Department-wide Policies And Advisories

• EECS Computing Systems Security Policy (updated 10/17/2005)
• EECS Network Guidelines and Policies (revised 10/25/06)
• Microsoft Windows Metafile (WMF) vulnerability advisory (12/4/06)
• Sasser Worm (5/5/2004)
• Securing Windows Systems (12/27/2007) before connecting them to the network
• EECS Windows 2000 Network Policy (8/14/2000)
• Computer Account Policy
• Additional IDSG Policies about Computer Accounts and Services
• Computer Account Password Guidelines
• DHCP And Fixed IP Addresses
• UNIX And NT Workstations/Servers General Guidelines
• LINUX Desktop Security Guidelines
• NTSWW Licensed Software Guidelines
• EECS SMTP relaying policy

Computer Security Advisories

• CERT Advisories
• Microsoft Patches
• Sun public patches
• Digitial UNIX Patches
• Linux Redhat Patches

Alerts and Announcements

• Campus Securing X Window System Knowledge Base article (1/26/2007)
• Campus/SNS Microsoft PowerPoint Exploit alert (7/26/06)
• Campus/SNS Critical vulnerability in Internet Explorer - exploited machines detected on campus
• Campus/SNS Google Desktop 3 warning (2/24/06)
• Windows Buffer Overrun In RPC Interface allows remote compromise (7/28/2003)
• IIS web server folder directory traversal vulnerabilty (5/29/2001)
• Solaris snmpXdmid Buffer Overflow Vulnerability (3/21/2001)
• Red Hat Linux rpc.statd vulnerabilty (8/11/2000)
• Virus scanning of departmental e-mail (7/25/2000)
• EECS Security Incidents Report 2001 Fiscal Year (7/01 to 6/02) (4/22/03)(internal access only)
• EECS Computing Security Incidents Report 1999-2000 (7/21/2000) (internal access only)
• HP-UX 10.20 Software Distributor vulnerability (7/10/2000)
• Microsoft "scriplet.typelib" vulnerability (5/10/00)
• Loveletter Virus/Worm Security Alert (5/5/00)
• (updated 5/10/00 with a link to a Eudora advisory)
• Linux Systems Security Alert
• Solaris Systems Attack in Soda (07/06/99)

Documentation

• Campus Information Technology Security Policy
• Secure File Transfers
• Kerberos Help
• Microsoft advice for compromised systems
• Campus user-installed network equipment Policy
• Campus Distribution of SANS Consensus Guides which require CalNet authentication
• Campus Guidelines and Procedures for Blocking Network Access
• Campus Departmental Security Contact Policy
• Campus Domain Name Systems (DNS) Service Policy
• Improving Network and Computer Security at the University of California, Berkeley as reported by the ITATF Security Working Group May 22, 1998
• CalNet the campus unified directory service and authentication infrastructure.
• campus IT Security-related policies and guidelines