Disclaimer: This news item was originally posted on Monday, Feb 11, 2002. Its content may no longer be timely or accurate.

DoIT security scan

Posted: 09:56:36, Monday, Feb 11, 2002   Expiration: 09:56:36, Monday, Feb 11, 2002  

DoIT Security will start periodic vulnerability scans of computers on the DoIT staff network

DoIT Security will start periodic vulnerability scans of computers on the DoIT staff network (all DoIT IP space except the DoIT platform). The scans will be for Microsoft Internet Information Server security holes. These would be people running Windows NT, 2000 or XP and using IIS to serve webpages etc. Machines with the latest patches should be fine.

This should not cause any major issues, but callers may report seeing scans from "scanner.doit.wisc.edu" in their computer logs, i.e., web server logs. If they report scans from other machines, e.g., hacker.com, then they should report them to DoIT Security at abuse@wisc.edu.

The DoIT platform will not be scanned initially
(we will work with DoIT sysops on this).

The policy is posted on the DoIT Intranet at:

DoIT Security will contact the appropriate staff with computers with exposures and work with them on a resolution."

-- Jeff Savoy

Created: 09:56:36, Monday, Feb 11, 2002 (by Weizhong W.)
Updated: 09:56:36, Monday, Feb 11, 2002 (by Weizhong W.)