STEAM-CIRT Summary, Trends for May 2006
Better late than never!
May 2006 Summary & Trends
The month of May could be considered fairly average compared to previous months, despite the disclosure of a critical vulnerability in the popular VNC client, RealVNC. In fact, only one reported IT Incident was associated with the vulnerability disclosure, despite the increased levels of VNC (tcp/5900) scanning. This indicates that either RealVNC use itself may not be widespread on campus, most RealVNC users patched upon receiving notification of the vulnerability, or most installations of RealVNC had controls (such as a firewall) in place to prevent unknown IP addresses from connecting to the RealVNC server.Finally, in the previous month's report it was mentioned that the STEAM-CIRT expected a significant decrease in IT Incidents due the end of the Spring 2006 academic semester. Data collected for May reflects this in the number of classified IT Incidents, which is just over half (80) the number of classified IT Incidents for the month of April (150). Please note that the number of classified IT Incidents differs in meaning from the number of Investigable IT Incidents. It is expected that this number will be slightly smaller in June, level off in July, and will rise again in August due to the start of the Fall 2006 academic semester.
Posted by Matthew Wirges on June 28, 2006, in Handlers Log.