The University of Tennessee
A-Z Index  /  WebMail  /  Dept. Directory
 

Port Map & Scanning Policy

Unauthorized system scans pose a threat to the availability, integrity, and confidentiality of University information resources. Unauthorized scans can be a prelude to the disclosure of sensitive data, cause loss of service, and loss of reputation in the global community. When used properly and with the appropriate authority, scanning is recognized as an excellent tool for protecting the University’s information resources. This policy covers the guidelines for scanning the University’s information systems infrastructure.

Definitions


ISO: The Information Security Office is responsible for coordinating computer security efforts within the University.

Network Port: A numeric identifier used to distinguish between different network services (i.e., HTTP, Telnet, FTP) on the same computing system. Although port numbers range from 0 to 65535, many well known services have reserved port numbers between 0 and 1024 (e.g., HTTP uses port 80, Telnet uses port 23, and FTP uses ports 20 and 21.) To establish a session with a host, a network request must be sent to the appropriate port number on the host (i.e. to establish an HTTP session with a web server, your workstation software will send a request to port 80 of the web server).

Port Mapping: The process of sending data packets to selected service port numbers (HTTP-80, Telnet-23, etc.) of a computing system with the purpose of identifying available network services on that system. This non-evasive process is helpful for troubleshooting system problems or tightening system security. Network port scanning is an information gathering process, and when performed by unknown individuals it is considered a prelude to attack.

Scanning: The process of gathering information on computing systems, which may be used for system maintenance, security assessment and investigation, and for attack. This process includes port mapping and vulnerability scanning. If used properly, scanning of this type is an excellent tool for protecting University information resources. Unauthorized scans can be a prelude to the disclosure of sensitive data, loss of service, and damage to the University’s reputation in the global community.


Security Advisory Committee (SAC) - Was created by the Office of Information Technology (OIT) to examine security issues that affect the University of Tennessee and develop responses that meet the University’s operational needs and the business objectives.

University: The University of Tennessee Knoxville Campus and all property owned, operated and provided service to by UTK resources.

Vulnerability Scanning: The process of identifying known vulnerabilities of computing systems on the network. This process goes a step beyond identifying the available network services of a system as performed by a network port scan. The vulnerability scan identifies specific weaknesses in the operating system or application software, which can be used to compromise or crash the system. The vulnerability scan is also an information gathering process, and when performed by unknown individuals it is considered a prelude to attack.


Policy

It is the policy of the University of Tennessee that no computer system connected to the University’s network shall be used to perform port mapping or vulnerability scanning of the University of Tennessee, Knoxville information systems infrastructure, in its entirety, without prior written consent of the Security Advisory Committee. Port mapping or vulnerability scanning on any computer system (including internal and external systems) shall only be performed under the following conditions:

1. The owner or system administrator of a system(s), may perform a port map or vulnerability scan on that system(s).

2. A University employee may conduct a port map or vulnerability scan on a system on behalf of another after mutual agreement between the owner and/or system administrator of that system. The scanning process requires prior approval by the owner or administrator of the system.

3. Approved LAN and Desktop Support and Network Services staff may conduct a port map in an effort to resolve a service problem, as a part of normal system operations and maintenance, or to enhance the security of University owned systems.

4. The University Information Technology Security Group performs a port map or scan to monitor compliance with University policy, to perform security assessments, or to investigate security incidents.

5. Approved University support staff shall perform an unauthorized vulnerability scan on a system in cases where directed by local, state, or federal authorities.