Main Menu
HSIN, MS-ISAC, NIST Framework & CIS Security Controls Navigation Menu
198.187.232.0/22
198.187.236.0/24
- HSIN MS-ISAC Home
- MS-ISAC website via CISecurity (Center for Internet Security)
- MS-ISAC Services
- MS-ISAC Report an Incident
Notes from MS-ISAC on setup:
Please find details below on our Passive Monitoring Services:
Web Profiler: Domains will be passively scanned for known vulnerabilities by software version. This is done be analyzing the headers in an HTTP request for out of date software. This is done on a weekly basis and information is stored internally for reference.
Port Profiler: This is a service where IPs that we have in our records are scanned for open ports. Ports that should not be public facing or that are associated with vulnerable software are reported on. This is done quarterly at the end of Jan, April, July, Oct.
Spamhaus: We receive a list of IPs communicating with sinkholed malicious domains operated by a company called Spamhaus. We parse that according to the IPs in our database and notify of suspected infected machines.
Darknet: We monitor federal IP space not associated with any domains or services for communications. We alert on IPs in our database communicating with these "dark" IPs which indicates worm or spam activity as there are no legitimate reasons to communicate with the dark IPs.
Website Defacements: If we observe any defaced websites of a domain we have in our database, we will notify that entity.
Pastebin: We monitor Pastebin for account credential dumps. Domains associated with any accounts we find which are in our database we report on.
Other: We notify on any reported or observed activity which we can attribute to an owner of a domain or IP in our records. Examples being account credential dumps not found on pastebin, hacktivists that claim they will attack a given IP or domain, and any other activity we find involving IPs or domains belonging to our members.
In addition, your homenet IP addresses are your internal subnets used for the logical Albert sensor. Please do not hesitate to reach out with any further questions.
- North Idaho College CIS Controls v8 (2021) (Box)
State Board of Education: NIST Cybersecurity Framework Adoption - CSC Security Controls Progress (Lucy Hein):
- NIC Strategic Plan 2021-2025 (Box)
- Initial 2018-2019 SBOE Progress Doc (Box)
- Final 2020 SBOE Progress Doc (Box)
- Final 2021 SBOE Progress Doc (Box)
CIS Security Controls Links:
- CISecurity website
- CIS Controls v8
- NIC Box link to CIS Security Controls information
- NIC Box link to CIS Controls Initial Assessment Tool for v7.1b - updated in 2019
- AuditScripts CIS Security Controls Assessment Tools
- TIC (Trusted Internet Connections) Core Guidance Documents