Blocking
of Illegal IP Addresses and Network Cards Continues
By
Raymond Poon
|
In
the past few months, thanks to departments'
cooperation, the Computing Services Centre
(CSC) has successfully completed the registration
of IP addresses and network cards used
on the campus network. This information
can help the CSC rectify problems and
notify the victim users more quickly.
In order to minimise the security threats
arising from illegal network connections
using unregistered IP addresses or network
cards and to better protect the cyber-community
of the University, effective from 1
September 2002, all such IP addresses
or network cards, once found, will be
immediately filtered (blocked) from the
network without prior notification.
To
assist staff in maintaining the accuracy
of their IP addresses/network cards and
the related information, the following will
be provided:
- In order to
avoid interruption to staff's work due to
blocking arising from "unregistered"
status, staff are advised to check, and if
necessary to update, the registration record
of the network connection for their computers
by clicking 'My Network Connection'
in the Intranet and following the instructions
displayed there.
In
case of discrepancy, the staff concerned
may have to ask their Departmental Network
Administrator (DNA) to make the amendments
for them as some privileged data of
their network connection registration
records in our database are protected
and can be updated only by the DNA through
the Network Address Management System
(NAMS). In fact, the NAMS, available
under the "Utility and Tools"
menu of the Intranet, performs all functions
for the 'My Network Connection'. The
DNA has the privilege to invoke NAMS
to update both the protected and un-protected
data of any network connection registered
under the department while other staff
can only update unprotected data of
those network connections registered
under their names.
- All blocked
network cards and/or IP addresses, and the
reasons for being blocked can also be found
at the above-mentioned URL. They will be released
only when proper remedial actions have been
taken and the CSC is so informed in writing.
For those users who can no longer access the
list of blocked IP/network card addresses
from their PCs due to either their offending
IP addresses/network cards already being blocked
or other network problems, they can access
the list through other networked PCs.
-
A one-time allocation of 3 or 5 floating
IP addresses, depending on the size
of the department, can be allocated
for ad-hoc uses to computers that need
to connect to different network points,
etc. Staff can request these floating
IP addresses through the "On-line
CSC Work Request Submission System".
-
Registered
IP addresses, if have not appeared on
the network for 3 months, will be returned
to the unused IP address pool and removed
from NAMS database.
-
Registered
network card addresses, if have not
appeared on the network for 3 months,
will be declared obsolete and removed
from NAMS database.
Moreover,
you can help the CSC strengthen the security
of campus network by:
-
Using
'NAMS' to register all the network cards
and IP addresses being used by your
department, and the types of network
services being offered, if any
-
Using 'NAMS' to remove as soon as possible
any unused IP addresses
-
Using 'NAMS' to remove as soon as possible
any obsolete or unused network cards
-
Using 'NAMS' to keep information related
to registered IP addresses and/or network
cards up-to-date
-
Not applying for more IP addresses than
necessary
-
Informing the CSC in writing of the
transfer of ownership of computers/network
devices and their new locations
-
Informing the CSC of unused network
points
Should there be
any query, please contact the CSC Help Desk
at 27887658 or your CSC Representative.
|