Server Registration Guidelines:
Servers are integral to many computer systems and networks. By their nature, they provide special challenges to ensure the confidentiality, integrity, and availability of computer and network resources.
A server is defined as any device that provides computing service to multiple computers or individuals. See NDUS Procedure 1901.2, Section 1.
All servers on the NDSU networks or operated by NDSU entities must be registered with the Vice President for Information Technology (VPIT).
All servers are subject to established NDUS and NDSU policies, procedures,and standards.
- NDUS Policy and Procedure 1901.2
- NDSU Policy 710, Computer and Electronic Facilities
- NDSU Policy 158, Acceptable Use for Electronic Communication Devices
To register a server, it (the server) must be compliant with NDSU Server Standards. A "Request to Register a Server" form must be completed and submitted to the Chief IT Security Officer. The registration process needs to be completed before a static IP number can be assigned to the server.
Click the links below for more information.
- NDSU Server Standards and Procedures (printable PDF)
- NDSU Server Standards and Procedures
- NDSU Server Check List and Registration Form (printable PDF)
- NDSU Server Check List and Registration Process
An E-Mail will be sent to the Network Engineering and Operations team, after that the security team will be in contact with you to request a time to do an initial server audit, once that has been completed an email will be sent to you stating the IP address that has been assigned to your device. In most instances this will be done through our DHCP service and you will not need to statically assign your IP address.
April 15, 2014
The Internet was stunned to learn of a significant vulnerabilty to security this last weekend. OpenSSL, an application that is used by software and services throughout the Internet for authorization of legitimate websites was found to have a core flaw. Essentially anyone from anywhere could send a specially crafted packet to a service or site using OpenSSL, asking if the server is still accepting communications and the server would return up to 64 Kilobytes of what was in its memory at the time of request. This return could be username and passwords, or documents, or even security certificates. The OpenSSL foundation responded and fixed the core code of OpenSSL, but there are still hundreds of thousands devices, or services that still are running the old version of the software. Please check for updates on your devices, and change any passwords for sites you maybe concerned about. However, only change those passwords after a site has patched their services, and revoked their old security certificate and created a new one.
December 5, 2013
Over 2 Million passwords to popular webpages discovered.
In Mid June, Trustwave Spiderlabs researchers were able to view information in the Pony Botnet controller that indicated that there were over 650,000 website credentials that had been harvested by this particular botnet, which, is fairly widespread. On Tuesday they announced that upon a more detailed look that over 2 million passwords have been harvested by this botnet. Many of these services have now been notified and they are taking corrective action on those accounts that have been compromised.