Re: Scanning Notices

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

We do a non-stop, selective, Nessus scan of the campus.  If and when we find a problem, we notify the local security 
contact (no more than one notification per month, per machine) so they can address the problem.

It works, but, I am not sure it is as valuable as it once was since most machines have a firewall enabled, and many 
newer Nessus tests require local credentials, which we do not have.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Matt 
Marmet
Sent: Wednesday, August 31, 2011 9:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Scanning Notices

Hello Everyone,

Here at Armstrong we are looking in to scanning our internal networks (desktop and server networks). I was wondering if 
other institutions were doing this and with what frequency? Also, do you notify the campus that these scans are going 
to be taking place and, if so, how much lead time do you give the campus? What kind of email or disclaimers do you send 
out letting people know what the scan includes? We are only looking at basic port scans and such at the moment. 
Everything we would be doing is non-invasive and not "invading" the users desktops looking for personal data. Thanks 
for your replies.

Regards,

Matt
--
---
Matt Marmet
Director of IT Security, CISO
Armstrong Atlantic State University
11935 Abercorn Street
Savannah, GA 31419
Desk: (912) 344-3528<tel:%28912%29%20344-3528>
Cell:  (912) 414-0684<tel:%28912%29%20414-0684>

Security Tip: No matter how authentic the request appears, if you are asked in an email or via the phone to provide 
your password - it is a SCAM.

******* The CIS Team will NEVER, EVER, EVER ----- EVER ask for your
username and password via Email. Don't respond to any requests for
this information ******