Computing Security

Security Guidelines

To report network security incidents at EIE, please e-mail helpdesk @ ee.usyd.edu.au.

Computer security has become an increasingly critical issue as viruses, worms and other forms of cyberterrorism proliferate. For your own safety and out of respect for your peers in the computing community, please educate yourself and help protect our systems. Check your systems on a regular basis. If you have suggestions for other tools or resources we could add them to this page, please send an e-mail to webmaster @ ee.usyd.edu.au

SSH on UNIX Workstations

The Secure Shell Client (ssh) program, which is intended to replace the telnet and rlogin utilities, is available on EIE servers. In the most general terms, ssh provides secure communications over an insecure network; what this means in practical terms is that users can use ssh in place of telnet, when remotely accessing a server from any UNIX workstation, to prevent their userids and passwords from being sent "in the clear" (un-encrypted) across the network.

Using the ssh program is very similar to using the telnet program;
simply enter the ssh command, and the name of the host to which you wish to remotely login, from a UNIX prompt, as shown below:

ssh hostname

If you want to login to the remote machine under a different userid than the one under which you are currently logged in, follow the same procedure as above, but add the -l option and the username under which you would like to login, as shown below:

ssh -l username hostname

In either case, the system will prompt you to enter your password. Once the server has verified and accepted your identity, it logs into the machine and gives you a normal shell on the remote machine. The machine automatically encrypts all communication with the remote command or shell.

Users who are familiar with telnet and who run X sessions will appreciate the fact that ssh automatically forwards their connection to the remote machine through the secured channel. This means that users will *not* have to set their DISPLAY variable as they would for a telnet session. For additional help in using ssh, refer to the man page on cassius/diesel by entering the command man ssh at a UNIX prompt.
You may also find further useful information on-line at the URL http://www.ssh.fi/

If you have any further questions about using ssh, please contact the helpdesk @ ee.usyd.edu.au

Managing your Password

Choosing a secure password

Changing your password is important for system security and for your own security as well. Your account gives you access to the following services: electronic mail, samba (file space and printing), FTP and login to the PC labs.

When you change your password, note that it might take up to a few minutes for the password change to propagate across the various systems.

• Your password must contain exactly eight (8) characters and include some digits or punctuation marks.
• Pick a password that you can remember without writing it down.
• Do not use common words, or words or names that relate to you personally.
• When you change your password, also remember to change it in any programs that might store it for you.

If you would like additional help in choosing your password, or if you forget your password and need a new one, please contact the ITU Help Desk at helpdesk @ ee.usyd.edu.au.

Changing your password online

You can change your intranet password using a web-based program at the my uni website.
In our labs after you login successfully to Windows 2000, press CTRL+ALT+DEL and change your password.

Changing your password on a UNIX system

You can also change your password from a UNIX system, either at a UNIX workstation or using a telnet/ XWin session from a PC.
Enter the command passwd
The program will prompt you to enter your old (current) password, and then your new password twice for verification.

Changing your password in programs that can save your password

A number of programs save your password so that you don't have to enter it each time. Three such applications are Microsoft Outlook, Microsoft Internet Explorer, and Qualcomm Eudora.

To change your Microsoft Windows password:

1. Double-click on the My Computer icon on your desktop.
2. Next, double-click on the Control Panel icon inthe window that appears.
3. Finally, double-click on the Passwords icon. A Password Properties windows will appear. Click on the Change Windows Password ... button.
4. In the window that appears, enter your old Windows password and new password, and confirm your new password in the appropriate fields.
5. Click the OK button. A Microsoft Windows window will appear, confirming that you have successfully changed your Windows password.

To remove/change a password in Microsoft Outlook:

1. Start Outlook, select Tools from the menu option and then Accounts.
2. From the Accounts window, select Properties and then the Servers tab. You now have the option of either deactivating the "Remember Password" option or typing the new password over the old password.

To remove/change a password in Microsoft Internet Explorer:

1. Start Internet Explorer.
2. From the Tools menu option, select the Mail and News option and then the Read Mail option. This will start your email application.
3. Select the Tools menu option and then the Email Accounts option.
4. Select "View or change existing email accounts" and then the Next option. The Email Accounts window will open and you then select the Change option. You can now either deactivate the "Remember password" option or type in the new password.
5. Click on the next button followed by the finished button.

To remove/change a password in Qualcomm Eudora:

1. Start Eudora.
2. From the Tools menu select Options.
3. Go down to Checking Mail and uncheck Save Password or type in the new password.

Security Tools and News

• Security Patches: Sun | Linux | Windows
• Network Security at University of Sydney