DoIT security scan
Posted: 2002-02-11 10:56:36 Expiration: 2002-02-11 10:56:36
DoIT Security will start periodic vulnerability scans of computers on the DoIT staff network
DoIT Security will start periodic vulnerability scans of computers on the DoIT staff network (all DoIT IP space except the DoIT platform). The scans will be for Microsoft Internet Information Server security holes. These would be people running Windows NT, 2000 or XP and using IIS to serve webpages etc. Machines with the latest patches should be fine.
This should not cause any major issues, but callers may report seeing scans from "scanner.doit.wisc.edu" in their computer logs, i.e., web server logs. If they report scans from other machines, e.g., hacker.com, then they should report them to DoIT Security at abuse@wisc.edu.
The DoIT platform will not be scanned initially
(we will work with DoIT sysops on this).
The policy is posted on the DoIT Intranet at:
DoIT Security will contact the appropriate staff with computers with exposures and work with them on a resolution."
-- Jeff Savoy