Security Vulnerabilities: Windows NT based instrumentation

• Next message: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Previous message: Winnell H. Newman: "Re: DNA synthesis"
• Next in thread: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Reply: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Everyone,
   I wanted to pass along some information for those of you who have
windows NT computers installed as part of an instrumentation package.

   A lab here at cornell has an ABI 3100 Sequencer. It was attacked
and hijacked for use as a warez server via well known
vulnerabilities, resulting in lost data and abuse of the university's
network. ABI hardware and software probably has nothing to do with it
(unless someone has a motive and a way to specifically target these
machines). This was most likely the result of a "routine"
vulnerability scan on which this machine stood out as a good target.

Out of the box windows NT configurations are quite insecure. There
are patches, configuration changes, third-party software available to
reduce the risk of putting your instrument's machine on your
institutional network. In my experience, security is not discussed at
instrument installation even if the vendor "supports" LAN
connections on their instrument. This is unfortunate, if somewhat
understandable. It means that everyone who has one of these
instruments will need to be responsible for securing themselves. The
consequences can be severe. Of course any operating system has the
potential for security problems when improperly configured.

I suggest that labs check with their local or institutional network
support before hooking you NT based instrumentation up to your LAN.
At the very least, make sure that you have good passwords
(http://www.cit.cornell.edu/computer/security/password.html), have
applied the latest service packs and updates
(http://windowsupdate.microsoft.com/), and disable or reconfigure the
internet server services (web and FTP) and windows shares.

One jumping off point for finding out more about security issues:
http://www.cit.cornell.edu/computer/security/links.html here is a FAQ
dealing with windows NT in particular:
http://www.it.kth.se/~rom/ntsec.html

I hope this information is helpful.
-James
-------------------------------------------------------------------
James VanEe Phone: (607) 254-4862
BioResource Center
Computing Facilty
170/171 Biotech Bldg Fax: (607) 254-4847
Cornell University
Ithaca, NY 14853 www: http://brcweb.bio.cornell.edu
-------------------------------------------------------------------

• Next message: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Previous message: Winnell H. Newman: "Re: DNA synthesis"
• Next in thread: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Reply: David Bostwick: "Re: Security Vulnerabilities: Windows NT based instrumentation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Feb 01 2001 - 12:44:47 EST