Real-Time Scanning/Reporting System
Students:
Eric Bonsu, Graduate, Information Technology and Management
Larry Reynolds, Graduate, Information Technology and Management
Elsa Yee, Graduate, Information Technology and Management
Faculty:
Bill Lidinsky, Alva C. Todd Professor and Assistant Director of Information Technology and Management
Project:
"Apply existing technology to solve a real-life problem" for the System and Network Security class. The students' goal was "to determine the vulnerabilities of the Rice Campus host computers and other intranet elements by extensively probing these elements, analyzing results, creating a database of vulnerabilities for each element, and then to take corrective action to reduce or eliminate the vulnerabilities".
Outcome:
Students were able to select and run real-time vulnerability and port scanning to collect information about the Rice Campus network. By using Nessus and Microsoft BaseLine Security Analyzer (MSBLA), they analyzed potential flaws in hardware and software that would predispose the network to exploitation. From their findings, students were able to assess the vulnerabilities, analyze the results and create a database of vulnerabilities for each element.
With the vulnerabilities identified, students took corrective steps to update and patch the vulnerabilities while reducing the possibility of current and future attacks. The Real-Time Scanning and Reporting System identifies vulnerable computers and malicious code by continually probing networked computers for such vulnerabilities, thereby enhancing network security on an ongoing basis.
This project was presented to the Institute of Electrical and Electronics Engineers (IEEE) on Wednesday, May 28, 2003 as part of an IEEE student colloquium.