SYSTEMS STAFF MONTHLY UPDATE - December 2006

Improving network bandwidth
The mail disruption of September 17-19 was the result ofThe CS staff has been working with the staff of campus Networking Services to improve the department's connectivity to the Internet from about 25Mbps to a full 100Mbps. Initial experiments appear very promising and the CS staff will be monitoring traffic for the next few weeks to confirm the current results are permanent.

Systems added to NYS-Grid
Five CEWIT systems have been added to the NYS-Grid. The initial goal of the grid is to produce 5TF of computers available to researchers in New York state.

MS Internet Explorer V7 issues
 Microsoft Internet Explorer has been found to render some pages differently than IE6 did. In particular some floating blocks do not display as in IE6. Internet Explorer 7 complains about all local security certificates. We advise that when you install IE7, select to retain your current IE6 settings in IE7. Remember to reboot your system after the installation and configuration completes.

New version of X-Windows for PC's
 X-Win32 version 8 is available on the SSO downloads area. The new version of X-Win32 allows you to retain and use old revisions of X-Win32. The new X-Win32 doesn't write to the Windows registry but uses an XML file to retain user settings and history. The X-Win32 version 8 license file cannot be used to extend the life of your older or expired X-Win32 installation.

Transaction Processing Lab updates
 The following packages have been updated: MS Office, Opera 9, J2SE Runtime Environment 5.0 Update 9, Internet Explorer 7 and the license for X-Win 7.1 has been updated. MATLAB has been installed in the Transaction Lab.

Security alerts for Mozilla
Multiple vulnerabilities have been identified in Firefox, SeaMonkey, and Thunderbird, which could be exploited by attackers to take control of an affected system. Please upgrade to Firefox 1.5.0.8, Thunderbird 1.5.0.8, and SeaMonkey 1.0.6.
See: <http://www.mozilla.org/products>

Security alerts for MS Windows
 Vulnerabilities exist in XMLHTTP ActiveX control within Microsoft XML Core Services (Versions 4.0 and 6.0 for all Windows versions) which allow a remote code execution by specially crafted web pages.
See: <http://www.microsoft.com/technet/security/Bulletin/MS06-071.mspx>

Microsoft Windows XP Service Pack 2 has a remote code execution vulnerability in the Workstation service that could allow an attacker to take control of an affected system.
See: <http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx>

There is a remote code execution vulnerability in the way that Microsoft Agent handles specially crafted .ACF files. Attackers could exploit the vulnerability by constructing a specially crafted Web page and take control of an affected system. See: <http://www.microsoft.com/technet/security/bulletin/ms06-068.mspx>

Affected system include: XP SP2, XP Professional X64 edition, MS Windows Server 2003 and SP1, MS Windows Server 2003 X64 edition. Internet Explorer has DirectAnimation ActiveX Controls Memory Corruption Vulnerabilities which could allow an attacker to take control of a system using specially crafted web pages. You should upgrade to Internet Explorer 7 or download patches to IE6.
See: <http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx>

Web updates
 Firefox Mozilla 1.5, NetBeans-5.5 Beta 2, BluJ 2.1.3, IBM Rational Data Architect v6.1, Torque Game Engine SDK, Jython, Wing IDE 101 2.1.2-1 have been deployed to the labs as of 09/29/2006.

ONGOING WORK

Webmail system
 The staff is configuring and testing a (secure) Web based mail reader system for deployment in the near future.

Email address cleanup

The Web admin is cleaning email addresses from pages on the department Web server. Users will be requested to convert instances of email addresses from forms that crawlers can harvest for spamming to variations which cannot be easily collected. The Web admin will be posting information in the CS department FAQ area.

Server upgrades
 Work continues on a new application server, upgrades of www to Apache web server, and upgrades of the email/anti-spam/anti-virus system. Other announced server upgrades are in progress. In the mean time, to help alleviate the pressure on our mail system, a separate, temporary machine was installed to offload the anti-spam processing; this helped improve the stability of the email system in the past two weeks.

FUTURE PLANS

Graduate PC lab upgrades
 The Graduate Windows lab will be closed for software upgrades on Thursday Dec 7th, 2006. Room 1239 will be closed 9am-1pm, and room 1204 will be closed 1pm-5pm.

Web site management systems
 The web admin will be investigating web publishing and content management systems for the department web site. If you have experience with such tools you may share your impressions and experiences by sending email to webadm.

Antispam system
 The antispam software must evolve to meet changes in spam tactics. We hope to introduce changes gradually which will reduce the number of digests a user receives as a result of aliases or mailing lists and new filter rules with a higher hit rate than currently achieved.

Internet 2
 We began discussing with the campus network operations, how to connect the CS department to the campus's high-speed Internet 2 connection directly. This could be particularly useful for CEWIT.

REMINDERS

CEWIT
 The CEWIT reporting website is: <http://www.cs.sunysb.edu/~cewit>. There are now 16 32-bit compute nodes (Dell, Xeon cpu) named compute-0-0 through compute-0-15. There are two HP 32GB RAM 4-CPU nodes available (compute-1-0, compute-1-1). A number of additional nodes are assigned to "Planet Lab". If you are interested in projects for CEWIT or Planet Lab contact Dr. Mohr (amohr) or Dr. Ajay Gupta (ajay). Specific requests for support (add software, problems, questions) should be submitted using WREQ.

WREQ Problem Reporting Tool
 Work requests and problem reports must be submitted to WREQ and not to ntadmin/root or individual staff members. This helps us track the progress of work requests better. We suggest using the Web interface to submit wreq requests at the URL: <http://www.cs.sunysb.edu/~wreq>.

SECWREQ Problem Reporting Tool
 You are encouraged to use SECWREQ for requests such as requisitions, course room changes, office supplies, grade changes, room reservations, payroll issues, tuition issues, reimbursements and building management issues (heat/cooling/ lights/leaking roof). The SECWREQ tool is located at: <http://www.cs.sunysb.edu/~secwreq

.

Previous Newsletters


Campus Events