At a Glance
 
Central Software
CityVoD - CSC Forum Archive
Software List on CSC Student LAN
Online Tour of the CSC Student Terminal Area
Opening Hours of the CSC
Systems Maintenance Schedule
List of Blocked Network Cards / IP Addresses
List of CSC Representatives
List of Departmental Network Administrators
Staff Computer Courses
 
Newsbits
 
Down Stop Up Top


Service of NCS Opscan 8/50 Optical Mark Reader Ended in December 2009

Please be reminded that the multiple-choice scanning and survey data collection service of the NCS Opscan 8/50 will cease soon. Originally the service was planned to cease by the end of Semester B 2008-09, but it is now extended to December 2009 (i.e. at the end of Semester A, 2009-10) to allow more time for our users to look for other alternatives. For queries on other alternatives, please feel free to contact the CSC Help Desk.

How to Go Green: Double-sided Printing

Double-sided (or 2-sided or duplex) printing should be used whenever possible. Besides the benefits of saving trees, reducing carbon in the atmosphere, and holding a handier set of hardcopies, surprisingly it can save up your print quota. With immediate effect, whenever you use duplex printing to print on a piece of paper through the Quota Controlled Fast Print Queue, your print quota will be deducted by 1.5 instead of 2. This is really a big saver!

To use double-sided printing, when you print:

  1. Choose the printer Quota_FastPQ on CCSTUNG1
  2. Click Preferences and then Finishing on the Printing Preferences window
  3. Select 2-sided Printing and click OK

Using double-sided printing is a small change but can have a big impact. As going green is our common goal, act NOW to show your support!
 
CSC e-Forms
 
Submit CSC Work Req.
Req. for Printing
Req. for Dump / Restore
Teaching Studio Booking / Cancellation
Apply for a Computer Account
Email Alias Application
Apply for a New Domain Name
Remove an Existing Domain Name
Modify the Hosting of an Existing Domain Name
 
Past Articles by Topic
 
E-mail
Admin. Systems
Intranet/Internet
Central Systems
Network
Remote Access
Chinese Computing
PC Support
Security
General
 
Useful Links
 
網上中文網頁繁簡轉換
CityU Email Services
Computing Dictionary
High-Tech Dictionary
Webopedia
Web Glossary
What is?
 
Got any questions, comments or suggestions? Contact the editors at ccnetcom@cityu.edu.hk
 
Issue 39 - March 2004
Firewall in Place to Protect Our Network
By S. K. Tsui

Everyday, when you are working with your PC in your office drawing up important documents, and utilizing resources offered by the campus network, have you ever wondered if your data is 100% safe or whether there is protection of any sort to prevent intrusion from outsiders? In order to untangle some of your concerns, the following article will give you some ideas on what has been done to protect our campus network and what you can do to enhance the security of your own PC.

Perimeter Firewall

As long as your PC stays connected on the Internet, you are never completely secure. A perimeter firewall, which is a security system installed behind the Internet gateway, is therefore necessary to protect our internal network from external threats such as unauthorized access to our network, to enforce the data flow between the campus and the Internet conforming to our security policy.

Currently, the mission of the firewall is to protect our network from:

  1. Denial of service attacks

    Denial of service attacks attempt to make servers or network devices unavailable to users by consuming most of their processing time by flooding them with thousands of requests or sending misbehaved packets to try and make them crash. The firewall protects our network by limiting the number of such requests allowed to get through from the Internet and discard those misbehaved packets from entering our network.

  2. Unauthorized access to certain hosts and unregistered services

    According to individuals' requirements, one's computer may be configured to provide various network services, such as Microsoft file sharing, FTP and SMTP services, for personal or internal use. Unfortunately, some of these services may have been misconfigured or not well protected which made these systems easy targets for the hackers. For example:

    • FTP (File Transfer Protocol) and NetBIOS over TCP/IP (Microsoft file and print sharing)

      FTP server and Microsoft File Sharing service provide convenient ways to upload and download files over the Internet. Unfortunately, if the FTP or the Microsoft file service is misconfigured, such as allowing anonymous logins or open accounts, hackers could easily hack into the server, download valuable data, create back doors and even gain control to the server. If the server allows file uploads, hackers could upload viruses, share pirated files and programs through the server.

    • SMTP (Simple Mail Transport Protocol)

      Depending on the version of the SMTP server being used, hackers can utilize the buffer overrun vulnerability to execute malicious code in order to crash or gain access to the server. Moreover, if a SMTP server has the relay feature turned on, the attackers may utilize this feature to launch a SPAM attack on other SMTP servers.
    Fortunately, our firewall can prohibit these hacking activities by blocking unauthorized access to these unregistered services from the Internet.
  1. Network probes and scans

    The most common types of network probe are ping sweep and port scans. Intruder sends a set of ICMP ECHO packets to a range of IP addresses and collects the response. Once live hosts are identified, the intruder will then perform port scanning looking for services running on these hosts and then issues attacks on any vulnerable ones found. In this respect, the firewall can protect our hosts by identifying these intruders and denying their traffics from entering our network.

Personal Firewall

The perimeter firewall mentioned above aims to protect our entire network from attacks coming from the Internet, but it cannot prohibit attacks from the internal network. Furthermore, the policies set in the perimeter firewall may not be able to provide sufficient protection to a particular host with special requirements. If you need additional protection on a particular host, you may consider installing personal firewall.

A personal firewall is normally a software loaded with the operating system to protect a single computer. You can define more tightened security policies yourself to govern all the data entering and leaving your computer.

Anti-virus Program

Most firewalls can do little to protect your PC against computer viruses. More than 95% of computer viruses are spread through opening e-mail attachments, downloading software, visiting malicious URLs, and exploiting security holes in the operating system.

To prevent your computer from being infected by computer viruses, you must install an anti-virus program, and be sure to keep your anti-virus software up-to-date. Also, the latest security patches and updates of your operating system should be applied frequently so that security holes can be eliminated.

Finally, even though you have firewall, anti-virus program to safeguard your computer, you still need to backup your data periodically to prevent data loss due to unpredictable events such as hardware failure and human mistakes.

Also in this issue...
How Can We Stop E-mail Viruses?
Network Management System: What's It All About?
Enhancement of PC Security Through Microsoft's Software Update Service
Network Connection Management System to Replace NAMS
Abuse Curbed by Print Quota System
Tech Terms: Do You Know What They Mean?

 

 
Current & Back Issues
 
Search Articles
 
FAQs
 
Microsoft Windows Vista
Microsoft Office 2007
中文支援常見問題
Anti-spyware
Internet Explorer 7
General Email Services
Wireless LAN
CityU-Net for Alumni
Virtual Private Network (VPN)
Cascading Style Sheets (CSS)
 
Tips & Tricks
 
Titles, META Tags, LINK tags, and Search Engine Robots
How do I ... use the Windows XP Installer Clean Up Utility to remove apps?
Create a watermark using a Clip Art Gallery image
Create hybrid graphical/CSS buttons
Three timesaving Ctrl-key tricks in Excel
PowerPoint won't save your presentation to CD: Now what?
Validators vs. Linters: What's The Difference?
 
Technical Guides
 
Guideline to Back Up your Computer and Important Files
VPN Connection Setup Guide for Windows XP
VPN Connection Setup Guide for Windows 2000
Network Connection Management System - User Guide
Student Residence Network Connection Guide
CityLink Plus User Guide
Webmail User 2.0 Guide
 
Freebies
 
FCleaner - an all-in-one Windows cleaning and optimization tool
TweakNow PowerPack - a fully-integrated suite of utilities that let you fine-tune every aspect of your computer's OS and Web browser
virtualStudio - a stand-alone photo editor that is able to run most Photoshop plug-in filters
PDF Split and Merge - a free open source tool to split and merge pdf documents
SpaceSniffer - a portable tool application that lets you understand how folders and files are structured on your disks
 
Home
 
CityU e-Portal
CityU Home
Personal Web
CSC Home
 

Copyright© Computing Services Centre, City University of Hong Kong. Best viewed in 1024x768 with IE. Javascript enabled. Last modified on Thursday, 20-Aug-09 16:51:00 .