Two applications leap to mind: nmap (port scanner) and Nessus (vulnerability scanner). Nessus has vulnerability tests for just about everything out there. Read more at nessus.org. The only thing is that the scanning engine itself runs in a Unix/Linux environment. But at a university, that should be no problem. For a really good list of security tools, visit www.insecure.org (Home of nmap). Personally, I'm a tool junkie, and so, have lots more than that - but those two will go a long way. As long as you're auditing, I'd also suggest looking into monitoring your firewall logs and analyzing them on a regular (automated) basis. I wrote some PERL code about 10 years ago which is based on output from a cisco Pix firewall, but it can be easily adapted to almost any text-based format (and some binary formats as well). http://www.networkeval.com/downloads/parselog.zip Also - having worked doing network security at a university, I wish you luck in dealing with the politics of the situation. Bob

Two applications leap to mind: nmap (port scanner) and Nessus (vulnerability scanner). Nessus has vulnerability tests for just about everything out there. Read more at nessus.org. The only thing is that the scanning engine itself runs in a Unix/Linux environment. But at a university, that should be no problem. For a really good list of security tools, visit www.insecure.org (Home of nmap). Personally, I'm a tool junkie, and so, have lots more than that - but those two will go a long way. As long as you're auditing, I'd also suggest looking into monitoring your firewall logs and analyzing them on a regular (automated) basis. I wrote some PERL code about 10 years ago which is based on output from a cisco Pix firewall, but it can be easily adapted to almost any text-based format (and some binary formats as well). http://www.networkeval.com/downloads/parselog.zip Also - having worked doing network security at a university, I wish you luck in dealing with the politics of the situation. Bob