Cleaning up of Illegal IP Addresses and Validating Network Connection Information

by Raymond Poon

Those computers on the campus network with invalid network connection registration information on MAC/IP addresses, users' names, user locations, etc or with no registration at all are like illegal residents in the University cyber-community. Some are using unauthorized or other users' IP addresses to conduct their network activities while others become anonymous network users as no one officially knows their true identities or whereabouts, hence they may potentially pose serious security threats to our cyber-community especially during a crisis situation. Take the Windows client PCs as an example, when they become targets during an outbreak of viruses or at the imminent attacks by the hackers, the Computing Services Centre (CSC) could not reach them to issue timely alert or lend them a helping hand. When they become victims, the CSC would not be able to locate them quickly enough to stop them from further spreading the virus or from being exploited by hackers to launch other attacks.

As a matter of fact, during the investigations of the recent outbreak of virus and hacking activities, the CSC discovered that the information recorded in its network database (which contains such information as: IP addresses, MAC addresses, and the locations and names of their owners, etc) for some reasons have quite a number of discrepancies. This not only leads to delay in rectifying problems and notifying the victim users but also causes unnecessary inconvenience or disturbance to those who were thought to be involved but in fact have nothing to do with those incidents.

Moreover, as almost all networking management tools such as firewalls, intrusion detection tools, etc, can recognize only IP addresses or MAC addresses (instead of users' names or computer node names), therefore the accuracy of these addresses are also vital for deploying these tools in order to provide users' machines the necessary protection and timely alerts or warnings.

As such, every computer connected to the CTNET must be properly registered using an authorized Network Address and a registered network card. If not, these computers will be considered as illegal and be blocked from accessing the campus network as soon as they are discovered.

As some computers may be incorrectly classified as illegal due to discrepancies in our database, in order to avoid interruption to your work due to blocking arising from the "unregistered" status, you are advised to check and if necessary, to update the registration information of the network connection for your computer. To do the checking you can simply click on the "My Network Connection" icon under the Intranet menu and then follow the instructions displayed there.

In case of discrepancies, you may have to ask your Departmental Network Administrator (DNA) to do the amendments for you as some privileged data of your registration record in our database are protected and can only be updated by your DNA. Various scenarios of the checking and amending procedures have been published on the Web. For a detailed operation and procedure guide, please click here.

As users are fully accountable for the activities they conduct on the network from their PCs, and the MAC addresses and IP addresses assumed by these PCs are serving as the identity of their respective users, in order to prevent unauthorized uses of these addresses, users are therefore reminded of the following:

  • If possible, avoid lending your network card, IP address, or PC for use by others.
  • Timely inform the CSC, through your DNA, of the following situations:
    • When any registered network card is retired or disposed
    • When any registered IP address is no longer in use
    • When any registered network card or IP address is relocated to another machine or will be used by another user
    • When a PC is relocated to a different room or a different network point
  • Requests for reserving IP addresses for non-existed or yet-to-be-delivered computers normally will not be entertained.
  • Unless with prior approval of the CSC, requests for IP addresses for use on workstations or network equipment not owned by the University normally will not be entertained.
  • Any user who uses unauthorized IP address or forges other user's IP address is a serious offense and may be subject to disciplinary action.

Should you have any query, please contact C.Y. Kwok (x8230) or Raymond Poon (26282668).