On-Demand Security Scanner Tool For UF Net-Managers

You just set up a new computer, upgraded an operating system, or installed a new application. Is it secure? Is it free of known vulerabilities?

In accordance with the UF Network and Host Security Standard, all hosts connected to the UF network must be scanned for vulnerabilities.

Computing and Networking Services Security provides an "on-demand" scanning solution to help UF Network Managers know whether or not a system -- or group of systems on a subnet -- is securely configured. It's called Nessus.

Quoting from the Nessus web-site: "Nessus is the world's most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world's largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications."

CNS Security has made it easy for UF Network Managers to use Nessus to get a report on the status of computers on their networks. Just follow these simple steps to scan a single computer or an IP-address-range and receive a detailed report of vulnerabilities along with recommendations for corrective action.

Go to the self-scanner website located at https://infosec.ufl.edu/cgi-bin/newscan/ .
Fill in the IP number(s) you are interested in scanning and enter your e-mail address in the field provided: you will be notified by e-mail when scan begins, and again when it is complete.
The e-mail you receive will direct you to the Nessus report containing detailed information regarding the possible vulnerabilities of the address(s) you scanned, and recommendations for corrective action.

In order to ensure that this valuable resource is available to the IT professionals who need it, and to prevent it from being used by hackers to locate and exploit vulnerabilities, the Nessus scanner is only available to registered UF Network Managers. If you are unsure as to whether you are listed in the Network Services Subnet Manager's list, or want to find out who your Subnet Manger is;

Navigate to the CNS Home Page
Select SECURITY at the top of the page (rollover menu bar)
Then under the heading of Network Services select
Subnet Managers list

This link will give you several fields to input information to determine whether or not you are in the Subnet Manager's list. Please verify the information is correct.

If the information is not correct or you are not in the database please e-mail corrections to net-services@ufl.edu.

If you have questions regarding any information feel free to contact CNS Security at 352.392-2061 for assistance.

	The UF Office of Information Technology Newsletter
	On-Demand Security Scanner Tool For UF Net-Managers