Frequently Asked Questions - ISO Security Notices

ISO Security Notices answers

Why did I get a Compromised Host / Possibly Compromised System notice and what should I do?

Did you receive an email from security@berkeley.edu with Compromised Host / Possibly Compromised System in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

Why did I get a Vulnerability Detected notice and what should I do?

Did you receive an email from security@berkeley.edu with Vulnerability Detected in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

Why did I get a Credential Exposure notice and what should I do?

Did you receive an email from security@berkeley.edu with Credential Exposure in the Subject line?

Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.

How to Respond to Campus Blocking RDP Open to Internet Ticket

Background

Running Remote Desktop Protocols (RDP) open to the Internet has become a significant threat to campus and RDP access must be secured according to the “How can I secure my remote connection” section below. The Information Security Office will notify users through our ticketing system upon detection of RDP open to the Internet. 

Who is affected:

  • People using personally-managed or -owned computers and who have no restrictions for remote access to the campus computer they are connecting to.

Who is not affected:

  • People using a university-managed Windows machine. How to tell if you have a managed machine

  • People using restricted access/secure connection protocols for connecting to virtual computers in the data center.

  • Sys Admins who have already configured MFA, Firewall restrictions, or other access security should not receive alerts.

How can I secure my remote connection:

Users running RDP open to the Internet will be notified through our ticketing system and will be given a window of time to do one of the following:

Additional Resources:

Campus VPN IP ranges:

How to secure RDP for Admin:

How to configure Microsoft Remote Desktop Connection for Mac:

If you have questions on this process change, please contact: iso@berkeley.edu 

If you need assistance with the Gateway Services contact: win-ticket@berkeley.edu

Search for Sources

Congratulations on searching for "sources" in the search box. This is the best way to find content on our site.

aHR0cHM6Ly9mb3Jtcy5nbGUvVWtCNjVKOEFxSGFXcGZpdzc=

                                                       - All your base are belong to us

I received a Security Notice saying my operating system is unsupported. How do I know if my operating system is supported?


Security best practices, as well as campus
Minimum Security Standards for Network Devices (MSSND), require the use of supported software for which the vendor will make security updates available in a timely fashion. As vendors are unable to support all previous versions of software, older programs are dropped from support and must be upgraded or removed from the network. It is especially important to be aware of your operating system “end of life”, as major upgrades often require time and planning.

Windows

Microsoft publishes current lifecycle information for Windows operating systems. If your version of Windows is past the date for extended support, or not listed, your operating system is not supported and you must retire the system or upgrade to a supported version of Windows. When planning for department equipment purchases and upgrades, be aware of any upcoming “end of life” dates for your version of Windows.

Mac OS X

While Apple does not officially acknowledge the end of support for Mac OS X operating systems, past experience shows that security updates addressing critical vulnerabilities are only released for the current and one previous version of Mac OS X. When Apple releases security updates for Mac OS X, operating systems with vulnerabilities that are not patched by Apple will be considered unsupported.

Mac OS X users should plan on upgrading their operating systems regularly as Apple releases new versions. We recommend updating to either the latest version, or one previous version, no more than 90 days after a new version is released.

A list of current security updates can be found on the Apple Support site:  https://support.apple.com/en-us/HT20122

Other Operating Systems

Check with your vendor to confirm whether or not your version is still under support and receiving security updates for known vulnerabilities. Operating system vendors often publish lifecycle information to assist customers with upgrade planning:

MSSND Exception Requests

If your operating system is not currently supported, and you cannot immediately upgrade to a supported release, you must request a policy exception to keep the machine connected to the campus network. Your request should include details such as:

  • Why you cannot upgrade your current unsupported operating system
  • Timeframe for upgrading or retiring the system
  • Full inventory of software running on the system
  • Expected use of the system including all network use
  • Firewall rules and other security controls mitigating the risk