NUS Logo  
NUS Home | Search: in
 
SoC NOC Logo
Home
UserID: Password:

Site Navigation

NOC Home
+User Account
+My Computers
+Documentations
+Security
+Fault Mgmt
+Miscellaneous
 
+Ticket Tracker
+Registrar
+Network Ops
+Loan System
+Facility Mgmt
+Finance
+Archives
+IPTel
+Linux
+Engineering
+Videoconf
+Operations
+NOC API
+DRP

Other links

SoC Homepage
MySoC Intranet
Student Intranet
Staff Intranet
NUS Homepage

About NOC Web

Administratively Disabled Computers

This page is has been moved to the new SoC Document Repository. The new URL for this page is: https://docs.comp.nus.edu.sg/node/1646

When network access is denied to a Computer, it is said to have been administratively disabled. This action is enforced by the network and needs no physical changes and/or reconfiguration on the Computer itself.

Check if your Computer has been administratively disabled.

For Computers registered in NOC Registrar:

  1. Login to NOC, then goto My Computers.
  2. Find the Computer Name from the list of Computers listed. Computers that have been administratively disabled will be indicated in the Computer Name column.
  3. Click on the Computer Name itself to view the Computer Information page. Under the Other Information box, a reason may be offered for the disabling of this Computer.

For Computers that connect solely to SoC Plug-and-Play Network or Wireless Network:

  1. Login to NOC, then goto Miscellaneous, then click on Check Status of Ethernet Mac.
  2. Enter the MAC address of your Computer.
  3. You will be told if this Computer has administratively disabled, and if so, a reason may be offered.

Find out why your Computer was administratively disabled.

The above section may have provided you with the reason that led to the disabling of your Computer. If not, or if you are not sure, please contact SoC Technical Helpdesk.

Take Remedial Action

Before network access is restored to your Computer, you are required to fully remedy the problem that brought about the disabling of the said Computer.

This means that you must fix your Computer or take corrective action so that the reasons that led to the disabling of the said Computer are no longer valid.

Note that if remedial instructions have been provided, then you must follow those instructions as far as they are applicable.

Re-enabling of Network Access

Once you are sure that all necessary remedial action has been taken, you can submit your request for the re-enabling of your Computer's network access via the on-line form at https://noc.comp.nus.edu.sg/user/systemenable.

Please note that NOC records and tracks all such re-enabling requests and will progressively delay the processing of such requests. This is intended as a penalty.

Reasons for Administratively Disabling Computers

The common reasons for computers and/or network points to become administratively disabled are:

  1. Unfixed critical risks reported in security scanning: This is a violation of the Security Scanning Policy. You must fix and remove all critical risk vulnerabilities from your Computer.

  2. Virus infection: Please strictly follow the instructions in Recovery from a Virus Infection.

  3. Blocks network management access: The computer is excessively dropping or filtering network traffic that potentially disrupts network management. This could happen due to a paranoid firewall or packet filtering configuration. In particular, do not filter ICMP echo_request and echo_reply messages.

    For Windows computers, make sure that you do not enable or configure any packet filtering, internet connection firewall, or install any firewall software (e.g. Zone Alarm, etc). NUS VPN is also known to firewall traffic, so do not install/run the VPN software (if you are already in SoC, there usually isn't any sense in having NUS VPN anyway).

  4. Computers which have been identified to have an immediate risk security vulnerability may be administratively disabled without notice. These refer to risks that are even more severe than the critical risks reported by the security scanning system. Advance notice may already have been given via mass email to fix these vulnerabilities.

  5. A device behaving as an intelligent bridge or switch was connected to SoC network. This is detected automatically because such devices transmit 802.1d bridge protocol data units. SoC network switches defend against such intrusions by automatically disabling the offending ports.

    Note that Windows XP has a component called "Network Bridge" which should not be installed or enabled. The functionality of a bridge can also be offered by other software, including Linux. Please ensure that you do not enable such functionality.

  6. A computer or device is injecting excessive errorneous ethernet frames. SoC network switches automatically shutdown down the affected ports.

    Similarly, computers that inject excessive broadcast or multicast frames beyond a threshold deemed to be reasonable will result in the excess traffic being filtered.

  7. Computers that are found to have violated SoC rules and regulations, or acceptable use policies, or suspected to be in violation of them. These include such offences as hijacking of IP addresses, port scanning, etc.

  8. Computers that are determined or suspected to have been compromised or infected by virus will be disconnected immediately.

SoC Network : NOC | MySoC.Net | Trouble Ticket | SoC Home | NUS Home
© Copyright 2001-2012 by National University of Singapore. All Rights Reserved.
Company Registration Number: 200604346E
Terms of Use | Privacy | Non-discrimination
Last modified on 6 Jul 2007 by School of Computing Network Team