Educause Security Discussion mailing list archives
Re: Scanning Notices
From: "Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>
Date: Wed, 31 Aug 2011 10:34:50 -0400
We do the same and post the warning up on our security Wiki that any network or system can be scanned at any time. We let them know where the scans are coming from so they don't completely panic. Currently we run 5 scheduled Nessus scans on various networks/systems just to keep an eye on them. thx steve From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Bob Bayn Sent: Wednesday, August 31, 2011 10:31 AM To: SECURITY () listserv educause edu Subject: Re: [SECURITY] Scanning Notices We do weekly Nessus scans every Thursday morning. Everybody who cares, knows. See https://it.wiki.usu.edu/Weekly_VulTest for more than you may want to know about it. ;-) Contact us with questions if you want. Bob Bayn (435)797-2396 IT Security Team We will never send you email asking for your password (never, never, never with this one exception: NEVER!) Office of Information Technology, Utah State University http://tinyurl.com/bicyclists-share-kidneys-v2-0 USU employees - join the Phirst Phish Contest http://it.usu.edu/security/htm/phirst-phish-contest ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Matt Marmet [matt.marmet () ARMSTRONG EDU] Sent: Wednesday, August 31, 2011 8:16 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Scanning Notices Hello Everyone, Here at Armstrong we are looking in to scanning our internal networks (desktop and server networks). I was wondering if other institutions were doing this and with what frequency? Also, do you notify the campus that these scans are going to be taking place and, if so, how much lead time do you give the campus? What kind of email or disclaimers do you send out letting people know what the scan includes? We are only looking at basic port scans and such at the moment. Everything we would be doing is non-invasive and not "invading" the users desktops looking for personal data. Thanks for your replies. Regards, Matt -- --- Matt Marmet Director of IT Security, CISO Armstrong Atlantic State University 11935 Abercorn Street Savannah, GA 31419 Desk: (912) 344-3528<tel:%28912%29%20344-3528> Cell: (912) 414-0684<tel:%28912%29%20414-0684> Security Tip: No matter how authentic the request appears, if you are asked in an email or via the phone to provide your password - it is a SCAM. ******* The CIS Team will NEVER, EVER, EVER ----- EVER ask for your username and password via Email. Don't respond to any requests for this information ******
Current thread:
- Scanning Notices Matt Marmet (Aug 31)
- Re: Scanning Notices Bob Bayn (Aug 31)
- Re: Scanning Notices Bradley, Stephen W. Mr. (Aug 31)
- Re: Scanning Notices Roger A Safian (Aug 31)
- Re: Scanning Notices Matt Marmet (Aug 31)
- Re: Scanning Notices Roger A Safian (Aug 31)
- Re: Scanning Notices Mike Porter (Aug 31)
- Re: Scanning Notices Valdis Kletnieks (Aug 31)
- Re: Scanning Notices Matt Marmet (Aug 31)
- Re: Scanning Notices Bob Bayn (Aug 31)
- Re: Scanning Notices Tim Doty (Aug 31)
- <Possible follow-ups>
- Scanning Notices Mike Fox (Sep 01)