Those
computers on the campus network with invalid network connection
registration information on MAC/IP addresses, users' names,
user locations, etc or with no registration at all are like
illegal residents in the University cyber-community. Some
are using unauthorized or other users' IP addresses to conduct
their network activities while others become anonymous network
users as no one officially knows their true identities or
whereabouts, hence they may potentially pose serious security
threats to our cyber-community especially during a crisis
situation. Take the Windows client PCs as an example, when
they become targets during an outbreak of viruses or at the
imminent attacks by the hackers, the Computing Services Centre
(CSC) could not reach them to issue timely alert or lend them
a helping hand. When they become victims, the CSC would not
be able to locate them quickly enough to stop them from further
spreading the virus or from being exploited by hackers to
launch other attacks.
As
a matter of fact, during the investigations of the recent
outbreak of virus and hacking activities, the CSC discovered
that the information recorded in its network database (which
contains such information as: IP addresses, MAC addresses,
and the locations and names of their owners, etc) for some
reasons have quite a number of discrepancies. This not only
leads to delay in rectifying problems and notifying the victim
users but also causes unnecessary inconvenience or disturbance
to those who were thought to be involved but in fact have
nothing to do with those incidents.
Moreover,
as almost all networking management tools such as firewalls,
intrusion detection tools, etc, can recognize only IP addresses
or MAC addresses (instead of users' names or computer node
names), therefore the accuracy of these addresses are also
vital for deploying these tools in order
to provide users' machines the necessary protection and timely
alerts or warnings.
As such, every computer connected
to the CTNET must be properly registered using an authorized
Network Address and a registered network card. If not, these
computers will be considered as illegal and be blocked from
accessing the campus network as soon as they are discovered.
As some computers may be incorrectly
classified as illegal due to discrepancies in our database,
in order to avoid interruption to your work due to blocking
arising from the "unregistered" status, you are
advised to check and if necessary, to update the registration
information of the network connection for your computer. To
do the checking you can simply click on the "My Network
Connection" icon under the Intranet menu and then follow
the instructions displayed there.
In case of discrepancies, you
may have to ask your Departmental Network Administrator (DNA)
to do the amendments for you as some privileged data of your
registration record in our database are protected and can
only be updated by your DNA. Various scenarios of the checking
and amending procedures have been published on the Web. For
a detailed operation and procedure guide, please click here.
As
users are fully accountable for the activities they conduct
on the network from their PCs, and the MAC addresses and IP
addresses assumed by these PCs are serving as the identity
of their respective users, in order to prevent unauthorized
uses of these addresses, users are therefore reminded of the
following: