Network Security Vulnerability Scans

hacking

The OIT Security Team has begun implementing periodic scans of all hosts connected to the UCI network for the most common and high impact network and web security vulnerabilities.

The purpose to these scans is to find unprotected systems before hackers do.  We can then work with system owners to better protect their computers and data.

Since these scans are benign versions of the attacks hackers use, you may notice certain behaviors in your computer:

  • Your log files may show attempts to login from strange addresses or multiple failures in a row that you don’t expect.  Web access logs may show many requests from the same IP including strange URLs.
  • If you allow anonymous updates to your websites (i.e. no login required), junk data or what looks like spam may be inserted into your application’s database or email forms.
  • If web application uses a database and vulnerable to input injection, regular database queries with altered SQL could take longer to run, connection pools may fill up and requests hang waiting for new connections.

If you observe any of these behaviors, treat it as you would any security breach.  This may include contacting OIT’s IT security team. If these scans discover a vulnerability, IT Security will contact you with advice.  More information can be found on the Security Vulnerability Scans web site.

Computer and Network Security Testing

Digital sign

Vulnerability Assessment is a valuable portion of an overall process to ensure the security of hosts on a network.   OIT provides software and services to the campus to assist with the vulnerability assessment process.

Usually done hand-in-hand with risk assessment (i.e., the potential loss to the University in the event of unauthorized access), vulnerability assessment at UCI can be applied to a single system or a group of related computers.  Items to check in such a vulnerability assessment include directory and file permissions, user account and password policies, and current operating system patches.

Some tools are available at no cost to interested individuals to download and employ such as Microsoft’s Baseline Security Analyzer.  Other tools require specialized expertise, such as McAfee Foundstone which OIT licenses.

In addition to scanning a computer internally for vulnerability, OIT can assess the security of a computer’s configuration from the point of view of the network and remote users. Items to check in a network based vulnerability assessment include installed and running services, and local firewall settings.

More information is available at the OIT Security Team’s Vulnerability Assessment page.