Return to: U of M Home
Securing a computer is an on-going process. To help assess the security weaknesses of a computer, there are scanning tools that try to identify security risks. These tools are either network-based or host-based (run on your computer).
The scanning tools generally scan your computer for known security weaknesses that the scanner can test for or for open ports (services). The tools generate a report identifying the vulnerability and potential risk. Some scan tools also provide suggestions on how to fix the vulnerability or mitigate the risk.
Security scanning using a network-based tool is only allowed for systems for which you are specifically authorized (i.e., your own or your department's if that is your responsibility). OIT Security is the only department authorized to scan throughout the University of Minnesota network.
By themselves, vulnerability scanners are not a guarantee or sufficient to protect a computer. Vulnerability scanners are tools to be used in conjunction with industry best practices for securing computers, such as applying security patches and running current version of software, configuring the software to use only the services that you need, maintaining accounts and using strong passwords, installing and running antivirus software and maintaining backup and physical security of the computer. For more information on securing your computer, see OIT Security web site at http://www.umn.edu /oit/security
Firewalls and filters provide another layer of defense. However, network-based scanning of computers protected by firewalls or filters may produce unreliable results. It is recommended that periodically some allowance be made to allow the scanner access to assess vulnerabilities on computers behind a firewall or filters. Contact OIT Security at oit.security@umn.edu for more information.