Overview
The mission of the Lab's Cyber Security team is to protect LBNL computer resources from security-related occurrences. To achieve this goal it is sometimes necessary to deploy special measures in dealing with computing systems that constitute considerably higher than normal levels of danger to other Lab systems. An attacker, worm, or Trojan horse program may have compromised these systems' security, or they may have a serious, unpatched vulnerability that makes other Lab systems vulnerable to a greater risk of compromise, necessitating blocking the dangerous systems' network access.
When Cyber Security determines that blocking a system is necessary, it also decides the type of blocking that is appropriate, based on the degree of danger to other Lab systems that the blocked system is causing.
Types of Network Blocking
Blocking | Symptoms |
DHCP denyboot | Computer cannot get a IP address from the DHCP server, gets 192.168.* address. |
DHCP isolation | Computer gets an IP address from DHCP server, but no default gateway. Cannot access computers off the local subnet. |
Perimeter blocking | Computer can connect to systems within lbl.gov, but cannot connect to computers outside of lbl.gov. |
Null routing | Computer cannot connect to systems outside the local subnet. Computer cannot ping the gateway. |
Help
If you think your system is blocked, contact the LBNL Computer Help Desk at [email protected] or x4357. The Help Desk will determine what has happened and will restore your system if its security has been compromised and / or will install any missing patches.
