Registering "Serving devices" Procedure Coming Soon...
Policy | Standard | Procedure | Informative
Last Updated: 9/17/03
University Computing and Communications Services
Network security article published in the January 2003 "Focus-IT" campus newsletter

Article
Help

 

Registering "Serving Devices" Procedure Coming Soon:

The Internet Services Registration Policy at http://www.gsu.edu/%7Ewwwist/internetservices.htm specifies that everyone who operates a device that is used to “serve” information to on or off-campus users must register that device with UCCS. A procedure that details how to comply with this policy will be available soon, but in the meantime, here are a few facts that you need to know:

  1. A “serving” device can be either a workstation or a server. For example, if you install a web, mail or FTP server application on your workstation, you now are operating a “serving device” that will need to be registered. The deciding factor is that the web, mail or FTP application you have installed allows other users to access your system remotely to view or obtain files, web page content, or email messages.
  2. If you only share folders or files on your hard drive with other users, you are not obligated to report this to UCCS. However, you are strongly encouraged to ensure that you have not opened up a vulnerability that an unauthorized user could then exploit to gain access to your University system. You should password-protect these shared directories or files and restrict viewing to specific users.
  3. If you install a file sharing program on your system such as Gnutella or Kazaaa and you don’t configure it to disallow anonymous users to get files from your hard drive, you are operating a serving device that will need to be registered. Due to the fact that storing and distributing copyright materials is a violation of the Digital Millenium Act, you will want to disable this function in most cases and remove any copyrighted songs, movies, or unlicensed software from your University computer.
  4. In addition to the above items, if you store, process, or access sensitive information such as SSN’s, student financial data, personal data, medical records or information, etc. on a serving device, you are required to ensure that this data is properly protected from unauthorized access and usage. You will need to install antivirus software, a host-based firewall, TCP wrappers, an intrusion detection or integrity checker software, or other types of security measures that restrict access to those who are authorized only. Once your serving device is connected to the internet, thousands upon thousands of anonymous individuals will be trying to access it daily.

Help:

If you have questions, or need assistance, please contact the Help Center at help@gsu.edu or (404) 413-HELP (4357).

Back to Articles Index