Security

• Standard defense measures (tcpwrap, crack,etc.), switched ports, SSH/OTP, espionage

• Planning to provide KRB/KDC for entire lab, incident handling still largely ad-hoc, level of security can vary widely from machine to machine

• Kerberos V and SSH, phase out clear text passwords (KPOP, ktelnet...), “unsup” net, “tripkerb”

• Less emphasis on security than a commercial site, monitor for suspicious network activity and modification of important files, a 486 with console logins only syslogs everything , SSH & some Kerberos

Previous slide

Next slide

Back to first slide

View graphic version