Educause Security Discussion mailing list archives

Re: Scanning Notices

From: "Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>
Date: Wed, 31 Aug 2011 10:34:50 -0400

We do the same and post the warning up on our security Wiki that any network or system can be scanned at any time.  We 
let them know where the scans are coming from so they don't completely panic.

Currently we run 5 scheduled Nessus scans on various networks/systems just to keep an eye on them.

thx
steve
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Bob Bayn
Sent: Wednesday, August 31, 2011 10:31 AM
To: SECURITY () listserv educause edu
Subject: Re: [SECURITY] Scanning Notices

We do weekly Nessus scans every Thursday morning.  Everybody who cares, knows.
See https://it.wiki.usu.edu/Weekly_VulTest  for more than you may want to know about it.  ;-)  Contact us with 
questions if you want.

Bob Bayn          (435)797-2396            IT Security Team
We will never send you email asking for your password
(never, never, never with this one exception: NEVER!)
Office of Information Technology, Utah State University
       http://tinyurl.com/bicyclists-share-kidneys-v2-0
        USU employees - join the Phirst Phish Contest
     http://it.usu.edu/security/htm/phirst-phish-contest
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Matt Marmet 
[matt.marmet () ARMSTRONG EDU]
Sent: Wednesday, August 31, 2011 8:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Scanning Notices
Hello Everyone,

Here at Armstrong we are looking in to scanning our internal networks (desktop and server networks). I was wondering if 
other institutions were doing this and with what frequency? Also, do you notify the campus that these scans are going 
to be taking place and, if so, how much lead time do you give the campus? What kind of email or disclaimers do you send 
out letting people know what the scan includes? We are only looking at basic port scans and such at the moment. 
Everything we would be doing is non-invasive and not "invading" the users desktops looking for personal data. Thanks 
for your replies.

Regards,

Matt
--
---
Matt Marmet
Director of IT Security, CISO
Armstrong Atlantic State University
11935 Abercorn Street
Savannah, GA 31419
Desk: (912) 344-3528<tel:%28912%29%20344-3528>
Cell:  (912) 414-0684<tel:%28912%29%20414-0684>

Security Tip: No matter how authentic the request appears, if you are asked in an email or via the phone to provide 
your password - it is a SCAM.

******* The CIS Team will NEVER, EVER, EVER ----- EVER ask for your
username and password via Email. Don't respond to any requests for
this information ******

Current thread:

Scanning Notices Matt Marmet (Aug 31)
- Re: Scanning Notices Bob Bayn (Aug 31)
  - Re: Scanning Notices Bradley, Stephen W. Mr. (Aug 31)
- Re: Scanning Notices Roger A Safian (Aug 31)
  - Re: Scanning Notices Matt Marmet (Aug 31)
    - Re: Scanning Notices Roger A Safian (Aug 31)
    - Re: Scanning Notices Mike Porter (Aug 31)
    - Re: Scanning Notices Valdis Kletnieks (Aug 31)
- Re: Scanning Notices Tim Doty (Aug 31)
- <Possible follow-ups>
- Scanning Notices Mike Fox (Sep 01)