CIS Computing Guide
In 1988, a college student--the infamous “RTM”--wrote a self-replicating computer program. The program quickly spread across the country quicker than had ever been seen before, bringing powerful mainframe computing resources at universities, scientific research labs, and military installations across the country to a grinding halt. Since then, the title of “fastest spreading” or “most damaging” virus or worm has shifted several times, but the threat of damage persists.
The Internet was built on trust and a spirit of collaboration. It was a friendly, relatively open network centered on research, communication, and the sharing of information. Cold War politics, organized crime, and criminal mischief turned computer hacking into a high-stakes attack on this spirit of openness. A small community where front doors were seldom locked turned into a global digital metropolis where deadbolts became mandatory.
Today, YOU, as a user, are being given the keys to this community. It is a position of trust and responsibility. RIT has world-class computing resources connected to both the commercial Internet and a wide-area New York State computing grid.
Thousands of gigabytes of personal information, graduate theses, undergraduate projects, scientific research, course materials, financial records, and U.S. Government data reside on our networks.
ONE user can bring it all down. There are over 10,000 authorized users at RIT, and just one can put this data, the computers on which they reside, and the networks to which they are connected at risk of damage or destruction. Safe and secure computing is everyone’s responsibility.
This guide is a quick reference and summary of computing policies in the Center for Imaging Science.
This guide does not replace RIT’s computer usage guidelines
Types of Resources
This guide covers all computers that use CIS’ and RIT’s network. CIS-owned computers include shared and office machines.
Privately-owned computers must also comply as a condition of being allowed access to the network.
Safety and Security
Rules for Safer Computing:
• Each computer should only have one administrator account
• The pre-installed admin account should be disabled
• A new Admin account named cisadmin or dirsadmin should be used
• Use a limited-privilege* account for day-to-day activity
• Install software patches and OS updates as they become available
• Use anti-virus software with current definitions
• Use anti-spyware software
• Use firewall software. Most operating systems today come with a built-in firewall.
• Do not share account information (Username or password)
• Do not open unsolicited email attachments
*Limited-Privilege accounts are accounts that do not have access to make changes to the system.
One unfortunate person left his office door open while he visited a colleague one door down. He was there for only about 5 minutes, and he didn’t notice anyone enter his office. When he returned, his laptop had been stolen.
• Lock your office. If you are going to be out, lock the door
• Lock your workstation when you step away from it
• DO NOT write passwords down
• DO NOT prop open the doors to the computer labs
• DO NOT let strangers into the computer labs
Your password is the most important piece of information you own. You should not share your password with anyone.
Courteous Computer Use
Responsible and courteous sharing on your part benefits the center’s educational and research mission. Please follow these simple rules:
Monopolizing computers or CPU time
• DO NOT lock a shared computer and walk away for an extended period of time
• DO NOT store large quantities of data--either multi-gigabyte data or non-school related files like .mp3 files--in your UNIX home directory
o If you must, however, save it in ~/nobackup
• DO NOT run jobs on someone else’s office computer.
o You can try running the job in NICE mode, but if the owner complains your process will be killed – no questions asked.
• Learn which computers are open and shared for anyone’s use.
• Run batch jobs or long programs in NICE mode.
o Any DIRSIG job must be made NICE
o Large MODTRAN, IDL, etc. batch jobs should also be made NICE.
• Use CONDOR to run large batch jobs. It will automatically prioritize itself properly.
• Leave your office computer on overnight. The center’s backup software runs at night.
E-mail account guidance
• You are responsible for reading e-mail to both addresses
o E-mail is an official method of communication at RIT
o Campus-wide announcements are sent to the RIT address
o Center-wide announcements are sent to the CIS address
• CIS webmail is available at http://www.cis.rit.edu/webmail
• CIS e-mail server settings are as follows:
o smtp server (outgoing) is mail.cis.rit.edu
o imap server (incoming) is mail.cis.rit.edu
• If you have any questions e-mail email@example.com
Care and Use
• There is no food or drink allowed in the computer labs
• If you are discovered with food or drinks
Legal and acceptable use
Our computers should not be used for any illegal activities. Some types of activities are very high-visibility. In some cases, state and federal law requires RIT to report incidents to other agencies. The following activities may result in loss of computer account
• Download or distribute copyright material (songs, movies, games, or television shows. File sharing is illegal, and copyright owners have the legal right to assert their claims.
o RIT will bend over backwards to make sure your legal rights are being respected, but…
o RIT cannot (and will not) shield you from the law
• Online gambling
• Pyramid money-making scams
• Exploitation of minors
• Fraud or theft
• Hacking, cracking, or any other attempt to gain unauthorized access to a computer system or data
Violation of the standards listed here will result in your account being frozen temporarily.
Deactivating your account is not punitive. Rather, it limits the potential damage to the system until it is safe to reactivate your account.
This is very important. There are warnings when it comes to illegal activity. If you break the law you can expect to be subject to civil and/or criminal penalties. In addition, you risk suspension, expulsion, or dismissal from RIT.
Intentional policy violation
If you intentionally violate the RIT Computer Code of Conduct, you will be subject to the university’s disciplinary process.
RIT has a disciplinary process in place for students, and the penalties range from counseling and community service-type activities to suspension, expulsion, and fines.
STAFF and FACULTY:
Staff and faculty are responsible to the Director of the Center for Imaging Science for incidents involving willful misconduct.
The computer admin staff will handle the problem at the lowest level possible. The situation will be rectified, and the parties involved will be retrained so as to avoid repeating the mistake.
For example, if you accidentally infect your computer, have your password cracked, or facilitate a compromise, you will be instructed on preventing a recurrence of the problem.
If you discover or suspect one of the following:
• Virus, worm, or macro virus on any computer (personal or CIS)
• Spyware or adware on a CIS machine
• Unauthorized account access
• password was changed
• files were moved, changed, or deleted
• strange e-mails in your outbox
• an unusual number of files or files of unusual size
Take the following steps:
• Report the incident to the computer administration staff, both for CIS computer and personal computers.
o Jim Bodie
• Location: 76-2144
• Office: (585) 475-6160
o Brett Matzke
• Location: 76-2140
• Office: (585) 475-5977
• CIS computers
o Do not disconnect from the network
o Do not shut down
• Personal computer
o Disconnect from the network
o Attempt to clean the computer and/or determine the extent of the damage
Not Quite an Emergency
For other issues requiring assistance, you are always welcome to send an e-mail message to firstname.lastname@example.org
You are responsible for adhering to the RIT Computer Acceptable Use policy. Please read and review the document.
RIT Code of Conduct for Computer and Network Usehttp://www.rit.edu/computerconduct/
ITS, Information and Technology Services, provides several helpful websites.
ITS main sitehttp://www.rit.edu/its/
Security and virus protectionhttp://www.rit.edu/its/services/security/
New student informationhttp://www.rit.edu/its/help/new_at_rit.html
Personal computer security checklisthttp://www.rit.edu/its/services/security/SecCheckLong.pdf
RIT Information Security Standardshttp://security.rit.edu/standards/index.html