The University Computing Service performs internal tests for vulnerabilities on machines connected to the University Data Network. The results of this probing are made available to the IT team and the end users of machines [1]. Machines which are identified as having serious vulnerabilities [2] will be disconnected from the network to prevent any damage to the vulnerable machine or, if that machine were to be compromised, any machines trusting the vulnerable machine. Disconnection may be deemed unnecessary by the IT team if work is already under way to correct the identified vulnerabilities and is expected to be completed swiftly.
[1] Clearly the computer office database needs to be kept up to date so that the correct people get informed. Tell help@maths.cam.ac.uk of any changes.
[2] Serious vulnerabilities include an attacker being able to run processes on the machine without using a password or an attacker being able to obtain a password across the network.
