Presentation is loading. Please wait.

Presentation is loading. Please wait.

PPD/CG Christmas Lectures Windows – Wrap Up Gareth Smith PPD Xmas Lectures 17 th December 2007.

Published byBrook Carson Modified over 8 years ago

Similar presentations

Presentation on theme: "PPD/CG Christmas Lectures Windows – Wrap Up Gareth Smith PPD Xmas Lectures 17 th December 2007."— Presentation transcript:

1 PPD/CG Christmas Lectures Windows – Wrap Up Gareth Smith PPD Xmas Lectures 17 th December 2007

2 Future Plans Microsoft Office 2007 –New file formats. Issues of compatibility despite converters (esp. MS Project). –Testing now –No roll-out date yet. Hope for co- ordination across site. Microsoft Windows Vista –Testing now (including applications – Exceed…..) –Plan to go to 64-bit Vista –Investigating standard approach across site. PPD Xmas Lectures 17 th December 2007

3 Web Services New Web server (HEPWIN2003G) brought into production during August. –Windows Server 2003 –IIS6 –more disk space. The migration included: Cleanup (archiving) of old webs. Tightening permissions. Use of secure (https) connection where password controlled access is needed. Thanks to Alistair Haig for much of this work. PPD Xmas Lectures 17 th December 2007

4 Security Reminders Skype Use of the Skype (www.skype.com) peer to peer (P2P) telephony software is not permitted within STFC. This is due to the :www.skype.com –Potential violation of the JANET Acceptable Use Policy (AUP) –Misuse of local client/network resources Instant Messaging clients Use of the Instant Messaging (IM) clients within STFC continues to be restricted to authorised services only. This is due to the potential for: –Network resource misuse –Increased exposure to IRC (Internet Resource Chat) borne virus/worm infectionsIRC –Potential corporate liability and Freedom of Information concerns –Lack of co-ordinated client management and patching –Incompatibility between some proprietary Instant Messaging protocols/clients PPD Xmas Lectures 17 th December 2007

5 Use of Virtualization Becoming more popular as ‘easy’ to use. Benefits: Cheap Much less hassle than dual boot But... Guest Operating System(s) still a security risk: Patch, Firewall, Anti-Virus updates Yet may only infrequently be started Licensing issues PPD Xmas Lectures 17 th December 2007

6 This week’s Security Vulnerabilities The Consensus Security Vulnerability Alert. Dec 10, 2007 Widely Deployed Software: (1) CRITICAL: Cisco Security Agent Buffer Overflow (2) CRITICAL: Skype URI Handling Remote Code Execution (3) HIGH: HP OpenView Network Node Manager CGI Scripts Remote Code Execution (4) HIGH: Avast! Antivirus TAR File Processing Memory Corruption (5) HIGH: 3ivx MPEG-4 Codec Buffer Overflow (6) HIGH: Novell NetMail Antivirus Service Integer Overflow (7) MODERATE: HP Select Identity Undisclosed Authentication Bypass (8) MODERATE: OpenOffice.org Database File Arbitrary Code Execution (9) MODERATE: Novell BorderManager Multiple Vulnerabilities (10) MODERATE: MIT Kerberos Multiple Vulnerabilities.............. Etc. PPD Xmas Lectures 17 th December 2007

7 This week’s Security Vulnerabilities - 2 Part II – Newly Discovered Vulnerabilities 07.50.1 - Microsoft Web Proxy Auto-Discovery Proxy Spoofing 07.50.2 - Microsoft Optical Desktop Wireless Keyboard Weak Encryption Information Disclosure 07.50.3 - Microsoft December 2007 Advance Notification Multiple Vulnerabilities 07.50.4 - Yahoo Toolbar Helper Class ActiveX Control Remote Buffer Overflow Denial of Service 07.50.5 - RealPlayer RMOC3260.DLL ActiveX Control Import Denial of Service 07.50.10 - HFS HTTP File Server Arbitrary File Upload 07.50.11 - Apple Mac OS X VPND Remote Denial of Service 07.50.12 - Apple Mac OS X Mach_Loader.C Local Denial of Service 07.50.13 - Red Hat Content Accelerator Memory Leak Local Denial of Service 07.50.14 - Zsh Insecure Temporary File Creation PPD Xmas Lectures 17 th December 2007

8 Laptop Synchronization We advise: -Synchronizing your H: drive -Synchronizing Outlook. -… what if the laptop is stolen (or breaks).. Encrypt the file cache. Don’t synchronize personal files etc. unnecessarily. - Take care with personal information on USB memory sticks… PPD Xmas Lectures 17 th December 2007

9 Access from offsite & visitor facilites Access into RAL from Offsite: PPTP Bastion Host Outlook Web Access Configure Outlook to use ‘https’. Use of (secure) imap. http://hepwww.rl.ac.uk/ppdcomputing/WindowsXP/Outlook_page.htm For Visitors to RAL PPD: Regular visitors can register laptops with us. –Require patched and have up-to-date Anti-Virus. –At present we do give out an address to a visitors’ laptop even if not registered. Map “visitors network” through to offices. Can create accounts for visitors. PPD Xmas Lectures 17 th December 2007

10 PDAs We provide some support for PDAs Experience with Windows Mobile 5 & 6. Tariffs available via the RAL Telephone helpdesk. Including 3G connections. Example of PDA Choice. Vodafone v1615 (HTC TyTN II) Capabilities: Wireless, quad-band phone, USB, GPS Synchronize files with PC Synchronize e-mail, diary with Exchange PPD Xmas Lectures 17 th December 2007

11 Computer Room Power R1 Lab 8 Computer Rooms shared by Windows and LINUX (Tier 2). Problem: Significant increase in electrical power requirements for Tier 2 systems. At limit of single phase supplies (60 amps to each room). 2 racks full of worker nodes temporarily hosted in the Atlas building Solution: Upgrade to use three-phase supplies: Three * 60amps in each room Outer part of Lab 8 upgraded last year Inner part of lab 8 upgraded in last weeks. However, we may start hitting air conditioning limits..... PPD Xmas Lectures 17 th December 2007

12 Christmas Plans All essential systems will stay up (..... we hope.......) Plan to turn off less essential services: -Citrix server -Some printers (e.g. A0 plotter). Systems run ‘at risk’ over this period. PPD Xmas Lectures 17 th December 2007

Download ppt "PPD/CG Christmas Lectures Windows – Wrap Up Gareth Smith PPD Xmas Lectures 17 th December 2007."

Similar presentations

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
RAL Particle Physics Dept. Site Report. Gareth Smith RAL PPD About 2 staff mainly on windows and general infrastructure About 1.5 staff on departmental.

RAL Particle Physics Dept. Site Report. Gareth Smith RAL PPD About 2 staff mainly on windows and general infrastructure About 1.5 staff on departmental.
Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.
Speaker Name, Title Windows 8 Pro: For Small Business.

Speaker Name, Title Windows 8 Pro: For Small Business.
Encryption Jack Roberts, PPD, RAL, STFC. Why? Government reaction to high profile data losses. STFC General Notices 30 th January, 1 st February 2008.

Encryption Jack Roberts, PPD, RAL, STFC. Why? Government reaction to high profile data losses. STFC General Notices 30 th January, 1 st February 2008.
Office-2007 Deployment Updates & Discussion Panel Brad Sharp – UNC Rick Cisneros (Rick Beck) – Metro State Chad Burnham – DU Jon Giltner – UCB Fall 2007.

Office-2007 Deployment Updates & Discussion Panel Brad Sharp – UNC Rick Cisneros (Rick Beck) – Metro State Chad Burnham – DU Jon Giltner – UCB Fall 2007.
Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Mike Bayne 15 September 2011

Mike Bayne 15 September 2011
Saving Money by Recycling Existing Computers with LTSP Peter Billson Linux Terminal Server Project (LTSP.org) Linux User Group in Princeton LUG/IP July.

Saving Money by Recycling Existing Computers with LTSP Peter Billson Linux Terminal Server Project (LTSP.org) Linux User Group in Princeton LUG/IP July.
MAI Computing, Inc. Providing Computing Service since 1985 We Work for Your Business!

MAI Computing, Inc. Providing Computing Service since 1985 We Work for Your Business!
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Homework 3.2 Clients Hub What’s wrong with this picture? Clients Using 100TX.

Homework 3.2 Clients Hub What’s wrong with this picture? Clients Using 100TX.
Data Encryption Overview South Seas Corporation Jared Owensby.

Data Encryption Overview South Seas Corporation Jared Owensby.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Similar presentations

Ads by Google