January 2007 Summary & Trends
Overall the number of events reported to the STEAM-CIRT increased by 59% from last month, while the total number of actual IT Incidents more than doubled, outpacing STEAM-CIRT expectations. The increase is due to the return of students and faculty to campus after the semester break as well as new IRC Bot detection capabilities provided by the now active campus intrusion detection system.
At the beginning of the month, a new campus intrusion detection system was installed to monitor traffic between the Purdue West Lafayette campus and the Internet. At this time, the IDS is a passive monitor that does not intercept or modify traffic in any way. The STEAM-CIRT handlers analyze alerts generated by the IDS and notify appropriate Purdue Security Contacts if an IT Incident is expected.
The STEAM-CIRT expects the number of IT Incidents to remain relatively steady in February.
Posted by Addam Schroll on February 22, 2007, in Handlers Log.