Open source faces academic test

Universities and further education colleges are turning to open source security products to step up their IT security.

Universities and further education colleges are turning to open source security products to step up their IT security.

Concerned about the effects that hacking could have on their reputations, academic institutions are creating dedicated security teams and implementing formal security policies to protect their institutions, said Andrew Cormack, head of the Computer Emergency Response Team (Cert) for the Janet academic network.

"They are starting to realise that IT is essential to their business. It's not a side-line. It's core, both because they rely on computers to deliver services and because they realise how much of their reputation is delivered over the Internet," he said.

The number of incidents reported by universities has risen from about 80 a month in 1997 to more than 7,000 in 2001, but this could represent less than 10% of the actual activity, Cormack believes.

About a dozen academic institutions now have full-time IT security staff, and others have written IT security into the job descriptions of their general IT staff.

Although universities and colleges lack the financial resources to buy commercial security packages they have been able to make their systems secure using open source software.

Many are using Snort - an open source intrusion detection programme for Unix - and Saint - an open source package which analyses software vulnerabilities.

These free programs are at least as good, or often better than their commercial equivalents, said Neil Barrett, technical director at consultancy Information Risk Management.

"If you look at any commercial tool, there is an open source equivalent. Technically it might be more difficult to use but it is often better than the commercial version," he said.

Janet Cert has increased the size of its team from three to seven people to cope with a rising demand for advice on security from colleges and universities.

The unit has been called in to investigate denial of service attacks and incidents of IT misuse by students, such as ordering goods on the Internet with fake credit card numbers.

Cert's parent body the UK Education & Research Networking Association can isolate attacks by shutting down connections without breaching service contracts.

Read more on Antivirus, firewall and IDS products