Humboldt-Universität zu Berlin - Faculty of Mathematics and Natural Sciences - IT Service Group

Network, DNS and Firewall

Here you will find various information on the topics of network, DNS and firewall
DNS

The Institute for Computer Science operates the domain "informatik.hu-berlin.de". Computers that are operated at the Institute for Computer Science can have a domain name under this domain:

  • [hostname] .informatik.hu-berlin.de
  • [hostname]. [subdomain] .hu-berlin.de

 

If you would like a DNS entry for an IP you are using, please contact your technician.

 

Would you like a shorter URL? To do this, please use the HU's URL shortener.

 
HU firewall

The central firewall of the HU blocks incoming connection requests in order to protect the internal systems from external network attacks. If services that are operated within the HU network are also to be visible outside the HU, this service (the corresponding port) must be enabled in the central firewall. This can be requested from the computer operating group. However, the following rules apply:

  1. The service must be accessible under a fixed IP within the IT network.
  2. The service must be accessible under a fixed name (domain: informatik.hu-berlin.de).
  3. The computer behind the IP must be pingable from the following computers: 141.20.20.33 and 141.20.20.32
  4. The service must be accessible from at least the following computers: 141.20.20.33 and 141.20.20.32

Every responsible person (chair) is obliged to keep a record of all processing activities. A complete VVT ​​form must be submitted at the request of the data protection officer at HU. (Form and instructions for filling in)
In addition, far-reaching information obligations towards those affected (users) must be fulfilled. (Information requirements at the HU)

The "ssh" service (port 22 - TCP) is only approved in exceptional cases. Please use a VPN connection to the HU / IT network and then ssh.

The following rules also apply to web servers:

  1. Requests to port 80 (HTTP) must be automatically redirected to port 443 (HTTPS).
  2. The server must have a valid certificate for HTTPS. This can be requested from the CMS.
  3. An imprint, data protection information and a contact must be linked on the website

 

If the web services are only available temporarily or to a certain group of users, please use OpenVPN (and, if necessary, external accounts).

For other ports, please write which service you are offering and briefly explain why the service must be accessible outside the HU network. In this case too, the port (TCP) must be reachable for the following computers: 141.20.20.33 and 141.20.20.32

If HTTPS is used via a different port, a valid certificate must also be used. This also applies to other protocols that use a certificate.

 

To apply for a port release in the central HU firewall, send an email to rbg@informatik.hu-berlin.de.