Skip to main content
To KTH's start page To KTH's start page

KTH IRT scans the computer networks for misconduct

Background

KTH IRT, KTH's Incident Response Team, continuously scans the KTH computer networks in search of irregularities and security problems. KTH iTA are working with KTH IRT to follow up and put a stop to the irregularities found.

In some cases KTH IRT blocks the involved IP addresses centrally at KTH.

Peer-to-peer servers (file sharing programs)

It is not allowed to make copyrighted material like movies and music available on the internet via KTH's computer network.

KTH IRT continuously scans the network for peer-to-peer servers, and then transmits information to the various systems groups. These seek out the responsible users and if any copyrighted material is distributed the servers are shut down.

Open X11 Servers

X Windows System consists of X servers and X clients that communicate via the X protocol. The X server provides graphics, window, keyboard and mouse to their X clients (ie, the X application running).

If a user gives the command xhost + or equivalent, or if a program makes the corresponding operation, then anyone can connect an X client to your X server. This X client can then listen to everything you do on your computer, such as all keystrokes.

This is a security issue and we are therefore actively seeking for open X servers and automatically alerts the user of CSC Solaris and Linux system with an automatic e-mail.

Some security holes

Every now and then security holes pop up in operating systems and servers on different computer platforms that are represented at KTH. One of the most important jobs of the ITA is to constantly update the systems they provide with security updates.

If you manage your own computer, you are personally responsible for keeping your system updated.

For some major security holes as KTH IRT scans computer networks to ensure that no machines are left vulnerable. They then leave the details to the various systems groups that may seek out the affected systems and their users, inform, and ensure that security holes are closed.

For the computers that CSC provides employees the systems group normally provides licenses for the operating system.

For personal computers, eg for students, the common alternatives are free OSes, MSDN or privately funded licenses.

Worms, viruses, ...

A constant source of trouble is all the worms and computer viruses that abound on computer networks today. The computer support groups at KTH are constantly updating virus protection on the systems they provide.

If you manage your own computer, you are personally responsible for keeping your virus protection updated.

KTH IRT scans our computer networks for known worms, viruses, and more. They then get help from the various computer support groups to seek out the affected systems and the users responsible for them informing them that they are affected by worms and viruses and ensure that their systems are cleaned of viruses and worms and that anti-virus protection updated.

For the computers that CSC provides employees the systems group normally provides licenses for operating systems and antivirus software.

For personal computers, eg for students, the common alternatives are KTH ProgDist, free software or privately funded licenses.