Skip to site navigation

UCL Computer Security Newsletter - March 2008

The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/cert.

1. New Intrusion Detection Server

The recent deployment of a Snort IDS server means that CST are now more
able to detect malicious traffic entering and leaving the UCL network.
This can help in identifying infected or compromised machines on our
network as well as attacks that come from outside. Early results show a
large number of machines apparently infected with spyware programs, and
a few possible trojan infections. Reps may receive emails from CST in
the future relating to these.

2. Recent phishing attacks

Unfortunately, a handful of users replied to the recent phishing emails
with their UCL passwords and their accounts were subsequently used to
send spam. The spam has now been stopped and several defensive actions
taken.

3. New page on CST website

A new "Current Alerts" page has been added at
http://www.ucl.ac.uk/cert/alerts.html
This is to provide information on any current threats that may affect
UCL as a whole, e.g. the recent phishing attacks.

4. Virtual firewalling for departments

In the near future, the IS Network Group will be in the position to
offer virtual firewalls to individual departments. A virtual firewall
can provide a department with an additional level of protection, by
restricting connections from other parts of the UCL network. If you
think your department may be interested in this, please contact CST.

5. General

Please note all correspondence from the UCL Computer Security Team is
digitally signed either with personal PGP keys or the CERT team key
(public keys available from http://www.ucl.ac.uk/cert/contacts.html).

This newsletter and previous ones are available at
http://www.ucl.ac.uk/cert/cst-newsletters/index.html.

We welcome feedback on the content and organisation of documents on
our web page.