IS Works to Address Security of MITnetBy Bryson Kido
Information Systems has made software available that will help users of MITnet keep their data and passwords secure, said Joanne Costello, manager of network support services for Distributed Computing and Network Services. The telnet program used to access Athena accounts has been updated to allow users to "safely telnet to Athena without their passwords traveling over the network," she said.
IS has also been working to install printers in the undergraduate dormitories as part of a continuing effort to improve residential access to computing, Costello said.
Undergraduate dormitories and living groups were connected to the MIT network as part of the Resnet project last January. IS more recently added four graduate dormitories to the network. MITnet allows users to access their Athena accounts and the Internet from computers in their offices or residences.
A Tech article last spring ["Loopholes Loom Large in MITnet," April 22] raised questions about the security of data sent over the network. Malicious users could use packet sniffing programs to intercept any data sent to or from a computer over the network, said former DCNS Consultant Michael L. Barrow '93 in an interview last spring.
"Without any added protection your user name, password, and data travel in clear text over the network," Costello said.
The new telnet program encrypts a user's password when it is initially sent over the network, Costello said. Only a system with the correct decryption key can access that data, she said.
A secure telnet program, known as kerberized telnet, is available for Macintosh personal computers and the Athena workstations, Costello said. A version of the program for IBM PC and compatible computers will be available once MIT resolves licensing issues, she said.
Security on MITnet will be further safeguarded with an additional data encryption service, Costello said. Over the summer, MIT issued a new, free version of the popular encryption program PGP (for "pretty good privacy"), she said.
"PGP is a high-security cryptographic software application which allows people to exchange files or messages with both privacy and authentication," Costello said.
The system currently requires a user to separately encrypt and send a file, Costello said. To remedy this, "MIT hopes to make available packages which will provide a seamless integration of PGP with mail systems used on campus," she said.
Grad dorms, printers added
Earlier this month, IS extended MITnet to include the graduate residences Ashdown House, Edgerton House, Green Hall, and Tang Hall, Costello said. Two more graduate dormitories, Eastgate and Westage,"are scheduled to come on-line next year when their phone system is updated," she said.
Increasing the availability of MITnet is important as the public Athena clusters become more crowded, Costello said. "Even early in the year we can safely say that the number [of students connected to MITnet] exceeds the number of public workstations," she said.
IS has purchased Hewlett Packard Laserjet 4si printers for the undergraduate dormitories, Costello said. "Printers will be installed as soon as the dorms are ready," she said. Dormitories will be responsible for supplying paper, toner kits, and a secure location for the printer, she said.
Burton-Conner House has already installed its printer while Baker House has turned in its request, Costello said.
"Students in our dorm seem very excited about having a printer," said Brandon W. Porter '97, a residential computing consultant for Burton. In the next few weeks, students with Macintosh and Microsoft Windows-based computers will have access to the printer, Porter said.
IS has hired six new residential computing consultants to replace those who left after last year, Costello said. The consultants help with connecting students to MITnet, providing them with necessary cables and software, and trouble-shooting problems with connections or applications, Costello said. Currently, a total of 19 consultants serve the 10 undergraduate and four graduate dormitories connected to MITnet, she said.