UD Computer Security

Computer Security Incident FAQs

 

 
  Computer Security Incident FAQ Main Page

Security Breach Procedures

Protecting Personal Non-Public Information

Responsible Computing
A Manual for:

   Staff
   Students

Student Guide to University Policies

Computer Security Home

What are the indications of a compromised system
or a system under attack?

 

Slow or no response, unable to connect to network services, unpredictable behavior
If you experience these symptoms, check if other people in your local area are having similar problems. If not, the problem could be that your computer has been infected by a malicious program. If your system is compromised and is detected attacking other computers, it will be removed from the UD network.

Unexplained hard drive activity
This may or may not be an indication of an attack. Many anti-virus and anti-spyware programs generate lots of disk activity during system scans. Check to see if one of your programs is running a scan, which could slow system response times.

Log entries in your firewall or system log
Failed logins, entries by users you don't recognize, network connections to addresses you didn't initiate.

You receive an-email from UD IT Security
If you can't get to your e-mail from your system, check it from a different computer to see if there are any notices that your system was cut-off from the UD network for exhibiting rogue behavior - e.g., trying to hack into other systems, sending SPAM, etc.


Return to Computer Security Incident FAQs

Questions / comments?
Copyright © 2006, University of Delaware