IT Times LogoIT 
   Times Logo
IT Times Logo

in this issue...
UC Davis Updates Modem Pools

New Vice Provost Looks to the Future

Backup Internet Link Installed

Digital Millenium Copyright Act

New UCD Email Policy

New Software Retailer Debuts this Fall

Instructors Apply New Technology Skills

Computer Security Incidents

Bessie Turns 4: Bovine Online Upgrade

PSL Becomes 3820 Chiles Road

Olson's Blue Period

IT Managers Move

New IT Publication for Students

Volume 7, Number 8
feedback archives search the IT Times IT Times home

Computer Security Incidents
Project Team Starts Gathering Statistics


The chart below provides a snapshot of the computer and network security incidents that were reported on campus in the months of July and August.

"Many incidents go unreported, so the numbers are not truly accurate," says Doreen Meyer, programmer with IT-DCAS and Incident Response and Reporting Project Manager. "They are meant to reinforce in all of us the sense that security incidents do occur on our campus," says Meyer. Some incidents generated more mail than others. "The winner was a mail relay incident that generated 55 complaints."

The Incident Response and Reporting group has started to gather security statistics on a regular basis. We will publish them in the IT Times as they become available. For more information on the Incident Response and Reporting Project, see the Security Web site at


Campus Network and Computer Security Incidents
July-August 1999

Pie chart of different types of computer and network security incidents. 33 percent are spam and email relay related, 8 percent are Acceptable Use Policy violations, 8 percent are host break-ins, and 2 percent are account break-ins

Source: Incident Response and Reporting Project


Spam: unsolicited bulk email and open mail relays. For more information on this topic, see

AUP: violations of the UC Davis Computer and Network Acceptable Use Policy, accessible on the Web at Include inappropriate postings, warez (the upload/download of illegal software, particularly games, from ftp sites), and commercial activity.

Account break-ins: hijacked accounts on the main campus (ISUN) systems.

Host break-ins: compromised systems, primarily via the /tmp/bob exploit. (see the security alerts posted at

Note: In addition to the security incidents depicted in the figure, an average of 2.5 port scans were reported daily. Port scans are scans of the entire UCD network, generally looking for exploitable system weaknesses.