Main Navigation:

• Information Security Office »

• Security Awareness

• Training
• Are you being hacked?
• Top Ten Viruses
• How to protect your computer
• Request a security scan
• Login Banners
• Policies & Best Practices

• Identity Theft

• Unauthorized Access FAQ

• Sanitization

• Sanitization of Electronic Media

• Report...

• Abuse
• Security Incident

• Security Tools

• What is a security assessment?
• ITC Security Workshop

• Other

• How can we help you?
• Security-Related Links & Info
• Download Anti-Virus, SSH, VPN, & more
• Server Firewall Change Management
• SSL VPN Change Management
• 
  Search the ISO Site
• 
  University of Tennessee System Home

Security issues are defined as "the use of any part of the UT Information Systems Infrastructure in an unacceptable manner that requires review by the Information Security Office". Security issues apply to cases in which a person gains unauthorized access to the information systems infrastructure and uses infrastructure in a manner that does not adhere to the Acceptable Use of Information Technology Resources (Policy No.: IT0110).

Examples of security incidents include but are not limited to:

• Excessive Bandwidth use caused by the compromise of a system
• Commercial Use of UT resources
• Compromised Computers
• Copyright Infringement
• Digital Harassment
• IP Spoofing
• Intruder Activity
• Network Attack / Denial of Service condition
• Virus / Internet Worm Activity

To report a security incident, send the following information to security@tennessee.edu:

• Your full name
• Your NetID (If you are affiliated with The University of Tennessee)
• Your affiliation (Faculty, Staff, Student, etc...)
• A phone number or e-mail address we can use to contact you (If you require a response)
• The type of incident (Bandwith, Compromise, Copyright Infringement, etc...)
• The IP name of the attacking system, if appropriate.

In addition to the above information, it is extremely helpful to include:

• Full message headers
• System logs
• Date and/or time of incident

When reporting an incident, please remember the following:

• If you require additional contact from a university employee please indicate this in your message and make sure you leave valid contact information.
• If at all possible, please provide IP names. Most modern networks, including much of the UT network, use dynamic IP addressing. That means that the system that had the address 1.2.3.4 yesterday, may not be the same system that has it today. Indeed, IP addresses can change association on an hourly (or shorter) basis. If you are unable to determine the IP name of a system, please provide any other information you can find about the system or the offense. The date and time (be as exact as possible) or a MAC address are extremely helpful in this regard.
• Freedom of Information Act and Tennessee Open Records Act inquiries should be directed to the General Council's office.