Security administration status

Current Task list as of 12/15/97

• Create C&C security web page

• Draft Internal C&C policy for user managed workstation

• Security audit of all sensitive C&C systems

• Migrate staff usage of rsh/rcp to ssh/scp

• Scan all setuid source code for buffer overrun vulnerabilities

Completed Tasks

• Installation of tcp wrappers on all AST hosts, including publicly accessible machines and restricted servers.

• Installation and deployment of secure shell (ssh) on all AST hosts

• Rapid deployment of security patches on all AST hosts. Uniform access computers are the most vulnerable to attacks and these are given priority in receiving latest security patches.