FireWall Implemented for Protecting the Central Computer Systems

Firewall Mechanism

We are pleased to announce that we have installed a network FireWall to strengthen the security of Computer Centre's computing systems to deter any intrusions to the systems by external users.

The network Firewall is installed immediately behind the gateway router which connects our Campus network to HARNET (Hongkong Academic Research NETwork) and Internet as depicted in the diagram. The network Firewall examines all inbound and outbound network traffic to verify that they are in compliance with a set of pre-defined security rules. Network traffic which does not comply with the defined security rules will be logged and discarded.

With the installation of the network Firewall, E-mail access using Pine, Eudora and Netscape etc. from network outside of HKU is allowed. Furthermore, telnet access to Computer Centre's host computer systems, e.g. hkucc, hkusua, hkusub etc. is now provided through a HKUCC Telnet Gateway which is named hkuccsys. The procedure for gaining access to Computer Centre's host computer systems through the hkuccsys is as follows:

  1. At the remote site, telnet to hkuccsys system using the command telnet hkuccsys.hku.hk
  2. At the login prompt, enter your HKUPPP a/c username and password
  3. After you have successfully logged in the hkuccsys.hku.hk system, you may then select one of the Centre's host systems from the displayed list for telnet.

While the security rules of the network Firewall have allowed e-mail and telnet access to the Centre's computer systems, all finger, ping and ftp requests to Centre's computer systems from users outside the HKU Campus Network are still prohibited.

For more information about the network firewall, please contact the undersigned.



K T Wan
Tel: 2859-7971
E-mail: hcxcwkt@hku.hk

Thomas Lee
Tel: 2859-7977
E-mail: ytlee@hku.hk


[Contents] [Next] [Previous]