[7] in Security FYI
Notice of campus security scan
daemon@ATHENA.MIT.EDU (Bob Mahoney)
Thu Jun 3 14:39:57 1999
Mime-Version: 1.0
Message-Id: <v0420540fb37b5c25793a@[18.177.0.98]>
Date: Thu, 3 Jun 1999 14:38:56 -0400
To: security-fyi@mit.edu, netusers@mit.edu, net-defense@mit.edu
From: Bob Mahoney <bobmah@MIT.EDU>
Cc: net-security@mit.edu, rcc@mit.edu
-----BEGIN PGP SIGNED MESSAGE-----
MIT Information Systems will be conducting a series of brief security
scans over the next two days. The Network Security team will be
scanning all MIT networks for the pop-2 vulnerability described in:
http://www.mit.edu:8008/menelaus/bt/10650 and
http://www.mit.edu:8008/menelaus/bt/10695
You may find that system logs or security software indicates one or
more tcp connections to machines under your control, and you may see
log entries looking something like:
ipop2d: connect from security.mit.edu
Assuming that the source of these scans is SECURITY.MIT.EDU, it is a
legitimate security survey. Such connections should not be cause for
alarm. The intent is to identify systems with a security
vulnerability in the pop-2 service. (See the above URLs for
information) If you have concerns about this process, please send
e-mail to net-security@mit.edu.
We will be contacting owners of affected machines with advice on how
to eliminate this vulnerability.
We hope in the future to offer a more complete service to scan for
easily-exploited vulnerabilities, to aid system administrators in
keeping their machines safe. We have chosen to scan for this
situation now because it's likely to affect a large number of
machines, and also because some machines may be unattended over the
summer break.
- -Bob Mahoney, Network Security Team
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
iQCVAwUBN1bL0ibWm6ZidLmFAQGKkAP/TZNw575scjMAc7OoMz9kaBOTWB/5KzK2
26kWi2zuQf4Qp33/KCd5pm6C/L3valdNNJ9ZJvb08Ju2B5x/ePZutQTEEiVv/i89
WbfAawnVbhvDgUjY4x8NSqLxkSjU3gSlBRuZG7JJIPpZbLpglOoCKbYYtLNB3whX
wNKXi87fH1Y=
=9l1P
-----END PGP SIGNATURE-----
