Library items tagged: security

Why? To trace use of Janet, both legitimate and otherwise, helping to investigate and learn from security incidents. Whilst some network events are of a continuing nature, others may only occur sporadically and unexpectedly, and logging of activity can help us understand what took place in the past. Many networks now use Network Address Translation (NAT) or proxy devices that obscure the source of of a connection to the external world, which can prevent the timely investigation of serious incidents.

What is scanning? See also Port and address scanning. Address range scanning The most common abuse is from a worm (or virus, bot etc) trying to infect other computers by exploiting a single vulnerability on the same port at a great number of addresses. Port scanning You may be reporting packets or connections to a large number of UDP or TCP ports at just one address (or a very small number of addresses).

A few simple things are essential for the security of any network connected to today’s hostile Internet. Up-to-date patches All software, operating systems and applications, needs regular updates to remove vulnerabilities as they are discovered. These patches should be installed as promptly as possible after they have been properly tested. Particular care needs to be paid to applications for which automatic updating is not practicable; for example, most Web-based applications. You should contact your software vendor for details of when updates are released.

First think, then react Don’t be too ready to use a button marked “report abuse” (or “this is spam”).It results in real work for a lot of people, and you must do your bit by checking that you are sure you mean what is implied by pressing the button. Don’t send it to the wrong place.In particular when an e-mail message has been delivered to a Janet address it is very rarely useful to complain to Janet CSIRT. The Computer Services or similar department in your own organisation should be able to explain what is going on.