Computer Network Access and Security

Network Access Information

All network connections at the ALS are provided through ALSnet, a local area network (LAN) which is connected to LBLnet and to the Internet. The ALS provides support for IBM compatible, Apple, and Sun systems. If you are using a different system, or have any specialized computer requirements, consult the ALS Network Contact before you arrive at the ALS.

Connection Costs
Connecting to an existing user area subnet (i.e., making soft changes, such as assigning IP numbers) is free. If new hardware is needed or new lines must be run for the connection, there is a one-time charge that is generally less than $500 (exact prices depend on media type and user equipment).

Local Area Networks (LANs) Supported
Consult the ALS Network Contact or LBLnet Services for more information about the following local networks available to ALS users:

Ethernet (IEEE 802.3) LANs are supported for controls, beamlines, and user areas such as offices.
LocalTalk/PhoneNet LANs are available by special request.

Note: Token Ring (IEEE 802.5) LANs are not supported.

Protocols Supported

AppleTalk Phase 2 (for Macintosh connectivity) and EtherTalk
DECnet Phase 4 & 5
Novell Netware IPX (for IBM PC connectivity)
OSI CLNP (GOSIP)
TCP/IP and DHCP

Suspected Problems with ALSnet or LBLnet
If you need immediate assistance with network problems, telephone LBLnet Services (ext. 4559); if your problem is not urgent, consult LBLnet Troubles for additional contact information.

LBNL Computer Support
For technical help with hardware or software on Berkeley Lab-owned computers, telephone the Computing Infrastructure Support Center (ext. 4357) and be prepared to give an account number. A request for assistance can also be filled out on-line at Berkeley Lab Trouble Report. User-owned computers must be serviced privately.

What: Computer Network Access and Technical Support

Who:

p_molinari@lbl.gov

lblnet@lbl.gov

Berkeley Lab Trouble Report

Computer Security

Network Security

Use a separate password for ALS systems. Use different passwords for systems of different security levels. For example, passwords to UX5, LETS, and Oracle should NOT BE THE SAME as passwords you use on ALS systems.

Take actions that will ensure that your password is not exposed to the network. If you access remote systems with telnet, rlogin, rsh, pop, or ftp, and it asks you to type a password, this password travels unencrypted over the network, visible to unscrupulous sniffer programs. Obtain and use programs that avoid placing your password on the net. Be especially careful of passwords for more secure systems (systems critical to ALS operations or experiments) and privileged accounts. Examples of these tools include Secure Shell, S/Key, APOP, and properly configured Rhosts files. These tools are site licensed or free, so take advantage of them. For details consult your system manager or check out the ALS Computer Security Home Page

Data Security
Virus protection is critical for data security and to protect other users of ALSnet. Current versions of virus protection software are available from the ALS Network Contact. Virus information and virus-protection software also are available through Berkeley Lab Computer Security Information. If you discover a rogue program, such as a virus or worm, or if you are aware of a network security violation, contact the Computer Protection Program Manager (ext. 6708).

Hardware Security
For information about securing LBNL-owned computers against earthquakes or theft, contact the LBNL Electronics Technology Department (ext. 5580), or fill out a work request form on-line at Berkeley Lab Computer Lockdowns and Earthquake Securing. The safety of user-owned computer hardware is the responsibility of the user.

What: Computer Network, Data, and Hardware Security

Who:

Computer Protection Program Manager

Berkeley Lab Computer Lockdowns and Earthquake Securing