|
|
Issue
33 - September 2002
|
Blocking
of Illegal IP Addresses and Network Cards Continues
By
Raymond Poon
|
|
|
In the past few
months, thanks to departments' cooperation, the Computing
Services Centre (CSC) has successfully completed the registration
of IP addresses and network cards used on the campus network.
This information can help the CSC rectify problems and notify
the victim users more quickly. In order to minimise the security
threats arising from illegal network connections using unregistered
IP addresses or network cards and to better protect the cyber-community
of the University, effective from 1 September 2002,
all such IP addresses or network cards, once found, will be
immediately filtered (blocked) from the network without prior
notification.
To assist staff
in maintaining the accuracy of their IP addresses/network cards
and the related information, the following will be provided:
- In order to avoid interruption to
staff's work due to blocking arising from "unregistered"
status, staff are advised to check, and if necessary to update,
the registration record of the network connection for their computers
by clicking 'My Network Connection' in the Intranet and
following the instructions displayed there.
In case of discrepancy,
the staff concerned may have to ask their Departmental Network
Administrator (DNA) to make the amendments for them as some
privileged data of their network connection registration
records in our database are protected and can be updated
only by the DNA through the Network Address Management
System (NAMS). In fact, the NAMS, available under the
"Utility and Tools" menu of the Intranet,
performs all functions for the 'My Network Connection'.
The DNA has the privilege to invoke NAMS to update both
the protected and un-protected data of any network connection
registered under the department while other staff can only
update unprotected data of those network connections registered
under their names.
- All blocked network cards and/or
IP addresses, and the reasons for being blocked can also be found
at the above-mentioned URL. They will be released only when proper
remedial actions have been taken and the CSC is so informed in
writing. For those users who can no longer access the list of
blocked IP/network card addresses from their PCs due to either
their offending IP addresses/network cards already being blocked
or other network problems, they can access the list through other
networked PCs.
-
A one-time
allocation of 3 or 5 floating IP addresses, depending on
the size of the department, can be allocated for ad-hoc
uses to computers that need to connect to different network
points, etc. Staff can request these floating IP addresses
through the "On-line CSC Work Request Submission System".
-
Registered IP
addresses, if have not appeared on the network for 3 months,
will be returned to the unused IP address pool and removed
from NAMS database.
-
Registered network
card addresses, if have not appeared on the network for
3 months, will be declared obsolete and removed from NAMS
database.
Moreover, you can help the CSC
strengthen the security of campus network by:
-
Using 'NAMS'
to register all the network cards and IP addresses being
used by your department, and the types of network services
being offered, if any
-
Using 'NAMS'
to remove as soon as possible any unused IP addresses
-
Using 'NAMS'
to remove as soon as possible any obsolete or unused network
cards
-
Using 'NAMS'
to keep information related to registered IP addresses and/or
network cards up-to-date
-
Not applying
for more IP addresses than necessary
-
Informing the
CSC in writing of the transfer of ownership of computers/network
devices and their new locations
-
Informing the
CSC of unused network points
Should there be any query, please
contact the CSC Help Desk at 27887658 or your CSC Representative.
|
|
|
|
|
|
|