You’re about to
leave the office or you’ve completed a day’s worth of work or studies.
You don’t log off the network or shut down your system because you’re
in a hurry to depart or simply don’t feel like waiting the next day
for the system to come back on-line. Or perhaps you’ve left a program
running on your system after you leave and want it to continue after
hours. For whatever reason, your Georgia State University system
is continuously logged into the university’s network 24/7.
Believe it or
not, hackers and would-be intruders are targeting systems that are
"always on" for attacks, unauthorized intrusions, viruses
and Trojan Horses. Most importantly, they are hoping that you don’t
maintain up-to-date anti virus software on your machine or that you
don’t run the software patches or service packs that vendors like
Microsoft, Sun, and HP provide to ensure you are protected against
vulnerabilities in their operating systems and applications that a
hacker can take advantage of to gain access to your system. Additionally,
because your system is continuously logged into the network, they
have many opportunities over the course of time to find a way in—to
your system, that is.
Additionally,
if you also log into the Georgia State University network from home,
and you have a DSL line or cable modem, if your system is not adequately
protected you and the Georgia State University network are at an increased
risk of obtaining a virus, Trojan Horse, or other program that will
allow someone to control your machine and possibly gain access to
other systems and applications at the University through your system.
How can you
protect your workstation from harm? One recommendation is to
log off of your system when you have completed your work or studies
or are departing the office for the day. This small step will significantly
lessen the window of opportunity for attacks and intrusions to occur.
On Friday afternoons, as you make preparations to leave the office
behind for the weekend, shut down your computer system as well. While,
you may have to wait a few minutes on Monday morning for it to restart,
the fact that you are protecting your system from being scanned and
probed all weekend long is worth the wait.
Another recommendation
for those who must leave their workstations connected to the Georgia
State University network 24 hours a day, seven days a week, or who
log into the network from home is to install a personal firewall.
At http://www.gsu.edu/~wwwccs/security/personal_firewalls.htm,
you will find an article which discusses personal firewalls—what they
are, what they cost, and which ones are recommended for use.
Additionally,
the company NetworkICE has partnered with Georgia State University
to offer all users their award-winning BlackICE Defender product for
$19.95, a 50% discount off the retail price. You can find out more
about this program, as well as how to purchase a copy of the software,
at http://www.gsu.edu/~wwwccs/security/blackice.htm.
Finally, I’d like
to inform you that there is a new web site at Georgia State University
where you can find information security links and resources. The
site is a “work in progress” and I will be adding a wealth of material
to it over the coming year, so I encourage you to visit often. It’s
at http://www.gsu.edu/security.