USGS tests net defense

USGS tests net defense

Late last year, computer specialist Tom Kress noticed unusual activity on a server at the Geological Survey's Geologic Division in Reston, Va.

It appeared to be internal activity, and there was no obvious security violation, but 'it got me thinking,' Kress said.
He began looking at ways to lock down application and print servers in a 30-day evaluation of ServerLock from WatchGuard Technologies Inc. of Seattle.

'I tried it, and it seemed to do what I wanted,' Kress said. 'Nothing is 100 percent secure. What we're trying to do is increase security. This is another piece of the puzzle.'

ServerLock locks down the operating system kernel and file system on servers running Microsoft Windows NT, Windows 2000 or Sun Solaris. That makes administrative changes impossible and prevents rogue programs from running.

When an administrator needs access to the server, a kernel-based public-key infrastructure supplies strong authentication to ensure that only the administrator can make changes.

ServerLock works against internal as well as external attacks because the software is installed on each machine being protected. Hacking for administrative privileges or hacking from inside will not work when the OS is locked down.

The software can be managed locally on each server or centrally using ServerLock Manager. USGS has the central management module, which uses 239-bit elliptic-curve cryptography to secure communications.

Kress said his network has several thousand clients running Windows, Mac OS, Unix and Linux operating systems. But he is not in charge of numerous servers, so he has time to devote to security.

Firewalls and demilitarized zones separate the network's perimeter defenses from the Internet. Kress also pays close attention to how his servers are configured.

Configuration is time-consuming, he said, but can be as important as any security hardware or software.

'You turn off services you don't need,' he said. 'You have to find the time, and it's up to you to sit down and start closing all the windows.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected