UISO Vulnerability Scanners

SiteProtector

SiteProtector, the Host Vulnerability Assessment Scanner attempts, to discover vulnerabilities on your system connected to the IU Network. It uses a variety of external tests to discover misconfigured services, vulnerable ports, and other open attack vectors.

IU Policy requires that hosts be scanned once a month for potential vulnerabilities. All questions about the service should be sent to:
scanner-admin@uiso.iu.edu

Access SiteProtector.

Web Application Vulnerability Scanner

The Web Scanner attempts to discover vulnerabilities in your Web site. It begins by indexing your entire site looking for Web pages,then determines which tests it needs to run based on the type of Web site/pages present.

Read more about the Web Application Vulnerability Scanner.

Security & Policy Blog Posts

  • We have received approximately 15 reports from faculty and staff who have had a fraudulent 2013 federal tax return submitted to the IRS in their name. There is no evidence the tax fraud is a result of a disclosure of information that originated from IU.
  • On March 24th 2014, Microsoft released an advisory describing a vulnerability in all supported versions of Microsoft Word.
  • Apple has released critical security updates to address a dangerous bug in Apple's implementation of SSL/TLS that affects multiple versions of iOS 6, iOS 7, Apple TV OS 6, OS X 10.9 (Maverics).
  • Older version of NTP with outdated configuration may allow servers to be used in a Denial of Service attack

    Recent Security Bulletins

  • Vulnerability in OpenSSL versions 1.0.1 before 1.0.1g
  • New ransomware named CryptoLocker threatens to destroy data unless a payment is made.
  • Critical Java Vulnerability included in Exploit Kit
  • This bulletin details four recently published, critical rated, vulnerabillies in Adobe ColdFusion and ways to mitigate the risk of them being exploited including the hotfix for supported versions.