CIS Help
Request Form

Computer Protection Program to Scan Lab Computers for Vulnerabilities

On any given day, hackers from outside the Lab routinely scan LBNL's computers and networks looking for vulnerabilities to exploit. Recently, for example, three Lab computers running the "sadmind" application were hacked into via a vulnerability. In a renewed effort to find and patch these vulnerabilities before intruders do so, the Lab's Computer Protection Program has started scanning Lab systems using a Lab-developed scanning routine. "One of the things we'll be looking for are vulnerabilities we know are 'hot' at the moment," said Computer Protection Program Manager Jim Rothfuss. "We've already found more than a few machines with security vulnerabilities and alerted the system administrators."

To notify Lab system administrators in advance of the "friendly" scanning, Rothfuss' group is putting together an email notification list, as the scans will have the markings of an attempted break-in of the computer system. To be added to this list, send an email to majordomo@listserv.lbl.gov and write "subscribe cp-scan-notify" in the body of the message.

In the near future, the Computer Protection Program will also start using a commercially developed application for scanning all the Lab's networks. This will be done on a division-by-division basis, starting with the Accelerator and Fusion Research Division. Depending on the size of the organization, the scan can take from several hours to several days. Each division's computer protection liaison will be notified in advance of the scans.