All Mgrs Mtg-2005.10.05-ISO Updates

ISO Updates by Steve Scott Dshield blocks up and running, as approved by ITAC. Blocked address ranges available here: http://www.iso.utah.edu/ security/network/dshield.ip.blocks Malicious machines identified by U of U traffic "blacklisted" here: http://www.iso.utah.edu/security/cgi-bin/viewblacklist.cgi SSN and CC#s - tools in place now to scan for SS#s and the tool for CC#s will be ready soon (today or tomorrow). Enhancement recommendations are welcomed. Web-based access to see flow information - Jonzy is working on it. Gives you the first 500 lines or you can view the whole report - Top Talker report. Are people interested? "Hell yeah." In testing now, is currently available. More information to end users. SANS OUCH! Newsletter now online on the IT Security webpage. See http://www.it.utah.edu/ leadership/security/computer.html and click on Resource Links. Good information for the not-so-computer-savvy. NMAP is great, but you need to understand it to get the most out of it. Tell it to scan all 65,000 IP addresses. See http://www.insecure.org. You should be doing this on your own internal network to see if you're being scanned because ISO can't see blocked Microsoft ports when scanning from outside. Noxscan tool from York University scans entire Class B and touches every machine - tells which machines are vulnerable. ISO will be emailing a few people soon about some vulnerable machines.