Q: What is a compromised host?
A: A compromised host is a computer that is no longer under full control of its owner or administrator. There are a variety of reasons why a system might become compromised.
Please refer to the chart below for common avenues of compromise along with tips for protecting your computer.
|Viruses, Worms, Trojans
||Sophos Anti-Virus, Windows Firewall, Windows Update
||Security flaws in your OS and software are periodically discovered and published
||Windows Updates, Vendor Updates
||Misconfigured systems and services exposed to the Internet
||MBSA, Best Practices, Windows Firewall
|Insecure Network Protocol
||Plain text protocols like telnet, ftp, http, rlogin expose end user credentials
||Use ssh, sftp, scp, https instead
||Easily guessable passwords based on dictionary words, names and patterns.
||Practice strong password creation policy.
||End-users provide credentials to unscrupulous parties via Phishing schemes and social engineering.
||Drexel University will never ask you for your username and password. Never give your personal or account information to anyone.
IRT *strongly* recommends that every compromised host be reformatted and reinstalled. Please contact your local Systems Administrator or the IRT Help Desk for assistance. Please note that users re-installing a personal computer will need the original OEM installation media which was shipped with their computer.
Q: What is a compromised account?
A: A compromised account is one that is no longer under exclusive control of its assigned user. Accounts become compromised when an unauthorized party gains access to the account holder's username and password.
Please change your password and email IRT Computer Accounts immediately if you suspect your Drexel University account has been compromised.
Q: Who should I contact if I find my computer has been stolen?
A: Stolen computing equipment can jeopardize the confidentiality of University data. Computer thefts should be reported to the Drexel Department of Public Safety 215-895-2822. Public Safety will serve as your liaison with the Philadelphia Police Department.
IRT asks that the theft also be reported to the Security Group by emailing firstname.lastname@example.org or by calling 8-1666 from an on campus telephone.
Q: I received an unsolicited communication from Drexel requesting my username and password? What should I do?
A: Reputable institutions, including Drexel University and IRT, will NEVER request personal information such as passwords, user IDs, and account numbers. DO NOT send such personal information via unsolicited email to anyone. Contact IRT immediately if you have divulged your userid and password to anyone.
Q: What is a MAC Address?
A: A MAC (Media Access Control) Address is a unique 12 digit alphanumeric identifier assigned to every computer networking device. MAC Addresses take the following format 00:00:00:00:00:00
Q: How does IRT utilize MAC address information?
A: IRT utilizes MAC address information when resolving network connectivity issues, provisioning ResNet and Dragofly wireless network access, and revoking network access in response to abuse and DMCA Copyright Violations
Q: How do I locate my MAC address?
A1: MS Windows: Start -> Run -> CMD -> OK -> ipconfig /all -> Physical Address
A2: OSX Leopard: Apple -> Location -> Network Preferences -> Show Built-in Ethernet (or Airport) -> Ethernet -> Ethernet ID
A3: Linux shell: /sbin/ifconfig -> Eth0 -> HWaddr
Q: Can I use my personal wired or wireless router on the Drexel Network?
A: No. You may not extend the Drexel University computer network without the express written permission of IRT. Please refer to the Drexel's Acceptable Use Policy. Users disregarding the AUP will find their Drexel Network access revoked.
Q: What steps should I take before transferring or disposing of Drexel computer hardware?
A: The IRT Security Group strongly recommends that computer hard drives be securely wiped with Darik's Boot and Nuke (DBAN) before being disposed of or transferred to another department or individual. DBAN is a bootable CD-ROM ISO image which will securely delete all information stored on a hard drive. Please email email@example.com if you need assistance using DBAN.
Q: Can IRT help me secure my departmental computing assets?
A: Yes! We are available to help you secure your server infrastructure. Please email firstname.lastname@example.org