New security system to make Kent State computers safer
July 18, 2006
Hackers beware -ÿyour life as a computer vandal is about to get much more difficult.
Kent State has implemented a new security system called the Intrusion Detection System/Intrusion Prevention System. IDS/IPS affects all of Kent State’s software and hardware by performing searches for vulnerable and suspicious hosts and fixing potential security flaws in order to keep out hackers.
“The benefit we hope to bring to the university is a more pro-active approach to data loss prevention,” said Dan Roberts, senior systems programmer.
The IDS/IPS is composed of two systems – a host-based system and a server-based system. The host-based system lives on the network and looks for abnormalities, and the network-based system checks the traffic flow of all the users to detect problems much like an anti-virus protection program, said Ransel Yoho, senior network systems engineer.
The two systems are meant to cooperate with each other to provide a safer atmosphere for all users of computers on campus whether it’s their laptops or a computer in the computer lab. If one fails, then the other system should catch whatever problem arises, Roberts said.
Security is a big concern at Kent State. Roberts said to imagine dozens of thieves prowling around your house every hour of the day to see if you’ve left your doors or windows unlocked. If that fails, they try to find new ways of getting into your house.
“A secure system is a dead system because it is no longer vulnerable to attack,” Yoho said.
He said security is a continual process because there are always hackers trying to steal whatever they can get of value.
“By putting this system in place, we are in a better position to know where the intrusions are,” Yoho said.
Yoho gave the example of the “Slammer” worm – which attacks one computer (those with Microsoft servers) and then joins the worm in attacking other computers. He said the IDS/IPS sees attacks like these and lets them know about it. He also said if the IDS/IPS was turned off, all of Kent State’s computers would be infected with the worm in minutes.
“In the past, intrusions were typically detected after they were over. This wasn’t as big of a concern when servers didn’t house much sensitive data, and hackers were primarily motivated by curiosity,” Roberts said.
“Today, we’re faced with criminals armed with powerful hacking tools, who are constantly trolling for flaws in our systems that might let them make off with social security numbers, credit card numbers or the like.”
Yoho said because this system is being installed it doesn’t mean that students should not worry about their security. He pointed out that this system is only for the computers on campus (or the laptops connecting through Kent State’s wireless Internet access). He said students should still be aware because there are always hackers wanting to get their money or personal information.
“At the end of the day, we’re responsible for promoting a safe learning environment, so protecting student and employee private data is one of the primary goals of the IDS/IPS project,” Roberts said.
Contact information and technology reporter Nate Stuart at [email protected].