April, 2004
Lab to Reduce Number of Email Servers
LBNL needs to dramatically reduce the number of email servers operating at the Lab in order to reduce the security risks associated with these machines. Currently, there are more than 290 email servers, and many of these are inactive -- only 25 of the servers receive more than 5,000 messages/month.

Remote Access to Berkeley Lab Information Systems (BLIS)
IMAGE: BLIS Portal mark
The Berkeley Laboratory Information Systems (BLIS) Enterprise Portal is now available via remote access. BLIS, a multi-year project, is aimed at providing LBNL users with a “personalized information cockpit” from which they can navigate and gain access to the management information they need with a few keystrokes.

Leaving the Lab: Termination Notification System (TNS) Issues

As employees leave the lab, a system referred to as the Termination Notification System (TNS) initiates a sequence of events that alert the supervisor, and a division-specific mail list, about actions that will be initiated on behalf of cyber security.

Wireless: Rogue Access Points at the Lab
What is a rogue Access Point (AP)? It is a wireless AP that has not been authorized and installed by the LBLnet Services Group and is attached to LBLnet. Operating a rogue AP violates Laboratory policy and creates a serious cyber security risk.

The LBLnet Services Group is now conducting surveys to detect rogue APs, and they will be removed as soon as they are discovered; hardware will be returned to the nearest division office.

Employees who need wireless access should contact the LBLnet Services Group at x4559. For more information, call Linda Smith at x4440.

Publication Alert Service
Have you ever wondered what scientific reports are being completed within a subject discipline? Now there is a way for you to select one or more subject disciplines and be notified each month about any reports that fall within those areas. TEID does not charge for this service, and you can sign up for notification here.

Tip of the Month: Schedule Backups for Systems and Data
In the event of a system malfunction or security-related incident, nothing is more valuable than having your system and data files backed up so you can get up and running again quickly. In most cases, it’s a good idea to backup your system on a weekly basis.

If you’re unsure of how to backup your system, or don’t have the time, ITSD offers a low-cost Lab-wide backup service here.
 Protecting Your Computer
Beware the Email Attachment
More than 100 machines at the Lab were infected in one day this month by a new Windows-targeted virus called “Netsky.Y.”

PLEASE NOTE: If you receive a suspicious message with an attachment, above all do not open the attachment – just delete the email immediately. Since many of these viruses will forge “to” and “from” addresses, don't open an attachment just because you recognize the sender. It is only safe to open an attachment when you are expecting it from a specific user.

Computer Protection Brown Bag Event to Feature Documentary
The Computer Protection Brown Bag Event this month will be a showing of the Frontline television documentary "Cyberwar" at noon Thursday, April 29 in Bldg. 70A, Room 3377. Bring your lunch and your questions.

UNIX Security Course - Change in Location
The location of the UNIX Security course (the first in a two-part series) scheduled for Wednesday, May 12 (9 a.m. - 4 p.m.) has been changed. It will now be held in Bldg. 50F Room 1647. Go here for a course description and here to sign up for this free course.

LBNL Cyber Security Legal Issues Site
Many cybersecurity issues have legal ramifications. Find out what they are and how they apply to cyber security at LBNL by visiting the new LBNL cyber security legal issues site. Go here and click on "Legal issues" in the left column.

Windows Security Patches
Security problems on Windows platforms are an unfortunate reality, so it is especially important to keep your system patched if you run Windows. One way to do this on Windows NT, 2000 and XP systems is to download and install a cumulative patch, called a "mega patch." The right patch for your system is available at the ITSD software download site below. After installing any of these patches, remember to reboot you system to activate them.

IMAGE: computer virus
Monthly Virus Update
The wave of recent infections from Netsky variant worms should send a powerful message to users, especially those on Windows machines. Ensure that your computer's anti-virus software is updated daily and avoid opening attachments that you are not expecting, even if they appear to be from someone you know. A Netsky removal tool, FixNetsky.exe, is available at http://www.lbl.gov/ITSD/Security, but this tool cannot undo some of the many changes that Netsky makes to systems it infects. Consequently, if your system becomes infected, you or your system administrator need to carefully find and reverse all the changes Netsky has made.