Trends and Issues in IT Security

A Scan of what’s happening on our campuses

With attention to:–Trends

–Primary issues and challenges

–Any opportunities for information sharing or common solutions?

Common Solutions Group, May 13, 1999

Philip Long, Yale University

This Morning

• Bob Mahoney, MIT

• Sandra Senti, Stanford

• Barbara Fraser, CMU/CERT

Yale Trends

Staff Dedicated to IT Security

0

1

2

3

4

AY97 AY98 AY99

Year

FT

E

Same Slope for other trends – Number of incidents– Actual damage– Campus alarm

Practice

• Using Internet Security Scanner (ISS)– But our policy prohibited full use without

seeking the permission of owners

• An increasing number of reported incidents

• Any law enforcement activity is incredibly time consuming

Most Frequent Security Problems

• Viruses– CIH damaged approximately 60 student

machines

• Password sniffing after standard crack– Still have lots of hubs in departments with grad

student sysadmins

Presentations

End of Session Summary

• Rapid rise in incidents– Based on easy-to-use cracker tools– And parallel to Internet growth

• Rapid rise in effort– New staff and– Permeating connections throughout existing organizations

• Tend to report only well documented incidents to law enforcement

• Clear interest in proactive work– Publicity, documentation on prevention– Scanning automatically or on demand– Policy issues?

Most Frequent Problems

• Linux

• Sniffed Passwords

• “The occasional ‘Interesting Thing’”

• Firewalls? – Configuring

– Getting around

Funny Things are Important

• Administrative ease of use of password management turns out to be critical to good password hygiene

Possible Common Solutions

• Information/tool sharing– standard Kerberos support for common platforms

– Kerberized or SSH tunneled FTP

– Policy Sharing

– auto-update, e.g., for Linux

• Can those of us who have security pages link to them from the CSG Web site?