From michael.bell at stanford.edu Thu Dec 2 09:31:12 2004 From: michael.bell at stanford.edu (Michael Bell) Date: Thu, 2 Dec 2004 09:31:12 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine Message-ID: Mary and Dick, I wasn't sure who was responsible for setting the passwords on these two pieces of equipment, but it appears as though these are general passwords that are well known and used by a number of people. It would probably make sense to change both the user "USER" and the password before redistributing the information. There is a link below that talks about making good passwords. Regards, Mike -----Original Message----- From: Information Security [mailto:security at stanford.edu] Sent: Wednesday, December 01, 2004 6:39 PM To: michael.bell at stanford.edu Subject: SECURITY NOTICE: insecure passwords on your machine Dear michael.bell at stanford.edu, The Stanford campus has been experiencing a series of attacks by viruses that take advantage of computer accounts with weak passwords. Below is a list of Windows computers that have been found to have one or more accounts with blank or easily guessed passwords. You are listed as an administrative contact for these machines (or at least the most recent person to have been associated with them). IP Address Machine Name Vulnerable Accounts ============== =========================== ================================== 171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' 171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password 'stanford' To protect your computers and those around you, it is very important that you set good passwords for *all* the accounts on these machines (the list provided is not guaranteed to be complete). For more information on setting good quality passwords, see: http://security.stanford.edu/passwords Setting a good password before a break-in takes only a few seconds. Rebuilding a system after a break-in can take hours, and your lost data may not be recoverable at all. A small preventive effort will significantly lower the possiblity that your machine will be compromised and will greatly improve the security of the entire Stanford network. Thank you for helping to secure Stanford's computing environment. Sincerely, David Hoffman Information Security From rcrane at snf.stanford.edu Thu Dec 2 14:00:18 2004 From: rcrane at snf.stanford.edu (Dick Crane) Date: Thu, 02 Dec 2004 14:00:18 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine References: Message-ID: <41AF9072.D14EACB5@snf.stanford.edu> Mike, I'll have them changed tomorrow. Dick Michael Bell wrote: > Mary and Dick, > > I wasn't sure who was responsible for setting the passwords on these two > pieces of equipment, but it appears as though these are general passwords > that are well known and used by a number of people. It would probably make > sense to change both the user "USER" and the password before redistributing > the information. There is a link below that talks about making good > passwords. > > Regards, > > Mike > > -----Original Message----- > From: Information Security [mailto:security at stanford.edu] > Sent: Wednesday, December 01, 2004 6:39 PM > To: michael.bell at stanford.edu > Subject: SECURITY NOTICE: insecure passwords on your machine > > Dear michael.bell at stanford.edu, > > The Stanford campus has been experiencing a series of attacks by viruses > that take advantage of computer accounts with weak passwords. Below is > a list of Windows computers that have been found to have one or more > accounts with blank or easily guessed passwords. You are listed as an > administrative contact for these machines (or at least the most recent > person to have been associated with them). > > IP Address Machine Name Vulnerable Accounts > ============== =========================== > ================================== > 171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' > 171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password > 'stanford' > > To protect your computers and those around you, it is very important > that you set good passwords for *all* the accounts on these machines (the > list provided is not guaranteed to be complete). For more information on > setting good quality passwords, see: > > http://security.stanford.edu/passwords > > Setting a good password before a break-in takes only a few seconds. > Rebuilding a system after a break-in can take hours, and your lost > data may not be recoverable at all. A small preventive effort will > significantly lower the possiblity that your machine will be compromised > and will greatly improve the security of the entire Stanford network. > > Thank you for helping to secure Stanford's computing environment. > > Sincerely, > David Hoffman > Information Security From mtang at snf.stanford.edu Mon Dec 6 06:59:33 2004 From: mtang at snf.stanford.edu (Mary Tang) Date: Mon, 06 Dec 2004 06:59:33 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine In-Reply-To: <41AF9072.D14EACB5@snf.stanford.edu> References: <41AF9072.D14EACB5@snf.stanford.edu> Message-ID: <41B473D5.6070808@snf.stanford.edu> Hi all -- Although I know little about these machines, it seems to me that they have "bad" passwords because they are general-use machines -- they were set up so that anyone who takes a picture on the SEM or the microscope can upload their data on the network. However, the network security concerns are serious. We have this problem (or may have) on other systems in the lab as well. It seems to me that we have a couple of ways to approach this: 1. Choose better account names and passwords and post these at the station. This is presuming that the security problem is from "outside" rather than "inside" the lab. 2. Take the systems off the network. We should then upgrade these systems to accomodate USB keys or other the media of choice. (This is what we did for the CAD PC's.) Any other suggestions? Mary Dick Crane wrote: >Mike, > >I'll have them changed tomorrow. > >Dick > >Michael Bell wrote: > > > >>Mary and Dick, >> >>I wasn't sure who was responsible for setting the passwords on these two >>pieces of equipment, but it appears as though these are general passwords >>that are well known and used by a number of people. It would probably make >>sense to change both the user "USER" and the password before redistributing >>the information. There is a link below that talks about making good >>passwords. >> >>Regards, >> >>Mike >> >>-----Original Message----- >>From: Information Security [mailto:security at stanford.edu] >>Sent: Wednesday, December 01, 2004 6:39 PM >>To: michael.bell at stanford.edu >>Subject: SECURITY NOTICE: insecure passwords on your machine >> >>Dear michael.bell at stanford.edu, >> >>The Stanford campus has been experiencing a series of attacks by viruses >>that take advantage of computer accounts with weak passwords. Below is >>a list of Windows computers that have been found to have one or more >>accounts with blank or easily guessed passwords. You are listed as an >>administrative contact for these machines (or at least the most recent >>person to have been associated with them). >> >>IP Address Machine Name Vulnerable Accounts >>============== =========================== >>================================== >>171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' >>171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password >>'stanford' >> >>To protect your computers and those around you, it is very important >>that you set good passwords for *all* the accounts on these machines (the >>list provided is not guaranteed to be complete). For more information on >>setting good quality passwords, see: >> >>http://security.stanford.edu/passwords >> >>Setting a good password before a break-in takes only a few seconds. >>Rebuilding a system after a break-in can take hours, and your lost >>data may not be recoverable at all. A small preventive effort will >>significantly lower the possiblity that your machine will be compromised >>and will greatly improve the security of the entire Stanford network. >> >>Thank you for helping to secure Stanford's computing environment. >> >>Sincerely, >>David Hoffman >>Information Security >> >> -- Mary X. Tang, Ph.D. Stanford Nanofabrication Facility CIS Room 136, Mail Code 4070 Stanford, CA 94305 (650)723-9980 mtang at stanford.edu http://snf.stanford.edu From rcrane at snf.stanford.edu Mon Dec 6 07:21:05 2004 From: rcrane at snf.stanford.edu (Dick Crane) Date: Mon, 06 Dec 2004 07:21:05 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine References: <41AF9072.D14EACB5@snf.stanford.edu> <41B473D5.6070808@snf.stanford.edu> Message-ID: <41B478E1.E7AE1AB3@snf.stanford.edu> Hi Mary, We choose option 1 last week with the active participation of Paul J. and Mike D. The new passwords are posted at the tool or in the tool's logbook. Dick Mary Tang wrote: > Hi all -- > > Although I know little about these machines, it seems to me that they > have "bad" passwords because they are general-use machines -- they were > set up so that anyone who takes a picture on the SEM or the microscope > can upload their data on the network. However, the network security > concerns are serious. We have this problem (or may have) on other > systems in the lab as well. It seems to me that we have a couple of > ways to approach this: > > 1. Choose better account names and passwords and post these at the > station. This is presuming that the security problem is from "outside" > rather than "inside" the lab. > 2. Take the systems off the network. We should then upgrade these > systems to accomodate USB keys or other the media of choice. (This is > what we did for the CAD PC's.) > > Any other suggestions? > > Mary > > Dick Crane wrote: > > >Mike, > > > >I'll have them changed tomorrow. > > > >Dick > > > >Michael Bell wrote: > > > > > > > >>Mary and Dick, > >> > >>I wasn't sure who was responsible for setting the passwords on these two > >>pieces of equipment, but it appears as though these are general passwords > >>that are well known and used by a number of people. It would probably make > >>sense to change both the user "USER" and the password before redistributing > >>the information. There is a link below that talks about making good > >>passwords. > >> > >>Regards, > >> > >>Mike > >> > >>-----Original Message----- > >>From: Information Security [mailto:security at stanford.edu] > >>Sent: Wednesday, December 01, 2004 6:39 PM > >>To: michael.bell at stanford.edu > >>Subject: SECURITY NOTICE: insecure passwords on your machine > >> > >>Dear michael.bell at stanford.edu, > >> > >>The Stanford campus has been experiencing a series of attacks by viruses > >>that take advantage of computer accounts with weak passwords. Below is > >>a list of Windows computers that have been found to have one or more > >>accounts with blank or easily guessed passwords. You are listed as an > >>administrative contact for these machines (or at least the most recent > >>person to have been associated with them). > >> > >>IP Address Machine Name Vulnerable Accounts > >>============== =========================== > >>================================== > >>171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' > >>171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password > >>'stanford' > >> > >>To protect your computers and those around you, it is very important > >>that you set good passwords for *all* the accounts on these machines (the > >>list provided is not guaranteed to be complete). For more information on > >>setting good quality passwords, see: > >> > >>http://security.stanford.edu/passwords > >> > >>Setting a good password before a break-in takes only a few seconds. > >>Rebuilding a system after a break-in can take hours, and your lost > >>data may not be recoverable at all. A small preventive effort will > >>significantly lower the possiblity that your machine will be compromised > >>and will greatly improve the security of the entire Stanford network. > >> > >>Thank you for helping to secure Stanford's computing environment. > >> > >>Sincerely, > >>David Hoffman > >>Information Security > >> > >> > > -- > Mary X. Tang, Ph.D. > Stanford Nanofabrication Facility > CIS Room 136, Mail Code 4070 > Stanford, CA 94305 > (650)723-9980 > mtang at stanford.edu > http://snf.stanford.edu From shott at snf.stanford.edu Mon Dec 6 08:10:58 2004 From: shott at snf.stanford.edu (John Shott) Date: Mon, 06 Dec 2004 08:10:58 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine In-Reply-To: <41B473D5.6070808@snf.stanford.edu> References: <41AF9072.D14EACB5@snf.stanford.edu> <41B473D5.6070808@snf.stanford.edu> Message-ID: <41B48492.9080304@snf.stanford.edu> Mary et al: One other thing that we can do on many machines (although maybe not on these) is to put them on the Stanford "shadow" network so that they are inaccessible/invisible to people outside of Stanford. In this case, I believe that these two machines are the ones that Mike Deal uses for remote visibility of the Hitachi S-800 and the CNRI Microscope. So, at some level, they each need broader accessibility than just on campus. However, I don't know enough of the details to know exactly what ports they use and exactly what needs to be visible to the outside world. I suspect that Mike Deal and Mike Bell can provide us with more detail as to what services they need outside the campus and then we should try to lock down everything else. What OS runs on these machines? Thanks, John Mary Tang wrote: > Hi all -- > > Although I know little about these machines, it seems to me that they > have "bad" passwords because they are general-use machines -- they > were set up so that anyone who takes a picture on the SEM or the > microscope can upload their data on the network. However, the network > security concerns are serious. We have this problem (or may have) on > other systems in the lab as well. It seems to me that we have a > couple of ways to approach this: > > 1. Choose better account names and passwords and post these at the > station. This is presuming that the security problem is from > "outside" rather than "inside" the lab. > 2. Take the systems off the network. We should then upgrade these > systems to accomodate USB keys or other the media of choice. (This is > what we did for the CAD PC's.) > > Any other suggestions? > > Mary > > Dick Crane wrote: > >> Mike, >> >> I'll have them changed tomorrow. >> >> Dick >> >> Michael Bell wrote: >> >> >> >>> Mary and Dick, >>> >>> I wasn't sure who was responsible for setting the passwords on these >>> two >>> pieces of equipment, but it appears as though these are general >>> passwords >>> that are well known and used by a number of people. It would >>> probably make >>> sense to change both the user "USER" and the password before >>> redistributing >>> the information. There is a link below that talks about making good >>> passwords. >>> >>> Regards, >>> >>> Mike >>> >>> -----Original Message----- >>> From: Information Security [mailto:security at stanford.edu] >>> Sent: Wednesday, December 01, 2004 6:39 PM >>> To: michael.bell at stanford.edu >>> Subject: SECURITY NOTICE: insecure passwords on your machine >>> >>> Dear michael.bell at stanford.edu, >>> >>> The Stanford campus has been experiencing a series of attacks by >>> viruses >>> that take advantage of computer accounts with weak passwords. Below is >>> a list of Windows computers that have been found to have one or more >>> accounts with blank or easily guessed passwords. You are listed as an >>> administrative contact for these machines (or at least the most recent >>> person to have been associated with them). >>> >>> IP Address Machine Name Vulnerable Accounts >>> ============== =========================== >>> ================================== >>> 171.64.100.35 snf-sem.Stanford.EDU User 'USER' has >>> password 'snf' >>> 171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password >>> 'stanford' >>> >>> To protect your computers and those around you, it is very important >>> that you set good passwords for *all* the accounts on these machines >>> (the >>> list provided is not guaranteed to be complete). For more >>> information on >>> setting good quality passwords, see: >>> >>> http://security.stanford.edu/passwords >>> >>> Setting a good password before a break-in takes only a few seconds. >>> Rebuilding a system after a break-in can take hours, and your lost >>> data may not be recoverable at all. A small preventive effort will >>> significantly lower the possiblity that your machine will be >>> compromised >>> and will greatly improve the security of the entire Stanford network. >>> >>> Thank you for helping to secure Stanford's computing environment. >>> >>> Sincerely, >>> David Hoffman >>> Information Security >>> >> > > From mdeal at stanford.edu Mon Dec 6 08:17:54 2004 From: mdeal at stanford.edu (Michael Deal) Date: Mon, 06 Dec 2004 08:17:54 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine In-Reply-To: <41B48492.9080304@snf.stanford.edu> References: <41AF9072.D14EACB5@snf.stanford.edu> <41B473D5.6070808@snf.stanford.edu> <41B48492.9080304@snf.stanford.edu> Message-ID: <6.1.1.1.2.20041206081628.01e9db20@mdeal.pobox.stanford.edu> Ted told me of this issue last week and we changed the passwords to acceptable ones. We posted the new passwords at the machines on the instruction sheets. -mike At 08:10 AM 12/6/2004, John Shott wrote: >Mary et al: > >One other thing that we can do on many machines (although maybe not on >these) is to put them on the Stanford "shadow" network so that they are >inaccessible/invisible to people outside of Stanford. > >In this case, I believe that these two machines are the ones that Mike >Deal uses for remote visibility of the Hitachi S-800 and the CNRI >Microscope. So, at some level, they each need broader accessibility than >just on campus. However, I don't know enough of the details to know >exactly what ports they use and exactly what needs to be visible to the >outside world. I suspect that Mike Deal and Mike Bell can provide us with >more detail as to what services they need outside the campus and then we >should try to lock down everything else. > >What OS runs on these machines? > >Thanks, > >John > > >Mary Tang wrote: > >>Hi all -- >> >>Although I know little about these machines, it seems to me that they >>have "bad" passwords because they are general-use machines -- they were >>set up so that anyone who takes a picture on the SEM or the microscope >>can upload their data on the network. However, the network security >>concerns are serious. We have this problem (or may have) on other >>systems in the lab as well. It seems to me that we have a couple of ways >>to approach this: >> >>1. Choose better account names and passwords and post these at the >>station. This is presuming that the security problem is from "outside" >>rather than "inside" the lab. >>2. Take the systems off the network. We should then upgrade these >>systems to accomodate USB keys or other the media of choice. (This is >>what we did for the CAD PC's.) >> >>Any other suggestions? >> >>Mary >> >>Dick Crane wrote: >> >>>Mike, >>> >>>I'll have them changed tomorrow. >>> >>>Dick >>> >>>Michael Bell wrote: >>> >>> >>> >>>>Mary and Dick, >>>> >>>>I wasn't sure who was responsible for setting the passwords on these two >>>>pieces of equipment, but it appears as though these are general passwords >>>>that are well known and used by a number of people. It would probably make >>>>sense to change both the user "USER" and the password before redistributing >>>>the information. There is a link below that talks about making good >>>>passwords. >>>> >>>>Regards, >>>> >>>>Mike >>>> >>>>-----Original Message----- >>>>From: Information Security [mailto:security at stanford.edu] >>>>Sent: Wednesday, December 01, 2004 6:39 PM >>>>To: michael.bell at stanford.edu >>>>Subject: SECURITY NOTICE: insecure passwords on your machine >>>> >>>>Dear michael.bell at stanford.edu, >>>> >>>>The Stanford campus has been experiencing a series of attacks by viruses >>>>that take advantage of computer accounts with weak passwords. Below is >>>>a list of Windows computers that have been found to have one or more >>>>accounts with blank or easily guessed passwords. You are listed as an >>>>administrative contact for these machines (or at least the most recent >>>>person to have been associated with them). >>>> >>>>IP Address Machine Name Vulnerable Accounts >>>>============== =========================== >>>>================================== >>>>171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' >>>>171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password >>>>'stanford' >>>> >>>>To protect your computers and those around you, it is very important >>>>that you set good passwords for *all* the accounts on these machines (the >>>>list provided is not guaranteed to be complete). For more information on >>>>setting good quality passwords, see: >>>> >>>>http://security.stanford.edu/passwords >>>> >>>>Setting a good password before a break-in takes only a few seconds. >>>>Rebuilding a system after a break-in can take hours, and your lost >>>>data may not be recoverable at all. A small preventive effort will >>>>significantly lower the possiblity that your machine will be compromised >>>>and will greatly improve the security of the entire Stanford network. >>>> >>>>Thank you for helping to secure Stanford's computing environment. >>>> >>>>Sincerely, >>>>David Hoffman >>>>Information Security >>>> >> > From mdeal at stanford.edu Mon Dec 6 08:23:53 2004 From: mdeal at stanford.edu (Michael Deal) Date: Mon, 06 Dec 2004 08:23:53 -0800 Subject: FW: SECURITY NOTICE: insecure passwords on your machine In-Reply-To: <41B48492.9080304@snf.stanford.edu> References: <41AF9072.D14EACB5@snf.stanford.edu> <41B473D5.6070808@snf.stanford.edu> <41B48492.9080304@snf.stanford.edu> Message-ID: <6.1.1.1.2.20041206081931.01ec2e08@mdeal.pobox.stanford.edu> To give you more info on these computers: They are used to download still images for the Hitachi 4160 SEM (not the S-800) and the SNF optical microscope (not the CNRI microscope). They are also used for remote access, using the Ivista webcasting software. We supply the password to local users in case the computer needs to be rebooted. We do not supply the password to remote users (they only view the webcasted video images through our webpages). I believe they both run on Windows 2000. -mike At 08:10 AM 12/6/2004, John Shott wrote: >Mary et al: > >One other thing that we can do on many machines (although maybe not on >these) is to put them on the Stanford "shadow" network so that they are >inaccessible/invisible to people outside of Stanford. > >In this case, I believe that these two machines are the ones that Mike >Deal uses for remote visibility of the Hitachi S-800 and the CNRI >Microscope. So, at some level, they each need broader accessibility than >just on campus. However, I don't know enough of the details to know >exactly what ports they use and exactly what needs to be visible to the >outside world. I suspect that Mike Deal and Mike Bell can provide us with >more detail as to what services they need outside the campus and then we >should try to lock down everything else. > >What OS runs on these machines? > >Thanks, > >John > > >Mary Tang wrote: > >>Hi all -- >> >>Although I know little about these machines, it seems to me that they >>have "bad" passwords because they are general-use machines -- they were >>set up so that anyone who takes a picture on the SEM or the microscope >>can upload their data on the network. However, the network security >>concerns are serious. We have this problem (or may have) on other >>systems in the lab as well. It seems to me that we have a couple of ways >>to approach this: >> >>1. Choose better account names and passwords and post these at the >>station. This is presuming that the security problem is from "outside" >>rather than "inside" the lab. >>2. Take the systems off the network. We should then upgrade these >>systems to accomodate USB keys or other the media of choice. (This is >>what we did for the CAD PC's.) >> >>Any other suggestions? >> >>Mary >> >>Dick Crane wrote: >> >>>Mike, >>> >>>I'll have them changed tomorrow. >>> >>>Dick >>> >>>Michael Bell wrote: >>> >>> >>> >>>>Mary and Dick, >>>> >>>>I wasn't sure who was responsible for setting the passwords on these two >>>>pieces of equipment, but it appears as though these are general passwords >>>>that are well known and used by a number of people. It would probably make >>>>sense to change both the user "USER" and the password before redistributing >>>>the information. There is a link below that talks about making good >>>>passwords. >>>> >>>>Regards, >>>> >>>>Mike >>>> >>>>-----Original Message----- >>>>From: Information Security [mailto:security at stanford.edu] >>>>Sent: Wednesday, December 01, 2004 6:39 PM >>>>To: michael.bell at stanford.edu >>>>Subject: SECURITY NOTICE: insecure passwords on your machine >>>> >>>>Dear michael.bell at stanford.edu, >>>> >>>>The Stanford campus has been experiencing a series of attacks by viruses >>>>that take advantage of computer accounts with weak passwords. Below is >>>>a list of Windows computers that have been found to have one or more >>>>accounts with blank or easily guessed passwords. You are listed as an >>>>administrative contact for these machines (or at least the most recent >>>>person to have been associated with them). >>>> >>>>IP Address Machine Name Vulnerable Accounts >>>>============== =========================== >>>>================================== >>>>171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' >>>>171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password >>>>'stanford' >>>> >>>>To protect your computers and those around you, it is very important >>>>that you set good passwords for *all* the accounts on these machines (the >>>>list provided is not guaranteed to be complete). For more information on >>>>setting good quality passwords, see: >>>> >>>>http://security.stanford.edu/passwords >>>> >>>>Setting a good password before a break-in takes only a few seconds. >>>>Rebuilding a system after a break-in can take hours, and your lost >>>>data may not be recoverable at all. A small preventive effort will >>>>significantly lower the possiblity that your machine will be compromised >>>>and will greatly improve the security of the entire Stanford network. >>>> >>>>Thank you for helping to secure Stanford's computing environment. >>>> >>>>Sincerely, >>>>David Hoffman >>>>Information Security >>>> >> > From bmurray at snf.stanford.edu Mon Dec 6 08:26:43 2004 From: bmurray at snf.stanford.edu (Bill Murray) Date: Mon, 6 Dec 2004 08:26:43 -0800 (PST) Subject: FW: SECURITY NOTICE: insecure passwords on your machine In-Reply-To: <41B478E1.E7AE1AB3@snf.stanford.edu> Message-ID: Guys, Here's my two cents. It is never acceptable to post passwords even in a a locked-down facility with security guards. The only secure option is to remove the machines from the network or assign login names and passwords using a secure mechanism. Bill On Mon, 6 Dec 2004, Dick Crane wrote: > Hi Mary, > > We choose option 1 last week with the active participation of Paul J. and Mike D. > The new passwords are posted at the tool or in the tool's logbook. > > Dick > > Mary Tang wrote: > > > Hi all -- > > > > Although I know little about these machines, it seems to me that they > > have "bad" passwords because they are general-use machines -- they were > > set up so that anyone who takes a picture on the SEM or the microscope > > can upload their data on the network. However, the network security > > concerns are serious. We have this problem (or may have) on other > > systems in the lab as well. It seems to me that we have a couple of > > ways to approach this: > > > > 1. Choose better account names and passwords and post these at the > > station. This is presuming that the security problem is from "outside" > > rather than "inside" the lab. > > 2. Take the systems off the network. We should then upgrade these > > systems to accomodate USB keys or other the media of choice. (This is > > what we did for the CAD PC's.) > > > > Any other suggestions? > > > > Mary > > > > Dick Crane wrote: > > > > >Mike, > > > > > >I'll have them changed tomorrow. > > > > > >Dick > > > > > >Michael Bell wrote: > > > > > > > > > > > >>Mary and Dick, > > >> > > >>I wasn't sure who was responsible for setting the passwords on these two > > >>pieces of equipment, but it appears as though these are general passwords > > >>that are well known and used by a number of people. It would probably make > > >>sense to change both the user "USER" and the password before redistributing > > >>the information. There is a link below that talks about making good > > >>passwords. > > >> > > >>Regards, > > >> > > >>Mike > > >> > > >>-----Original Message----- > > >>From: Information Security [mailto:security at stanford.edu] > > >>Sent: Wednesday, December 01, 2004 6:39 PM > > >>To: michael.bell at stanford.edu > > >>Subject: SECURITY NOTICE: insecure passwords on your machine > > >> > > >>Dear michael.bell at stanford.edu, > > >> > > >>The Stanford campus has been experiencing a series of attacks by viruses > > >>that take advantage of computer accounts with weak passwords. Below is > > >>a list of Windows computers that have been found to have one or more > > >>accounts with blank or easily guessed passwords. You are listed as an > > >>administrative contact for these machines (or at least the most recent > > >>person to have been associated with them). > > >> > > >>IP Address Machine Name Vulnerable Accounts > > >>============== =========================== > > >>================================== > > >>171.64.100.35 snf-sem.Stanford.EDU User 'USER' has password 'snf' > > >>171.64.101.112 snf-microscope.Stanford.EDU User 'USER' has password > > >>'stanford' > > >> > > >>To protect your computers and those around you, it is very important > > >>that you set good passwords for *all* the accounts on these machines (the > > >>list provided is not guaranteed to be complete). For more information on > > >>setting good quality passwords, see: > > >> > > >>http://security.stanford.edu/passwords > > >> > > >>Setting a good password before a break-in takes only a few seconds. > > >>Rebuilding a system after a break-in can take hours, and your lost > > >>data may not be recoverable at all. A small preventive effort will > > >>significantly lower the possiblity that your machine will be compromised > > >>and will greatly improve the security of the entire Stanford network. > > >> > > >>Thank you for helping to secure Stanford's computing environment. > > >> > > >>Sincerely, > > >>David Hoffman > > >>Information Security > > >> > > >> > > > > -- > > Mary X. Tang, Ph.D. > > Stanford Nanofabrication Facility > > CIS Room 136, Mail Code 4070 > > Stanford, CA 94305 > > (650)723-9980 > > mtang at stanford.edu > > http://snf.stanford.edu >