UISO Vulnerability Scanners

SiteProtector

SiteProtector, the Host Vulnerability Assessment Scanner attempts, to discover vulnerabilities on your system connected to the IU Network. It uses a variety of external tests to discover misconfigured services, vulnerable ports, and other open attack vectors.

IU Policy requires that hosts be scanned once a month for potential vulnerabilities. All questions about the service should be sent to:
scanner-admin@uiso.iu.edu

Access SiteProtector.

Web Application Vulnerability Scanner

The Web Scanner attempts to discover vulnerabilities in your Web site. It begins by indexing your entire site looking for Web pages,then determines which tests it needs to run based on the type of Web site/pages present.

Read more about the Web Application Vulnerability Scanner.

Security & Policy Blog Posts

  • May 10, 2012 at 7:48 AM

    • 55,000 Twitter Accounts Hacked
    Tens of thousands of Twitter accounts have been compromised in a recent hack attack in which more than 55,000 passwords were leaked and posted to Pastebin by anonymous hackers. You should probably change your Twitter password today.
  • May 7, 2012 at 8:47 AM

    • Mac OS X Lion User Passwords Exposed
    A mistake by Apple can cause Mac OS X 10.7.3 (Lion) to store your login password on the hard drive in clear text.
  • May 4, 2012 at 11:10 AM

    • Adobe Flash Player Security Update
    Adobe Flash Player Security Update
  • April 26, 2012 at 12:53 PM

    • Information Security and Privacy Program Awareness Update
    A memo has been sent to the President's Cabinet to help raise awareness of the Information Security and Privacy Program.

    Recent Security Bulletins

  • April 11, 2012 at 3:24 PM

    • Vulnerability in Windows Common Controls active exploit
    A remote code execution vulnerability exists such that an attacker who successfully exploited this vulnerability could run abitrary code on the target system, then install programs; view, change, or delete data; or create new accounts with full rights.
  • April 5, 2012 at 2:51 PM

    • Mac Malware Exploiting Java Vulnerability
    "Flashback" is Mac-specific malware that is currently spreading via a recently patched Java vulnerability
  • March 16, 2012 at 11:42 AM

    • Vulnerability in Microsoft Remote Desktop
    A remote code execution vulnerability exists such that an attacker who successfully exploited this vulnerability could run abitrary code on the target system, then install programs; view, change, or delete data; or create new accounts with full rights.
  • February 28, 2012 at 1:53 PM

    • Phone Phishing Observed at IU
    Warning about phone calls requesting information or requesting users to take action to compromise computers.