Hi Alex and all,
I'm not really an NMR specialist but ended up in charge of a 18 yr old
400 MHz Bruker system when our NMR expert retired three years ago.
Our NMR runs on a UNIX-based Silicon Graphics (SGI) system and is not
networked and even if it were, there's no good way to access the data
since no one here has expertise in Unix networking. I have a Windows
machine next to the SGI computer and I transfer data using a zip disk
onto the Windows machine which is networked. I have Topspin 2 on the
Windows machine so I can process the data on that machine and transfer
data 'til the cows come home.
Anyway, I am also in charge of a scanning electron microscope (SEM) - my
"real" area of expertise - which only runs on Windows NT. Windows quit
supporting NT a long time ago so we had to take the SEM off the network.
What we ended up doing is hooking the NT machine directly to a secondary
Windows XP computer which goes out to the network. We created a shared
data drive on the SEM NT computer and only access the SEM data from the
XP machine. We then copy or move the data onto the XP machine or an
external storage drive that anyone can access in the building with a
password. We don't even have a USB port or any type of physical,
removable storage on the SEM NT computer, we completely access the data
from the XP machine as if it's a separate folder.
Neither are simple solutions but both are really workable.
Hope that makes sense and helps!
De
Delilah F. Wood
Botanist
USDA ARS WRRC
800 Buchanan Street
Albany, CA 94710
Tel: 510-559-5653
Email: de.wood_at_ars.usda.gov
-----Original Message-----
From: ealexwaters_at_gmail.com [mailto:ealexwaters_at_gmail.com] On Behalf Of
Alex Waters
Sent: Wednesday, July 06, 2011 1:02 PM
To: ammrl_at_ammrl.org
Subject: AMMRL: Network security practices
AMMRL,
I work in a small animal imaging facility with two Bruker MRI systems
that are operated by workstations running Red Hat Enterprise Linux 4.
The MRIs do not have an option of running Windows workstations.
Because ParaVision (which runs on top of TopSpin) is very fragile,
Bruker will not permit us to install any system updates. Naturally,
one of our workstations was hacked and used to send out spam. The IT
department was unimpressed and shut off our ethernet port. After a
lot of time fixing the network settings, the scanner is operational
again, but completely offline. Our second workstation is similarly
vulnerable. I got a few suggestions from our NMR colleagues, but
would appreciate your input as well.
Questions:
1) What strategies do you use to prevent this sort of thing from
happening, but still enable users to access data?
Keep workstations on the network and lock down as many ports as
possible? Does anybody know which ports/services must remain open
(such as flexlm and the CORBA naming service) and which can be closed?
Hide them behind a router/gateway computer? How does your IT
department feel about that? (Routers are banned here, but we could
maybe argue for a special exemption).
2) What steps do we need to take to fix the compromised workstation so
we can get our port back? IT said (in so many words) that they'd
prefer we just incinerate it. Are we going to have to wipe the disk
and reinstall everything?... : (
While I do not fear linux and know how to use google, I have no
sysadmin/networking background and no IT support, so detail is muchly
appreciated. Security has been discussed in the past on this forum,
but not in the last several years, so I am hoping for an updated
conversation.
Thank you very much!
Alex Waters
Received on Thu Jul 07 2011 - 08:21:30 MST