SULAIR

For Students | For Staff | Directory | About | Sitemap

Stanford University Residential Computing

A department of Academic Computing, Stanford University Libraries and Academic Information Resources

Main

Security Archives

August 18, 2003

Current widespread Windows attacks

Over the last few days, thousands of computers at Stanford have been hacked because they were not updated. Recent widespread attacks exploited a Microsoft Windows security vulnerability that has been public since July 16th (henceforth referred to as "the hole"). Once compromised, the hacker has full access to your computer and files, and could potentially do anything you could while sitting at it. This includes deleting your files, or attacking other computers.

For more information, visit: http://rescomp.stanford.edu/info/win-rpc.html.

Posted on August 18, 2003 7:10 PM |

March 17, 2004

Practice safe net

Protect yourself against viruses and other exploits by practicing safe net. Learn more at:

http://rescomp.stanford.edu/info/security/

Posted on March 17, 2004 10:57 AM |

August 23, 2004

Spy Sweeper now available

Spy Sweeper is now available for the Stanford community-- this anti-spyware software detects, removes and blocks spyware from your PC. To download, visit:

Essential Stanford Software

For more information about spyware and the damage it can do, click here.

Posted on August 23, 2004 12:14 PM |

September 8, 2004

BigFix now available

In response to the increasing number of security vulnerabilities and Internet attacks over the past few years, ITSS has begun using BigFix to help keep computers on the Stanford network secure and up-to-date. The BigFix client is now available at Essential Stanford Software, but before deciding whether BigFix is right for you, residential students should read the following FAQ:

BigFix FAQ for Residential Students

Posted on September 8, 2004 1:36 PM |

Windows XP SP2 Configuration Tool available

ITSS has released an special configuration tool for Windows XP Service Pack 2 (SP2) users. This tool configures your computer to work properly with Stanford administrative applications, Essential Stanford Software, and the Stanford wireless network. To download this tool, visit Essential Stanford Software.

For more information on SP2, click here.

Posted on September 8, 2004 1:42 PM |

October 21, 2004

New version of SpySweeper available

The newest version of SpySweeper (3.2) is now available for the Stanford Community at Essential Stanford Software.

Posted on October 21, 2004 6:57 PM |

October 28, 2004

XP SP2 Configuration Tool updated

The Windows XP SP2 Configuration Tool from ITSS has been updated in response to a number of attacks on X Windows servers on campus. To download the newest version, visit:

Essential Stanford Software

Posted on October 28, 2004 6:59 PM |

X Window server software attack

Stanford, along with a number of other universities, was the target of an organized hacker exploit attacking a vulnerability in insecure configurations of X Window server software. For more information on the attack and X Windows security in general:

Secure Computing: Notes on X Window Security

Posted on October 28, 2004 7:02 PM |

December 2, 2004

New version of SecureCRT available

Version 4.1 of SecureCRT, the SSH terminal emulation software for Windows distributed by ITSS, is now available. This new version provides a fix for a security vulnerability announced earlier. To download, visit:

Essential Stanford Software: Windows

Posted on December 2, 2004 10:46 AM |

January 11, 2005

Security Alert: MarketScore Spyware

From the Information Security Office:

Summary

MarketScore (also called NetSetter) is a spyware-like application that compromises the security of all data sent or received by your web browser, even on "secure" encrypted web sites. All external browser communications are re-routed through MarketScore's proxy servers, so they have access to any "secure" traffic/passwords/accounts that otherwise would be encrypted.

MarketScore affects the most popular browsers on the Microsoft Windows platform, including Internet Explorer, Netscape, Mozilla, and Firefox. It does not appear to affect Macintosh or Linux platforms.

What to Do

SpyBot Search and Destroy is known to detect and remove MarketScore. Alternately, there are removal instructions on Columbia University's MarketScore removal web site.

If you have MarketScore installed on your computer and have used your browser for any services that require WebLogin, your password should be considered compromised. After you have removed MarketScore from your computer, we STRONGLY recommend that you change your SUNet password. This advice also applies to any other secure web sites you may have visited with your browser.

The Information Security Office is directly contacting owners of machines that appear to behave as if MarketScore is present. If your computer is on the Stanford campus, you can also do a rudimentary self-check of your browser by going to the fixme.stanford.edu web page. If you get a message saying access is forbidden, your browser might be configured to use an outside proxy, so to be safe you should follow one of the removal procedures listed above or in the References section below...

Click here to download Spybot Search and Destroy.

Click here for the full alert from Security.

Posted on January 11, 2005 11:22 PM |

January 14, 2005

Changes to BigFix at Stanford

There have been some changes to the BigFix service here at Stanford recently. These changes allow for some granularity in the way in which properties are collected from computers running the client and as a result, the list of retrieved properties for the ResComp group have been significantly reduced. Because of this change, you may want to revisit whether BigFix is an appropriate patch management solution for your computing needs. To find out more, visit:

BigFix FAQ for Residential Students

Included on this page is information on BigFix in general, the BigFix service at Stanford, and ResComp's policies and procedures for using BigFix and the information it collects.

Posted on January 14, 2005 1:05 AM |

May 17, 2007

New DMCA Complaint Policy

A new DMCA complaint policy was announced via email to all students on Tuesday, May 15, 2007-- the new policy involves an Internet reconnect fee and represents a significant change in actions the university will take in addressing violations. For information on the new policy please see: http://www.stanford.edu/dept/legal/recent/DMCAReconnectfee5-11-07.Web.pdf. If you have questions about the DMCA Reconnect Fee policy, please contact Lauren Schoenthaler (at: lks@stanford.edu), Senior University Counsel. For more information on file-sharing and copyright law, please visit our FAQ at: http://rescomp.stanford.edu/info/dmca/.

Posted on May 17, 2007 1:47 PM |

April 9, 2008

Residential firewall pilot this summer

IT Services and Residential Computing have planned a pilot of a residential firewall system for this summer, to protect student computers against incoming traffic from other networks. ITS has been rolling out firewalls in academic and administrative departments for some time, but a key piece needed for the residences will now be available, the ability for individual users (not network administrators) to select their level of protection. As planned, starting Summer Quarter students registering for in-room network connections would be able to select their level (from wide open to totally closed). Over the summer a few residences would be firewalled in a pilot, likely Summer Research College and Studios 3 & 4. If the pilot was successful, the firewalls would be activated on all residential networks in late August.

For more information on the project see: https://www.stanford.edu/services/firewall/

Posted on April 9, 2008 3:24 PM |

September 15, 2008

Residential firewall deployed widely

Following a pilot this summer, a firewall has been rolled out to a number of residences, and other residences will most likely follow into Autumn Quarter. Currently the active firewalls include Crothers Memorial, and all undergraduate residences except: Kimball, Mirrielees, Wilbur, and Row Houses north of Mayfield Avenue. All residents are being asked to select a level of protection when they register their network connections, even if rules aren't being enforced in their residence yet.

The residential firewalls protect computers against intrusions from outside of the local network by preventing distant computers from initiating contact. They do not protect against computers in the same building and in some cases the buildings nearby, nor do they provide protection when using computers in other locations around campus. Communications initiated from students' computers are not be affected. Students can change their selected levels of protection at any time simply by updating the registrations for their in-room network connections.

The residential firewall is brought to you by IT Services, as a part of the ongoing departmental firewall project. For more information see: http://www.stanford.edu/services/firewall/residential/

Posted on September 15, 2008 4:45 PM |

Search


About Security

This page contains an archive of all entries posted to Information & News in the Security category. They are listed from oldest to newest.

Residential Life is the previous category.

Stanford Deals - Computers, Software, etc. is the next category.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.35

Last updated Monday, 15-Sep-2008 17:12:37 PDT.

Questions or comments about this Web site? Email webmaster@rescomp.stanford.edu.
Need help with your computer or in-room network connection? Contact your RCC.

© 2007. Stanford University. Residential Computing.

 

Student Computing Home | Academic Computing Home | SULAIR Home | SU Home