Computers that are connected to other computers via a network can be attacked via this network. Such attacks can be random or targeted, or undirected via automated software such as worms and viruses. If an attack is successful, data can be read, copied, manipulated or deleted and the computer can be secretly "taken over" by hackers using remote control software.
For this reason, IT Services is taking various measures to protect computers on the University network. However, this cannot be done without your help. In addition to central protection measures, local protection measures and responsible and security-conscious handling of computers are also required.
There are currently few traffic restrictions between the networks of the various entities. In the event of a worm outbreak, this can lead to an "infected" device in one network segment attacking and "contaminating" devices in other units via the network. In such a case, IT Services will have to interrupt some or all of the traffic to the University facility in an emergency. This interruption continues until the situation is under control again.
Since few traffic filters are in place, not every user can be granted unauthorized access to the network. Misconfigurations or poorly maintained computers can endanger not only individual building networks, but the entire university network. If a problem occurs, it must be possible to identify the originator without any doubt in order to solve the problem. Therefore, computers must be clearly assignable. Therefore, the IT Services only allow the employees of the IT Service Center (ITSC) or Computer responsible and persons authorized by them to connect a computer to the university network. (Exception: lecture h alls, notebook connections).
A firewall prevents direct, externally initiated network traffic. This means that an attacker from outside cannot directly attack a computer in the internal Uninetz - unless an exception rule has been created in the firewall for this computer (because, for example, web servers should be accessible from outside). Exception: certain ICMP (Internet Control Message Protocol) information is allowed. The firewall also prevents some potentially dangerous traffic from reaching the outside world.
Attacks from inside the Uninetz (e.g. by computers which could be attacked from outside because an exception rule was created and which are now controlled by an attacker or attacks by viruses, Trojans and other malware which has found its way onto an internal computer e.g. via web browsing or e-mail), because this traffic no longer passes through the Internet firewall.
Viruses and other malware that has found its way onto a computer via "traffic allowed by the user" e.g. via email, contaminated programs, downloads, USB sticks, etc.
Or malware that was installed unnoticed on the computer via security holes in the operating system or in software (browsers, plugins, etc.) (since the firewall allows viewing of web pages and can only rudimentarily check whether malicious program code is also hidden in the data stream, since almost all traffic is encrypted nowadays).