AMMRL,
I work in a small animal imaging facility with two Bruker MRI systems
that are operated by workstations running Red Hat Enterprise Linux 4.
The MRIs do not have an option of running Windows workstations.
Because ParaVision (which runs on top of TopSpin) is very fragile,
Bruker will not permit us to install any system updates. Naturally,
one of our workstations was hacked and used to send out spam. The IT
department was unimpressed and shut off our ethernet port. After a
lot of time fixing the network settings, the scanner is operational
again, but completely offline. Our second workstation is similarly
vulnerable. I got a few suggestions from our NMR colleagues, but
would appreciate your input as well.
Questions:
1) What strategies do you use to prevent this sort of thing from
happening, but still enable users to access data?
Keep workstations on the network and lock down as many ports as
possible? Does anybody know which ports/services must remain open
(such as flexlm and the CORBA naming service) and which can be closed?
Hide them behind a router/gateway computer? How does your IT
department feel about that? (Routers are banned here, but we could
maybe argue for a special exemption).
2) What steps do we need to take to fix the compromised workstation so
we can get our port back? IT said (in so many words) that they'd
prefer we just incinerate it. Are we going to have to wipe the disk
and reinstall everything?... : (
While I do not fear linux and know how to use google, I have no
sysadmin/networking background and no IT support, so detail is muchly
appreciated. Security has been discussed in the past on this forum,
but not in the last several years, so I am hoping for an updated
conversation.
Thank you very much!
Alex Waters
Received on Wed Jul 06 2011 - 10:01:54 MST