At one point or another, everyone has accessed the Wi-Fi provided by Kansas State. In fact, many students access it for large portions of the day.
What students may not think about when surfing the Internet is what others can see in regards to the websites they visit and how secure the various forms of internet connections are. The answers are rather complex and involve much more than what students and faculty can see on the outside.
K-State Security analyst Josh McCune said the IT department can ultimately see all of the traffic that goes through the network if they need to, but there are a few limitations on the specifics of what they can see.
For example, if a student accesses a website that uses a Secure Sockets Layer protocol, the specifics of what is being looked at can’t be seen. IT does not currently have any ability to sort through the encryption.
But what is an SSL? Every website has an address, which is called a URL. The first part of that address governs how web content is transmitted — either Hypertext Transfer Protocol, HTTP, or Hyper Text Transfer Protocol Secure, HTTPS. The latter is what is called an SSL connection. It is the more secure of the two.
If SSL connections are used to access a website like Facebook, K-State can see that someone visited Facebook, but due to the encryption, they can’t see what pages are clicked on. So, yes, you can stalk your ex’s profile in peace.
If a student is not on an SSL connection, IT can see pretty much all of what they are doing on a website, but it’s unlikely that information would be recorded and stored unless it’s deemed necessary.
“What gets recorded from a logging perspective is just simply that your computer talked to this computer on the internet,” McCune said. “Even if it’s unencrypted, we don’t store anything unless we’re doing troubleshooting or needing packet captures for some reason.”
Packets are the basic units of communication over certain types of networks. For example, when sending an email, all of the contents get cut up into little chunks that are easier to route across the Internet. Once the chunks get to their destination, they are reassembled into the initial message. Those chunks are called packets. Packets have both header information, which tell them where to go, and a payload, the content within the packet.
In terms of new things the IT department is looking to implement, McCune said they are currently evaluating the possibility of a new antivirus software.
“Trend Micro is our current antivirus solution — we’ve gotten a lot of feedback that it’s not working well for people,” McCune said. “It causes connection issues from time to time and people end up uninstalling it to fix those problems and it’s not catching all the malicious software that we encounter.”
McCune said a security tip he would give to K-State students is to use the KSU wireless connection rather than the guest connection. The KSUGuest Wi-Fi does not require users to authenticate and does not create an encrypted tunnel to browse through, leaving people vulnerable to everyone else on the network.
The IT department is also working on overcoming various security threats such as malware and phishing scams.
“I’d say one of our biggest challenges in terms of security right now is phishing scams,” McCune said. “Nefarious people out there sending messages to our student and faculty trying to trick them into giving up their EID credentials and then using those credentials to proliferate other scams…that’s where we spend a lot of our time, dealing with scams. It’s more of a people problem than a technology problem and we’re trying to find better ways to combat that.”
One tactic IT is implementing is adding a warning message to emails that go though K-State mail. The messages are flagged based on key-words that are often seen in phishing scams such as “gift card.”
In terms of web content that K-State bars students and faculty from accessing through the network, McCune said they don’t typically prohibit sites based on categories, only known malicious sites.
“For example, if we see a report of a phishing scam that uses a website to go collect credentials, we put that on a list of blocked sites,” he said. “Those are the only things that we make an attempt to block as well as known command and control sites for malware. There are things that we block, but we don’t do any content filtering per se, we don’t try to dictate whether you can look at controversial sites or pornography or anything like that. In fact, that’s all as wide open as we can make it.”