New Line of Security for NERSC Computers
September 1, 2008
The supercomputers at NERSC have a new line of defense against hackers with the installation of a specially instrumented version of SSH. This version of SSH allows NERSC’s intrusion detection systems to analyze user activity while maintaining the security and privacy advantages of using SSH.
“In the past few years SSH has become a standard and is required for all users logging into NERSC systems,” says Craig Lant, NERSC Security Analyst.
SSH is a security program that provides secure communication over insecure channels by encrypting keystrokes and system responses, including passwords. This means that users can remotely log onto computers over a network, execute commands, and transfer files from one system to another, with the utmost privacy.
“Because SSH encrypts commands that are typed into NERSC computers by remote users, it makes traditional intrusion detection less effective,” says Lant.
As a precaution against hacking, scientists at NERSC began work modifying SSH to allow NERSC’s adaptive intrusion detection system, called Bro, to monitor user activity and respond to unusual activity in real time. Bro will then alert security personnel if any suspected hacker activity is detected.
The new version of SSH was developed by NERSC scientists over the last year and will be released publicly toward the end of 2008.
About NERSC and Berkeley Lab
The National Energy Research Scientific Computing Center (NERSC) is a U.S. Department of Energy Office of Science User Facility that serves as the primary high-performance computing center for scientific research sponsored by the Office of Science. Located at Lawrence Berkeley National Laboratory, the NERSC Center serves more than 7,000 scientists at national laboratories and universities researching a wide range of problems in combustion, climate modeling, fusion energy, materials science, physics, chemistry, computational biology, and other disciplines. Berkeley Lab is a DOE national laboratory located in Berkeley, California. It conducts unclassified scientific research and is managed by the University of California for the U.S. Department of Energy. »Learn more about computing sciences at Berkeley Lab.