[ Mission ] [ Dean ] [ Career ] [ Events ] [ Departments ] [ Prospective Students ] [ Links ] [ Research ] [ Degrees Offered ] [ Catalog ] [ Organization ] [ Home ] [ Contact Us ] [ Wichita State University ] Wichita State University: College of Engineering WSU
jobs imageConferencesScholarships

Computers and Networking Image

 Curve bar

SECURITY BASICS

This document provides BASIC instructions for building a secure desktop, workstation or server.

No matter what operating system you're using, the basic steps for securing it are the same:

  • Install all operating system patches.
  • Verify user account security.
  • Eliminate unnecessary applications and network services.
  • Install and configure necessary applications and network services.
  • Configure system logging to record significant events.
  • Keep applications and operating system patches up to date.
     

Install the Latest Patches

Immediately install the necessary patches for your operating system. Many security exploits prey on systems which are not kept up to date. Un-patched machines are frequently exploited within minutes of being attached to an open network.

Verify User Account Security

  • Disable Unnecessary Accounts Such as Guest Accounts. Operating systems may include a Guest account designed for temporary users. That's usually not a good idea, and in the vast majority of cases the Guest account should be disabled. In cases where disabling the Guest account is not possible, set a strong password for it instead.

  • Make sure all accounts have passwords set. Many operating systems still have root/administrator or other accounts without any passwords set, or have very simple passwords. Check all accounts and make sure passwords have been set. Make sure that all accounts have good passwords that are not based on dictionary words.

  • Limit Administrative Privileges. Many computer users login to their system as administrator for all their day-to-day activity, or they create user accounts with administrative privilege levels. Many email and web-based attacks take advantage of this by hijacking the security context of the logged-in user (activated when the user inadvertently runs an executable program). It's far safer to assign most users a limited privilege account.

Eliminate unnecessary applications and network services

Many services should be disabled by default, including file sharing.

Install anti-virus software

All users are strongly encouraged to install anti-virus software and update it regularly.

Configure system logging

Although the College of Engineering makes no attempt to collect system logs from every computer on its network, those logs are invaluable when administrators need to troubleshoot a problem or recover a system that's been hacked. For the logs to be useful, the system must be network time synchronized.  Several servers in the College provide level 2 and level 3 ntp services including alpha and bravo.

 

Page is Under Construction
Line

Comments and questions: Webmaster
Copyright © Wichita State University