Date: Tue, 08 Sep 1998 16:19:47 -0400 To: csr@smash.gatech.edu, snag@gt.ed.net, information-technology@oit.gatech.edu From: Jim Hendricks Subject: GT/IRSC ALERT: OIT to conduct network vulnerability scans ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ INFORMATION TECHNOLOGY SECURITY ALERT Georgia Institute of Technology Information Resources Security Coordinator Alert number 98-07 (1998-09-08) Subject: OIT to conduct network vulnerability scans ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AFFECTED: All computers connected to the Georgia Tech Computer Network. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ACTION REQUIRED: NO ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DETAILS: On September 15, 1998, OIT will begin conducting periodic vulnerability scans of all computers connected to the Georgia Tech Network, including the student residence network (RESNET) and the east campus network (EASTNET). The tools we will be using include the Internet Scanner from Internet Security Systems, . This service is intended to identify security weaknesses in networked computers so that they can be corrected before being exploited by a network intruder. When your computer is scanned, you may notice log entries as the scanner connects to and tests your system. This is entirely normal. A scan typically takes no more than ten minutes, usually much less. If the scanner detects a major problem with your computer, we will contact you so that you can correct it. Remember that if your computer has an open door, a malicious person anywhere on the Internet is capable of finding it. Our purpose is to find it first so it can be closed. This is part of our ongoing effort to provide you with computer security information that applies directly to you, rather than broadcasting general advisories that may not concern you. Please send any questions regarding the scanning program to . ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Reminder: The Georgia Tech Information Resources Security home page is at