Disclaimer: This news item was originally posted on Thursday, Feb 6, 2003. Its content may no longer be timely or accurate.

New DoIT Scanning Service

Posted: 08:11:52, Thursday, Feb 6, 2003   Expiration: 18:00:00, Friday, Feb 28, 2003  

A new vulnerability scanning service will soon be offered to the campus.

A new vulnerability scanning service will soon be offered to the campus.  This service scans computers for high-risk, well-known security vulnerabilities. Scanning helps us proactively identify potential victims on the campus network before they can be exploited.

DoIT will soon begin providing periodic vulnerability scans on all computers currently connected to the campus network.  These scans will provide a supplemental security measure to vulnerability scanning services currently used by departments, schools and divisions.  The scanning has already been piloted in several departments on campus, with the departments' consent.

DoIT will scan for vulnerabilities such as those outlined in the "SANS/FBI Top 20 List" (www.sans.org/top20/).  Many departments, schools and divisions already employ a wide variety of security controls.  If this is the case in your area, you will have the ability to opt out by completing an on-line form at the scanning web site. If you have a firewall you need to opt in by allowing the scans through if you want the computers inside your network scanned.

DoIT plans to roll this service out to campus soon.  Details are posted on the scanning web site:

http://www.doit.wisc.edu/restricted/security/scanning/centralized .

Your feedback on this process is welcomed


-- Kim Milford

Created: 08:11:52, Thursday, Feb 6, 2003 (by Weizhong W.)
Updated: 08:11:52, Thursday, Feb 6, 2003 (by Weizhong W.)