their computer while it's online, according to Kimball, is knowledge. She said users should be aware of the potential dangers. In recent years, several concerns have emerged, including:
-- Cookies: Usually not hostile in nature, cookies are small amounts of information that can be downloaded to your computer when you enter a Web site. When you return to the site the cookie tells advertisers statistics about your browsing habits (the amount of times you've visited their site, the pages that you've viewed and how often you return to specific pages.) In this case, the danger is a privacy concern since, in the wrong hands, personal information obtained with the cookie could potentially be used in a harmful manner.
-- Malicious code: Code such as viruses, trojan horses, worms and hostile applets reside at a small handful of sites on the Web with a singular purpose -- to infect computers. In some cases, computers can be contaminated simply by the user clicking on a specific link at a site. In others, the attack is launched when a file or application is downloaded. Either form of attack can have unpleasant results. While some Web-based attacks are harmless pranks, others can potentially launch destructive programs.
If you're designing or maintaining a Web site, as many faculty members and departments are doing nowadays, there are other concerns, like:
-- Hackers: Public Web sites are hacked almost daily by individuals with a wide assortment of motives. Many hackers are network "joy riders," looking for computers that are vulnerable to the types of attacks that can be freely downloaded from the Internet. These intrusions can be embarrassing, if the hacker exposes the fact that data that is supposed to be secure and protected (such as social security numbers, names and addresses) is actually accessible.
-- Crackers: Crackers deliberately attempt to destroy or deface Web sites, computer systems and other computer related facilities, usually for personal or political reasons. Recent attacks on the FBI, White House and The New York Times' Web sites, are all examples of the defacement of public Web sites by crackers. In some instances, pornography or embarrassing rhetoric is uploaded or files are erased; in others the graphics are altered to change the appearance of Web pages. In a well-known case, for example, the welcome message on the U.S. Air Force home page was replaced with crimson eyes, dripping blood and sexually explicit imagery.
-- Syn attacks: A Syn attack creates a major traffic jam at a Web site by overloading it with connection requests. The attack makes it impossible for legitimate surfers to access the site until the problem is corrected.
Sounds scary, huh? Fortunately, there are many ways to protect yourself from the concerns outlined above, according to Kimball. Software is available to help individuals determine what information their browser reveals about them online, and a variety of "cookie busters" can be installed by Internet users to enable their computers to accept or reject cookies.
"In addition, anti-virus software is essential for all computer owners," said Gerry Santoro, lead research programmer for the Center for Academic Computing. "It's the first line of defense against malicious code. After you install anti-virus software, be sure to update it often, so that the newest viruses are covered and always back up all of your computer files. Check that the software monitors all areas -- hard drives, floppy disks, network, drives and CD-ROMs -- and is set up so that it will interrupt you with a warning when you open up an infected file."
If you're designing a Web site, Kimball suggests not posting personal information about yourself -- especially phone numbers, social security numbers, addresses and passwords. If you're collecting this information for administrative reasons, be sure you're using a secure, well-administered server with encryption (coding) capabilities. Web sites also can be protected from hack attempts in a number of ways.
A "refreshing" system can be installed which will automatically copy over the Web directory on a regular basis. The refresher will replace the site with its original content quickly after an unauthorized alteration occurs. In addition, a "staging" server is a useful tool for Web masters who need to make frequent changes to their home pages. Modifications can be made by authorized staff to the staging server and the "live" server (which holds the actual Web site) will then be updated by the staging server through a single secure channel.
If you experience what you believe to be a computer security incident, notify the University Computer, Network and Information Security Office at (814) 863-9533; there is a 24-hour help line at (814) 863-HELP); or send e-mail to security@psu.edu. If you have questions or concerns about computer viruses, contact the Center for Academic Computing (CAC) Help Desk at (814) 863-1035 or (814) 863-2494.