What to expect:

• Submitting this form is a request for a security analysis of the host(s) given above. This security analysis involves an intensive, network-based scan of these host(s), and a write-up of vulnerabilities and other facts discovered about them.
• Your computer(s) will be scanned within a few days, and you will receive the analysis report within a week. If this is an urgent request -- for instance, if you are concerned that a system may already have been compromised -- please make a note of this in the comments field.
• Hosts can only be analyzed if they are connected to WHOInet. We can't analyze systems at other institutions or remote ISPs. Also, if you have computers that are only intermittently connected to WHOInet (such as a laptop you take home), please specify when they will be connected.
• Setting up and running a scan of a single host takes about half an hour of billable time. It also takes time to write the analysis report -- more or less depending on the number and type of vulnerabilities found. In general, scanning and documenting a single host should take no more than an hour. Analyzing two or more hosts at once takes less time than analyzing them separately.
• The analysis report you receive will include:
  • A list of basic information about your host which we were able to determine by scanning it.
  • A list of the network services your host is running.
  • A general evaluation of your host's overall "health" -- the likelihood that an attacker would be able to break into it.
  • Detailed information about any vulnerabilities found.
  • Basic instructions to close the vulnerabilities, or pointers to online documentation for same.
  • Recommendations to ensure your host's ongoing security.
  • Contact information for a CIS technician available to do security work or system administration on your host.
• The charge for time spent conducting a security analysis does not include additional work done upon the system, or additional consulting regarding the analysis results.