Tracking down network offenders

MVick at MVick at
Wed Dec 19 14:27:13 GMT 2001

     I am interested how Universities track down and respond to network
complaints from outside the University.  For example:

     A complaint arrives that shows an exploit scan against an external IP
address from an internal University address.  The internal University
address turns out to be assigned to University housing.

     I am interested in both policy and technology considerations.  I do
realize that there are many policy and technology configurations at many
different Universities.  Also, is it possible to PROVE that a particular
computer or user was involved if the problem if not caught in real time?

     If I get a good response I would be glad to summarize back to this

Michael Vick

More information about the unisog mailing list