|
|
|
|
|
UC DAVIS: Information and Educational Technology September 27, 2004 DEANS, DIRECTORS, DEPARTMENT CHAIRS, AND CAMPUS/UCDMC ADMINISTRATIVE OFFICERS Subject: Expanded Computer Virus Prevention Service On Monday, September 27, in preparation for the new academic year and in accordance with the UC Davis Computer Vulnerability Scanning Policy (http://manuals.ucdavis.edu/ppm/310/310-21.htm), the campus will expand the computer virus prevention measures that were implemented last fall. These measures are designed to help campus members determine whether their computers are already infected or vulnerable to major computer viruses. If a computer is found to be infected or to possess a serious security vulnerability when attempting to connect to the campus network or a secure application, it will be denied access and redirected to a Web page from which more information and remediation tools will be available. By preventing the dissemination of those viruses via the campus network, these measures will also help protect campus systems, resources, and data. Early last fall, several viruses damaged computers and infected computer networks around the nation, causing severe disruption to businesses and public institutions. To prevent similar disruption to UC Davis computing resources, Information and Educational Technology (IET) implemented a vulnerability scanning service. The vulnerability scanning system proved so successful that, last spring, a workgroup of campus technology experts proposed a plan to expand those services. Based on those recommendations, the expanded vulnerability scanning program includes the following three main components: 1. Scanning computers. The campus will scan computers that are attempting to connect to secure campus services (i.e., those requiring Kerberos passwords for authentication) and will then prevent access to those determined to be vulnerable or infected. Instructions for resolving the problem and regaining access will be provided to those who are denied access. The campus may occasionally scan for a critical problem for which no fix is yet available. In this case, computer owners with vulnerable systems will be warned of the problem; however, access to the campus network will not be denied until a fix is available. Computers attempting to access the campus network from an off-campus location will not be scanned. This will allow community members to use the self-scanning service to test their off-campus computers (see Self-scanning service below). 2. Monitoring the campus network. The campus network will be monitored on an ongoing basis for computer systems that are showing signs of infection and that may already be damaging the campus network. Vulnerable or infected computers will be disconnected from the campus network. The system administrators or owners of these computers will be contacted and asked to inspect the computers to remediate any deficiencies. To help them identify vulnerable or infected systems they are responsible for, system administrators will have access to the vulnerability and infection scan results database (http://secalert.ucdavis.edu). This service will be updated and fully integrated into the expanded scanning system in late October. 3. Self-scanning service. This Web-based service will allow campus members to test their computers for major viruses and vulnerabilities. To use this service, students, faculty and staff should go to http://selfscan.ucdavis.edu/ and select the "Test my computer" option. Information for repairing vulnerabilities and/or infections will be provided upon completion of the scan. This self-scanning service is intended only for the campus community, so testing a computer from an off-campus location will require a UCD login ID and Kerberos password. While these measures are expected to further improve the campus' computer and network security, faculty, students and staff are encouraged to remain on-guard against viruses and other threats. For practical tips, see the Ten Steps to Safe Computing (http://security.ucdavis.edu/security101.cfm). Additional information about the UC Davis computer vulnerability scanning service is available at http://security.ucdavis.edu/vuln_resources.cfm. Questions about the above measures should be directed to security@ucdavis.edu. Dave Shelby Assistant Vice Provost and Chief Operating Officer Information and Educational Technology 04-094
 Office of the Chancellor | Contact Information | Current Issues | Speaking Out | Staff and Organization | Philosophy of Purpose | Principles of Community | Administrative Resources Modified: 12/14/2006 12:24:41 PM Comments: |
