IT Briefing Agenda 7/17/05

Information Technology at Emory

Information Technology DivisionTechnical Services

IT Briefing Agenda 7/17/05

• New scanning tools• EOL/eVax & BTS• Oracle Names to OID• Manage IT self-

service• TS Update• NetCom Q&A

• Jay Flanagan• Marisa Benson• Mark Parten• Karen Jenkins• Theresa

Goriczynski• Paul Petersen


Web Application Vulnerability Protection

Jay D. Flanagan





Web Application Vulnerability Scanner

• SpiDynamics WebInspect Tool– Implemented in Spring of 2005– Part of our audit process– Scan web applications before they go into

production– Regularly scan currently implemented web

applications for new vulnerabilities– Scans for specific web application vulnerabilities

• cross-site scripting • buffer overflows • injection (SQL) • denial of service










• Web Application Vulnerability Security Awareness Training– August 8, 2005– 8 am to 12 pm– Review web application vulnerabilities and

how they can be protected against in the development of these applications



Web Application Firewall

• Web Application Firewall - NetContinuum– Monitors all web specific traffic on ports 80

and 443 that is not monitored by a regular firewall.

– Acts as a proxy to check this traffic before passing it on to the web servers.

– Blocks attacks including cross-site scripting, buffer overflows, injection (SQL) and denial of service.



Web Application Firewall

• Currently protecting the following ITD managed web applications.– Account Management System (ACM)– Black Board – Prod and Dev– Password Services– The App Prod and Dev Web Server– The Oak Dev Web Server



Self-Service Vulnerability Scanning

• Self-Service Vulnerability scanning available via Nessus– Contact Security Team for setup

• Manage IT (C=University Applications; T=Security; I=Work Request) –or- [email protected]

• Following information needed– Name and organization you support– The IP address range on your network that you

would like to scan– Phone number and e-mail address– Your network ID



Self-Service Vulnerability Scanning

• You will be set up on the Nessus Scanner with an account

• You will be able to scan your range of IP addresses for both desktops and servers– You will only have access to your IP range for

scanning• You will be able to scan as little or as often as

you deem necessary• You will receive a report on what

vulnerabilities are active• Security Team available for consultation on

reports and to answer any questions or help with any issues



Contact Information

• Jay D. Flanagan – Security Team Lead– [email protected]

• Andy Efting – Security Analyst– [email protected]

• Alan White – Security Analyst– [email protected]

• [email protected]



?Questions?Questions


EOL/eVax & Back to School

Marisa Benson


Oracle Names to OID

Mark Parten



Move to OID by July 31st! 138.33.9.106 138.33.9.200 138.33.9.74 170.140.127.43 138.33.9.125 138.33.9.212 138.33.9.78 170.140.127.46 138.33.9.133 138.33.9.215 138.33.9.87 170.140.127.50 138.33.9.135 138.33.9.222 138.33.9.90 170.140.127.51 138.33.9.156 138.33.9.227 138.33.9.92 170.140.127.53 138.33.9.161 138.33.9.230 138.33.9.99 170.140.127.54 138.33.9.162 138.33.9.233 170.140.103.58 170.140.136.70 138.33.9.170 138.33.9.237 170.140.103.61 170.140.205.113 138.33.9.174 138.33.9.245 170.140.103.64 170.140.25.79 138.33.9.178 138.33.9.28 170.140.103.69 170.140.35.105 138.33.9.187 138.33.9.40 170.140.104.195 170.140.35.124 138.33.9.19 138.33.9.42 170.140.104.198 170.140.35.159 138.33.9.192 138.33.9.49 170.140.104.202 170.140.35.165 138.33.9.196 138.33.9.54 170.140.104.204 170.140.35.166 138.33.9.2 138.33.9.61 170.140.111.132 170.140.35.175



Continued … 170.140.35.186 medadm105.medadm.emory.edu vpn151.cc.emory.edu 170.140.35.205 medadm119.medadm.emory.edu vpn152.cc.emory.edu 170.140.35.227 medadm142.medadm.emory.edu vpn180.cc.emory.edu 170.140.35.229 medadm144.medadm.emory.edu vpn188.cc.emory.edu 170.140.40.10 medadm205.medadm.emory.edu vpn194.cc.emory.edudynamic-238-017.usc.edu medadm218.medadm.emory.edu vpn195.cc.emory.edua156150.eushc.org medadm83.medadm.emory.edu vpn197.cc.emory.edua156159.eushc.org medadm88.medadm.emory.edu vpn213.cc.emory.edua156160.eushc.org bvicker.wpec.emory.edu vpn220.cc.emory.edua101045.device.eushc.org vpn12111.cc.emory.edu vpn229.cc.emory.edua025195.eushc.org vpn12113.cc.emory.edu vpn12123.cc.emory.edua048121.eushc.org vpn137.cc.emory.edu vpn234.cc.emory.edua061046.eushc.org vpn139.cc.emory.edu vpn12144.cc.emory.eduResServ3-78.resfac.emory.edu vpn12114.cc.emory.edu vpn12145.cc.emory.eduResServ3-79.resfac.emory.edu vpn150.cc.emory.edu vpn12149.cc.emory.edu



Continued …vpn12152.cc.emory.edu vburian2.cc.emory.edu itd71.cc.emory.eduvpn74.cc.emory.edu tommy149.cc.emory.edu itd81.cc.emory.edudhcp123037.dev.emory.net wrivade.cc.emory.edu itd84.cc.emory.eduACCT103.bus.emory.edu itd152.cc.emory.edu itd95.cc.emory.eduemuosa3a.cc.emory.edu itd169.cc.emory.edu dhcp192208.fmd.emory.edurobpc.rmy.emory.edu itd207.cc.emory.edu docs.fmd.emory.edustatic172-45.nurse.emory.edu itd233.cc.emory.edu jwang6-gx260.fmd.emory.edubhancock.netcom.emory.edu itd239.cc.emory.edu esinsua-gx260.fmd.emory.edudhcp183204.med.emory.edu wrivade-r25.cc.emory.edu dhcp193143.fmd.emory.edudhcp183212.med.emory.edu isjsp.cc.emory.edu dhcp196170.duc.emory.edudhcp183216.med.emory.edu itd36.cc.emory.edu dhcp196184.duc.emory.edufbianch1.cc.emory.edu itd43.cc.emory.edu dhcp19792.duc.emory.eduisjsp.cc.emory.edu itd46.cc.emory.edu ap8.bjcadm.emory.edubggxp.cc.emory.edu itd69.cc.emory.edu payroll2.bjcadm.emory.edujblue.cc.emory.edu itd7.cc.emory.edu ap6a.bjcadm.emory.edu



Continued …ap19.bjcadm.emory.edu dhcp-230-109.whitehead.emory.eduap5a.bjcadm.emory.edu dhcp-230-31.whitehead.emory.edufinlab1.bjcadm.emory.edu dhcp-231-85.whitehead.emory.edukwaj.cc.emory.edu dhcp233237.wmb.emory.edugrover.cc.emory.edu dhcp233071.wmb.emory.edushogun.cc.emory.edu dhcp236159.wmb.emory.edubert.cc.emory.edu dhcp237096.wmb.emory.eduernie.cc.emory.edu ecor.cardio.emory.eduoscar.cc.emory.edu dhcp245-179.briarcliff.emory.edunt-cim.cc.emory.edu mp1-248-165.dialup.emory.edudhcp212174.library.emory.edu mp1-248-193.dialup.emory.edudhcp-221-147.candler-lib.emory.edu dhcp31-237.colloff.emory.edudhcp-221-248.candler-lib.emory.edu dhcp31-242.colloff.emory.edudhcp-225-187.whitehead.emory.edu hr55.hr.emory.edudhcp-228-109.whitehead.emory.edu hrdev.hr.emory.edu



Continued …

dhcp004173.sph.emory.edu dhcp006102.sph.emory.edudhcp004255.sph.emory.edu dhcp006105.sph.emory.edudhcp004079.sph.emory.edu dhcp006128.sph.emory.edudhcp004081.sph.emory.edu dhcp006138.sph.emory.eduminer.theology.emory.edu dhcp006148.sph.emory.edudhcp-43-222.theology.emory.edu dhcp006168.sph.emory.edudhcp005171.sph.emory.edu dhcp006205.sph.emory.edudhcp005057.sph.emory.edu bhorne209dhcp005092.sph.emory.edu ctrl15.bjcadm.emory.eduResServ1-10.resfac.emory.edu psoft13.cc.emory.eduResServ1-12.resfac.emory.edu psoft17.cc.emory.eduResServ1-25.resfac.emory.edu psoft2.cc.emory.edumasteen.cc.emory.edu psoft22.cc.emory.edukassad.cc.emory.edu psoft32.cc.emory.edudhcp006010.sph.emory.edu psoft67.cc.emory.edu



Continued …

psoft76.cc.emory.edu tscitrix2.cc.emory.edupsoft82.cc.emory.edu tscitrix3.cc.emory.educitrix1.cc.emory.edu panther2.cc.emory.educitrix2.cc.emory.edu twr-229-A.resnet.emory.edupcardmts.cc.emory.edu c-24-30-10-226.hsd1.ga.comcast.netala-42-B.resnet.emory.edu c-24-99-45-129.hsd1.ga.comcast.netala-43-B.resnet.emory.edu c-66-56-2-62.hsd1.ga.comcast.netala-54-B.resnet.emory.edu adsl-34-61-224.asm.bellsouth.netala-56-B.resnet.emory.edu adsl-158-184-17.mia.bellsouth.netala-59-B.resnet.emory.edu adsl-214-39-248.asm.bellsouth.netala-70-B.resnet.emory.edu adsl-214-42-30.asm.bellsouth.nettscitrix1.cc.emory.edu adsl-215-158-232.aep.bellsouth.nettscitrix4.cc.emory.edu adsl-215-158-240.aep.bellsouth.nettsr25citrix1.cc.emory.edu adsl-218-35-110.asm.bellsouth.nettscitrix.cc.emory.edu adsl-219-212-86.asm.bellsouth.net



… many to still convert

• Most recent list will be included in the meeting meetings posting

• Use tool on TechTools to make the conversion





Manage IT Self-service

Karen Jenkins



Manage IT Status

• Self-service Phase 1 scheduled for 7/29 @ 7:00pm

• Phase 2– Reports, Port Status Table, Flashboards, &

two-way email scheduled for 8/19/2005– Any self-service enhancements that could

not be developed for Phase 1 (PS Status, “on behalf of”)

• SLAs … investigating & planning stage



DEMO





TS Update

Theresa Goriczynski



NetCom Q&A


Documents

IT Briefing Agenda 7/17/05