• McMaster
  • McMaster A-Z Index
• Academics
  • Undergraduate Studies/Programs
  • Graduate Studies/Programs
  • Part-Time Studies & Continuing Education
  • Departments & Faculties
• Alumni
  • About the Alumni Association
  • Alumni Events
  • Services & Benefits
  • Programs for Alumni
  • Alumni Networking
  • Keep in Touch
  • Homecoming
  • Alumni Weekend
  • Students & Young Alumni
  • Giving to McMaster
• Discover McMaster
  • About the Campus
  • Fast Facts
  • Governance
  • History of McMaster
  • How to Get to McMaster
  • Policies, Procedures & Guidelines
  • President's Message
  • Provost & Vice-President (Academic)
  • Strategic Plan
  • Teaching and Learning at McMaster
• Future Students
  • Undergraduate
  • Graduate Studies
  • MBA Program
  • Continuing Education
  • Parents
  • Student Services
  • Virtual Tour
• Library
  • About the Libraries
  • Contact Us
  • Course Reserves
  • Library Catalogue
  • Library Services
  • My Account / Book Renewal
• Research
  • Canada Research Chairs
  • Endowed & Industrial Chairs
  • Ethics in Human Research
  • McMaster Innovation Park
  • Office of International Affairs
  • Partnership Opportunities
  • Research Centres & Institutes
  • Research Policies & Procedures
  • Science in the City
• Current Students
  • Student Affairs
  • Student Resources
    • Chaplaincy
    • Human Rights & Equity
    • Information Technology
    • Office of Academic Integrity
    • Ombuds
    • Parking & Transit
    • Registrar
    • Safety & Security
    • Student Financial Aid & Scholarships
    • Student Accounts
  • Student Government
    • Graduate Students
    • Part-time Students
    • McMaster Students Union
  • Campus Life
    • Clubs
    • Events

University Technology Services

• MacConnect Home
  • Wireless Coverage
  • Wired MacConnect Coverage
  • MacConnect FAQs
  • Security & Encryption
  • TrendMicro Endpoint Security
  • Eduroam
• UTS Home

Security Awareness
Many people do not realise how insecure most networks are. Even modern switched networks remain vulnerable to sniffers, which are programs that capture traffic on a segment of the network, and can view all passing information, even inserting commands without knowledge of the victim. Using a sniffer, someone can see your email, passwords, URLs visited, and even read the contents of your messages unless you take precautions.

Encryption is important to protect your identity - userids and passwords - even if you're not concerned about securing the content of your messages. At a minimum, you should avoid applications which authenticate (send the userid and password in clear text), and prefer applications which encrypt them. You should avoid such applications as: POP and IMAP email clients without an option to encrypt the userid and password exchanged, as well as telnet and ftp which authenticate in plain text.

For example, web sites providing sensitive transactions (any service where privacy is a concern, such as access to your bank account), use Secure Socket Layer (SSL) to encrypt the traffic. You can detect that SSL is in use by a 'locked' icon in the status tray of your browser, and by examining the URL which will start with https:// instead of http: when encryption is required.

You should prefer systems which use encryption:

• SSH (Secure Shell) instead of telnet
• SFTP (part of an ssh client) instead of ftp
• SSL/TLS used with web applications to provide encryption (e.g. choose the URL https://univmail.cis.mcmaster.ca in preference to the http: alternative)
• secure options SSL option should be selected in mail clients to ensure email userid and password are encrypted; message text encryption is also available, if required. For example, Hotmail, Yahoo and others offer encrypted login, but not encrypted messages.

(NEW) MacSecure
The MacConnect system at McMaster uses Cisco Clean Access for secure authentication and validation of mobile client systems before granting access to the network. However, subsequent traffic is only encrypted if the MacSecure SSID is used, which uses Wi-Fi Protected Access. The MacConnect SSID, on the otherhand, is not configured to provide maximal flexibility in its use and therefore does not use encryption.