Slashdot Mirror

← Back to Stories (view on slashdot.org)

Behind the Scenes at MIT's Network

Posted by Zonk on from the mighty-interesting-technology dept.

BobB writes "MIT's head of computer networks and security gives an inside look at how the techie school is fending off hackers, cranking up its network to handle voice over IP and become a fiber network operator to link to other research institutions. From the article: 'Q - How do you actually enforce security standards among MIT's departments and network users? A - Enforce is not a word you can use at MIT. We try to entice people to do the right thing. We've made a lot of progress. We've removed the financial incentive to run your own network, which used to be cheaper than having us do it. We've been a cost-recovery network since forever now though. At many universities the network is free and they just fund it out of operating costs.'"

9 of 118 comments (clear)

  1. Re:MIT on wireless security by rucs_hack · · Score: 2, Interesting

    Wireless on a whole campus? Wow. Is that standard in the US?
    At my uni we have wireless within the CS dept only, and that only within a small part of the building. It's monumentally shit.

  2. Re:MIT on wireless security by Marxist+Hacker+42 · · Score: 3, Interesting

    It's becoming standard. Heck, my CITY is going wireless, and this article says the building I work in will be covered by MetroFi in the next 4 months.

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  3. Re:Public IPs by Zackbass · · Score: 4, Interesting

    All computers on that use DHCP need registered MACs, if you've got a static IP there's no need at least as far as my experience has been.

    IST does a damn fine job, the stakes on having the network running smoothly are quite high and they get it done, but more importantly is the amount of freedom they allow. We've got the most heterogeneous environment I can think of with hundreds of Course 6ers looking for new ways to bend the network and Course 15s finding new ways to try to break it. There's everything from half broken 486s to Playstation 3s running SVN repositories to completely custom embedded devices sitting all over the network (not that they support these devices) running like a well oiled machine.

    --
    You gotta find first gear in your giant robot car
  4. Disappointed... by __aaclcg7560 · · Score: 2, Interesting

    I really hate articles that describes all these great networks and server rooms but don't have any pictures of the hardware. It's not like someone is going to search a picture to find an unsecured air vent in the ceiling so they can drop down among the laser sensors to hack into the computer.

  5. Re:Public IPs by curlynoodle · · Score: 2, Interesting

    Penn State issued a public IP for every machine connected to their network. It still may be so. Before Napster came down, I hosted my music collection, amongst other things, on the Internet via FTP.

    In my time there, they did not, however, actively monitor systems for viruses and malware. I often received spam from student PCs attempting to spread viruses via attachments. Many lab systems suffered from various malware, although that improved in my last year after they switched to a pseudo-thin client setup.

    Today, I see such IP allocations as wasteful. The worst is a power utility which I worked for a few years back. They have (had) a direct allocation (can not recall the exact size), which they used of course for business purposes. However, they also assigned public IPs to devices never exposed to the Internet, i.e PLC controllers and process control computers. Most unfortunate IMHO.

  6. Re:MIT on wireless security by Overzeetop · · Score: 3, Interesting

    Not quite "everywhere", but Virginia Tech has it in most places on campus (~30k students over a pretty big area). It's pretty fast, even in well-populated areas. Interestingly, the hardwired, general access 10bT ports are no faster than the wireless, as I found out one day when I figured I might get a speed boost while d/l a new knoppix image off a (known) very fast server. Still peaked at 3Mb - really no better than my DSL at the office. Go figure.

    --
    Is it just my observation, or are there way too many stupid people in the world?
  7. Re:It happens, but not "standard." by Jjeff1 · · Score: 2, Interesting

    MIT has deployed wireless all over the place. I go there once a year for the MIT Mystery Hunt. I was amazed last year as part of the hunt took us into a boiler room deep inside the basement of some building. The boiler room was a maze of pipes and of questionable safety, but screwed to the wall was a WAP; in the boiler room.

  8. Hooray for Public IPs by ejtttje · · Score: 2, Interesting
    Giving a windows machine a public ip address is a death sentence isn't it? If not now eventually? What keeps a fresh install of windows from getting blasterized the second you hook it up to download updates? (assuming not everyone has a nice copy of sp2 with their windows xp)
    Hahahah, ahhhh, thanks for once again reminding me why it's so nice to run a machine that *isn't* windows.
    Our school also gives public IP address to all our machines. It's so nice to be able to directly ssh/scp/sftp to your lab machine from home -- no tunnels, no firewalls, no VPN. Just you and your encrypted password. And then we go to some other institution and wonder why they take forever to load a web page -- and discover all the traffic for the entire network is being funneled through some machine which is trying desperately to NAT the entire campus's network. Siiiigh.

    Yes I'm spoiled. It's good to be at a university that doesn't need to baby its users. If you run Windows and it's not up to date, it's kicked off the network until you patch it. Don't like that? Then run your *own* firewall, or switch to a system that doesn't leak like a sieve. Don't expect to ruin it for the rest of us because *you* choose to run insecure software.
  9. Re:MIT on wireless security by Stevecrox · · Score: 2, Interesting

    I thought MIT was the big tech University, at my Uni (University of Plymouth (UK)) we've had a wireless network that covers the ENTIRE campus, its powerfull enough that you can actually still pick it up in the city centre (I keep meaning to investigate that because I can pick it up a quater of a mile away and that sure as hell breaks the 802.11g spec.)

    Plymouth University isn't small (about 30000 students enroled) because of the cost of notes the IT department modifed MS Exchange and started putting all lecture material online. Plymouth University also has 6 smaller campuses all of which can access this network (wirelessly on their campuses) there was a major network failure for the first time recently (A recently bought batch of Hard Drives failed badly in the SAN taking most of it out two days before the christmas break, by the end of the next day most of the network was working bar personal account space and personal email) by the new year (a week and a half after the failure) the full list of services were running as far as I've been able to make out only emails sent the night of the failure were lost (it happened at 7PM.) Since all external connections go through the Uni's VPN its also pretty secure.

    Now this is for a university which is primarily a humanties university, why is a technology university only now looking at providing wireless access for laptops and PDA's when some have been doing it for five years? Why has a Tech University only recently got any good at doing things others have been doing well for years? I think thats the real question in my mind