About OIT About the OIT
Directories Directories
Connect to Network Connect to Network
Network Services Network Services
Security IT Security
Voice Services Voice Services
Cable TV Cable Television
Computing Computing
Information Resources Information Resources
Committees IT Committees
Jobs IT Jobs at UCSB
 
spacer spacer
spacer Office of Information Technology  
spacer
spacer
           
spacer
spacer
spacer view site index contact OIT staff
spacer
spacer
  OIT Home > Security > Report Hostile Activity
spacer spacer
 

Report Scanning, Hacking, and Other Hostile Activity

  We take matters of scanning, hacking, and other hostile activity very seriously, and we make every effort to investigate all reports of abusive activity in a timely manner.

When reporting unauthorized connection attempts, please follow these guidelines:

  • Please take a careful look at your data to make sure that the offending host's IP address belongs to the ucsb.edu domain (i.e., the IP address looks like 128.111.nnn.nnn or 169.231.nnn.nnn).
  • Send one event per email. For multiple events, send multiple emails. This will help ensure that each issue is addressed in the most efficient manner.
  • Include all logs relevant to the event.
  • Paste the relevant portion of the log in plain-text format into an email.
  • Be sure your logs contain the following information:
    1. Date of incident
    2. Time of incident
    3. Time zone in which the logs are captured
    4. Source IP address or host name
    5. Destination IP address or host name
    6. Destination port
    7. A brief general description of the event
  • Do not send repeated messages regarding the same event.
  • Do not send multiple complaints in a single message.
  • Do not send an entire log file. Include only portions of the log that pertain to the IP and event in question.
  • Do not send attachments. We will not accept them.
  • Do not send formatted text (Word, Excel, etc.).
  • Do not include trace routes, whois lookups, or ping results, as these do not contribute to the investigation and can lead to the message's becoming unreadable.
Note: If you are using a personal firewall such as ZoneAlarm (tm), and your computer's IP address is dynamically assigned through DHCP, then please do not send reports about a computer in our domain attempting to connect to your host through a peer-to-peer file sharing service. Examples of peer-to-peer file sharing services are Kazaa, which will attempt to connect to port 1214, and GNUtella, which will attempt to connect to port 6346.

Send your report to security@ucsb.edu

ETA

  spacer
spacer University of California Santa Barbara Home Page
  Copyright 2003-2014 The Regents of the University of California, All Rights Reserved
Web contactTerms of UseAccessibility
Last modified: 10/19/2007
  spacer