Office of Campus Information Security

• About OCIS
• Awareness & Training
• Campus Initiatives
• Downloads
• Report an Incident
• Contact Us
• 
• Individual Computing
• Secure Your Computer
• Protect Your Identity
• Copyright Infringement
• Handling University Data
• 
• Departmental Computing
• Risk Assessment
• Standards & Practices
• Tools & Forms
• IT Security Principles
• More Security Resources

Scanning IPs

OCIS as well as DoIT Network Services periodically perform a variety of scans of the campus network, e.g., inventory, vulnerability, etc.

We are currently aware of the following scanning machines and their corresponding originating IP addresses.

Office of Campus Information Security (OCIS) vulnerability scanning

OCIS Nessus Scanning Cluster

• security-scanner-1.services.wisc.edu (144.92.230.87)
• security-scanner-2.services.wisc.edu (144.92.230.88)
• security-scanner-3.services.wisc.edu (144.92.230.89)
• security-scanner-4.services.wisc.edu (144.92.230.90)

Devices on UW-Madison Engineering networks will record these scans coming from:

• security-scanner-1.engr.wisc.edu (144.92.13.151)
• security-scanner-2.engr.wisc.edu (144.92.13.152)
• security-scanner-3.engr.wisc.edu (144.92.13.153)
• security-scanner-4.engr.wisc.edu (144.92.13.154)

OCIS Web Application Scanning and Supplemental Scanning

• security-scanner-5.services.wisc.edu (128.104.22.120)
• security-scanner-7.services.wisc.edu (128.104.22.184)

OCIS Supplemental Scanning

• security-scanner-6.services.wisc.edu (128.104.22.43)

For more information regarding the above, please contact OCIS.

DoIT Network Services scanning

icmp "ping" scans

• mil.doit.wisc.edu (128.104.31.31)

icmp, snmp, http servers on port 80. 8080

• cimrman.doit.wisc.edu (144.92.104.75)
• radegast.doit.wisc.edu (144.92.104.53)
• sunspot.doit.wisc.edu (128.104.19.250)
• aton.wiscnet.net (205.213.68.14)
• tazz.doit.wisc.edu (144.92.104.160)

For more information regarding the above, please contact the DoIT Help Desk and have a case escalated to DoIT Network Services.