The IT Information Security Group conducts automatic security vulnerability scans against all systems and devices connected to the Emory network. These scans look very much like actual attacks against the targetted systems, but are not dangerous and you can safely ignore them.
Look at the IP address and associated DNS name of the system that seems to be attacking you. If the IP starts with 10. and the DNS name is OITSecurityScanner-see-it-DOT-emory-DOT-edu-SLASH-scan.emory.edu then it's a legitimate Emory scan and you can ignore it. There are also a few legacy scanning systems whose IPs begin with 170.140. and whose DNS names start with EmoryUTS and end with Scanner.cc.emory.edu.
If you are concerned that your computer is being attacked systems that don't match the criteria above, please email firstname.lastname@example.org or call 404-727-6666.
Some fragile network devices may crash when they are scanned. We encourage you to contact the device's vendor to see if any patches or updates are available that might fix the problem. Any device attached to the Emory network needs to be robust enough to withstand scanning.
For critical devices, though, we can temporarily stop scanning them while you work with the vendor. To request that we stop scanning one or more devices, please send a list of all the devices' IP addresses to email@example.com.
Yes, for systems you're responsible for. Email us at firstname.lastname@example.org. Be sure to include your contact information, your NetID, the name of the organization you represent, and a list of IP addresses you're interested in.
We are working on a web-based system that will automatically allow access to scan results in real time.
Our scanning system does not perform scans of any system at any particular time. You may see scans at any time of day, and time between scans can vary from one day to a week or more. It is not possible to limit scanning of specific systems to a given window of time.
We can manually scan your system in addition to the usual automatic scanning. Such manual scanning is not usually necessary, though, because the automatic scans are so frequent. If you would like to request a manual scan at a particular time, please contact us at email@example.com. Be sure to include your contact information, your NetID, the name of the organization you represent, and a list of IP addresses to be scanned.
Please send your question to us at firstname.lastname@example.org or call 404-727-6666.