System, Network, & Application Security

Tips for securing systems, networks, and applications.

Securing Remote Desktop (RDP) for System Administrators

How secure is Windows Remote Desktop?

Remote Desktop sessions operate over an encrypted channel, preventing anyone from viewing your session by listening on the network. However, there is a vulnerability in the method used to encrypt sessions in earlier versions of RDP. This vulnerability can allow unauthorized access to your session using a man-in-the-middle attack.

Remote Desktop can be secured using SSL/TLS in Windows Vista, Windows 7,...

SSH Key Management

An SSH key with a passphrase provides additional security and can act as an additional authentication factor. Adding a passphrase to your SSH keys is recommended to comply with the Remote Access Services Requirement of the Minimum Security Standard for Networked Devices (MSSND)

See instructions for setting up SSH key authentication for Windows, Mac, and Linux below. ...

Shared Firewall Rules Overview

The Shared Firewall Service offers a common set of rules and profiles to provide basic firewall coverage for user networks, including workstations and printers. The rules, maintained by the Information Security Office (ISO), allow access typically needed for client systems using the network for academic and administrative purposes. Most outbound communication to the campus and the larger internet is allowed, with exception of blocking threats such as malware downloads and known phishing sites. Inbound network connections are restricted to scans from ISO managed...

Database Hardening Best Practices

This checklist was developed by IST system administrators to provide guidance for securing databases storing sensitive or protected data. Implementing these security controls will help to prevent data loss, leakage, or unauthorized access to your databases.

Physical Database Server Security The physical machine hosting a database is housed in a secured, locked and monitored environment to prevent unauthorized entry, access or theft. Application and web servers are not hosted on the same machine as the database server...

How to Protect Against SQL Injection Attacks

What is SQL Injection?

SQL injection is one of the most common web attack mechanisms utilized by attackers to steal sensitive data from organizations. While SQL Injection can affect any data-driven application that uses a SQL database, it is most often used to attack web sites.

SQL Injection is a code injection technique that hackers can use to insert malicious SQL statements into input fields for execution by the underlying SQL database. This technique is made possible because of improper coding of vulnerable web applications.

These flaws arise because...

Center for Internet Security

About The Center for Internet Security

The Center for Internet Security (CIS) is a community of organizations and individuals seeking actionable security resources. As a member of this community, the UC Berkeley campus has access to Consensus Security Configuration Benchmarks, Scoring Tools, Consensus Security Metric definitions, and discussion forums where we can collaborate on security best practices.

Using CIS Tools and Resources for System Hardening

To get started using tools and resources from CIS, follow these steps...

Java Security Best Practices

Why is Java such a high-security risk for the campus?

Since late 2011, a multitude of critical vulnerabilities has been discovered in Oracle's Java platform.

In many cases, running the latest available versions of Java offers no protection for users. To date, at least eight zero-day attacks targeted the Java platform, affecting millions of systems. Most exploits require little or no user interaction. Users' systems are compromised...

Securing Network Traffic With SSH Tunnels

Introduction to SSH Tunnels

Secure Shell, or SSH, is used to create a secure channel between a local and remote computer. While SSH is commonly used for secure terminal access and file transfers, it can also be used to create a secure tunnel between computers for forwarding other network connections that are not normally encrypted. SSH tunnels are also useful for allowing outside access to internal network resources.

To create an SSH tunnel, you need:

Target server offering network services (http, vnc...