Skip to the content

Kansas State University

  1. K-State home >
  2. Information Technology Services >
  3. Security >
  4. Policies and Procedures >
  5. SIRT Vulnerability Alerts Procedures

Vulnerability Alerts Procedure

posted April 30, 2004. updated Aug. 11, 2006

The purpose of this procedure is to use K-State's SIRT security contacts as a reliable communications channel for the campus at large. As a general guideline, initial decisions to take a certain course of action will come from SIRT, and be carried out through security contacts.

Vulnerability (virus/worm attacks) alerts will be created and communicated in the following order:

  1. The alert will be created by the K-State IT Security Officer and edited by SIRT members via SIRT-L. The cutoff time for sending changes will be 2 p.m. the same day. The final version of the message will be approved by the K-State IT Security Officer (or other designated SIRT member in the IT Security officer's absence).
  2. The final approved message will be sent to the SIRT security contact listserv, to be forwarded to their respective departments and/or offices before 5 p.m. the same day. In critical instances an e-note will be sent campuswide to all students, staff, and faculty.
  3. A standard alert graphic will be created by the K-State Webteam and posted on the appropriate webpages including the IT security website.

Standard format for university-wide vulnerability alerts

The purpose of the standardized e-mail is to keep the message as simple and easy to read as possible for all campus users. It is intended for users to become familiar with these advisories from SIRT security contacts and learn to take proper precautions with their computers when an outbreak does occur. Users can access more technical, detailed descriptions at the references cited at the end of the message.

To: All K-State students, faculty, and staff
Subject: Security Alert: Virus/worm attack
Date: _______________
From: IT Help Desk, helpdesk@k-state.edu

The purpose of this Security ALERT is to make the university community aware of a recent computer virus/worm that has the potential to destroy computer files, disable computer functions, or otherwise disrupt normal business operations at Kansas State University.

Virus/worm name:____________________

How it is spread:______________________

Example: (insert example)

Instances reported at K-State (if known): ____

What you should do: (keep instructions to 2-4 sentences)______________________________

If you have questions or need advice, contact your department's technical support staff. A complete list of SIRT security contacts can be found at www.k-state.edu/its/security/sirt/contacts.html.

If you need additional assistance, contact the IT Help Desk, 785-532-7722, helpdesk@k-state.edu.

Safe computing,
Security Incident Response Team

Web references:
http://www.k-state.edu/its/security/sirt/
http://antivirus.k-state.edu/
http://symantec.com/enterprise/security_response/threatexplorer