Fermilab Computing Sector
Search

sidemenu
Security Home Page
Open an IR Ticket
IR Rotation
ALERTS
Policy Guidelines
Technical Info
Support and Services
Certificates
Meetings and Events
Contacts
GPG/PGP Keys
Restricted Access

Computing Checklist for Connecting to a Fermilab Operated Network or Resource

The checklist below is to serve as a guide as what is expected of a user and their computers before connecting to any Fermilab operated network.

 

Have you read the Fermilab Policy on Computing?
       Fermilab Policy on Computing

Are you familiar with the Fermilab Privacy Notice?
        http://www.fnal.gov/pub/disclaim.html

OS patched with all the latest patches
        - Windows Update
        - RedHat Network
        - Apple Security Downloads
        - Linux YUM

Unneeded services disabled (Web Server/FTP/SSH/Telnet/SQL/others)
        - netstat -an
        - Windows Services
        - /etc/inetd.conf
        - /etc/xinetd.d/
        - /etc/init.d/

 Are all of your ac counts protected by distinct strong secure passwords that are not written down or shared with others?
        http://computing.fnal.gov/docs/strongauth/princ_pw.html#45589

Required inbound service s only accept Kerberos authentication
       

Login banner displayed either electronically or via a sticker on the component
        System Logon Banners

Do you know exactly who is responsible for system administration of the machine on your desktop, an d in particular for installing new security patches and maintaining a secure configuration? (This could be yourself.)
       
Has that local system administrator (perhaps yourself) registered your machine and his/her identity in the lab's computing equipment database (so that he/she can b e quickly notified of urgent computer security issues concerning your machine)?
        http://appora.fnal.gov/pls/default/node_registration.html

When your desktop machin e is left on in an unsecured area (such as an unlocked office) is it protecte d with a password-based screen saver (and physically secured as well)?

Do you know how to repo rt a suspected computer security incident?
        http://security.fnal.gov/reporting.html

Virus protection softwar e running with up to date virus signatures (Windows PC's)

Do you exercise extreme care in dealing with email, in particular almost never opening attachments un less you are absolutely certain of their origin?
        http://security.fnal.gov/UserGuide/mail_att.htm

Do you exercise extreme care in browsing the web, in particular using safer and patched browsers , turning off ActiveX, and being cautious in clicking on new links?
 

For assistance contact helpdesk@fnal.gov.
Information compiled and maintained by Computer Security Team ; last modified by TR on July 13, 2006.
(Address comments about page to the Computer Security Team.)