 |
|
||||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
|
|||||
|
|
||||||||||||
|
|
||||||||||||
|
|
||||||||||||
SYSTEMS STAFF MONTHLY UPDATE - JANUARY 2008
1.Windows security announcements
(a) Our Windows Update server inadvertently deployed "Windows Desktop
Search" as part of their patch deployment. While not critical, this
service consumes disk resources while indexing the computer. This was
an error on the part of the Microsoft WSUS team (Windows Software update
services) which set this option as applicable instead of optional (in
their deployment for Windows Desktop Search update package). Microsoft
is currently investigating this issue and investigating an easy way to
undo the deployment. This has affected all workstations part of our
Windows Server Update Group (XP SP2 and 2003 SP1+).
These computers include:
- Faculty workstations and servers under the backup infrastructure
- Secretary workstations and servers
- Fax workstations
- Graduate ghost server
More information regarding this update and how to uninstall it manually is
available at
http://blogs.technet.com/wsus/archive/2007/10/25/wds-update-revision-follow-up.aspx
(b) Vulnerability in Windows URI Handling Could Allow Remote Code Execution
A specially crafted URL could allow Internet Explorer 7, Windows file, and
Shell32.dll to be used to execute arbitrary code. The vulnerability exists
in all supported versions of XP and Server 2003. See:
http://www.microsoft.com/technet/security/bulletin/MS07-062.mspx
(c) Microsoft has released an updated version of the Microsoft Windows
Malicious Software Removal Tool. See:
http://www.microsoft.com/security/malwareremove/default.mspx
(d) Vulnerabilities in Microsoft Windows and Microsoft Windows DNS Server
These vulnerabilities could allow a remote attacker to execute arbitrary
commands or cause a Windows DNS server to provide incorrect DNS responses.
The incorrect DNS responses could be used as part of a browser redirection
scheme to infect and control client systems. See:
http://www.kb.cert.org/vuls/id/403150
2. Wireless network updates
We are replacing the older 802.11B access points with newer 802.11N access
points in the CS dept. 802.11B units connect wireless devices typically at
11Mb/sec. During testing 802.11N units connected at 54Mb/sec and up to
108Mb/sec.
The sem_wrls1 password required to connect in room 2311 (wireless seminar
room) has been dropped. You will use the sbgwap1 information to connect in
room 2311 as you do to the rest of the production wireless network. Most
people will not notice this change because they already have associated with
a sbgwap1 access point.
Note that not having a WEP password is not going to affect security much, as
WEP keys are fairly easy to break. We plan to support WPA2-level security
in the future. Regardless, we strongly recommend that you use SSH/SSL/HTTPS
for all of your communications over wireless networks.
3. SSO/Reserve-room application speeds up
The reserve-room application was upgraded to increase performance.
4. Web updates
SPM08/SMI08 sites were updated to reflect a new program to provide travel
funds for grads students to the Stony Brook modeling week and items for the
international program committees. The main page news items were rotated to
highlight the achievements of the Stony Brook ACM ICPC teams.
The www directories will be available on compserv1 at: /www/home/[facfs1
stufs1 fs2 fs3 ...] and /www/var/spool/ftp The plan is to phase out editwww
and separate passwords to publish on www. One can log onto compserv1 and
execute a simple cp command to update webpages, or emacs
/www/home/X/public_html/Y.html to edit an existing page.
5. Webmail service
The CS dept has a webmail server with the same basic functionality as the
squirrel mail webmail server. Webmail is accessible at:
https://webmail.cs.sunysb.edu/. Use your dept login and password.
6. Graduate Lab scanner workstation
The old/slow scanner workstation has been removed. Graduate students can
scan their documents in the Fax and Copy room next to the Graduate Secretary
Office (Room 1435).
7. SSO Downloads
The following downloads have been added to the SSO area
(a) Symantec Endpoint Protection v11: Windows-based Symantec Endpoint
Protection 11.0 is an integrated security solution providing antivirus,
host intrusion prevention, device control and a firewall.
(b) Symantec Antivirus v10.1.7: Antivirus Client software supporting Windows
2000 Professional, Server, Advanced Server; Windows XP Home,
Professional and Windows 2003 Web/Standard/Enterprise/Datacenter.
(c) Office 2007 compatibility pack (updated to v3): Open, edit, and save
documents, workbooks, and presentations in the file formats new to
Microsoft Office Word, Excel, and PowerPoint 2007.
8. Xmas-day power outage
There was a general power outage in our building in adjacent buildings,
early morning Christmas day, which lasted a couple of hours. When power had
resumed, our compserv servers did not properly connect to their respective
file servers; email had gotten delayed because of that. We've rectified the
configuration so that the compserv servers will properly find their file
servers after an outage.
UPDATED 12/22/2005:
There have been reports of email circulating recently that seem
to be coming from Teachers Federal Credit Union asking that personal
information be input on a web form to "verify" identity.
There have been other reports of other email circulating recently that ask you to go to a Web site to confirm your user name and password. Some common wording of such attempts are listed below:
"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click on the link below to confirm your identity."
"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
Please do not divulge sensitive personal information (passwords, credit card information, Social Security number, date of birth, Solar PIN etc.) on Web sites that you go to by simply clicking on Web links from emails. Other common phishing attempts purport to be from other trusted sources (banks, credit unions, etc.). Passwords and other sensitive information can be used to steal your identity. In addition to identity theft, sensitive personal information can be used to compromise University systems. It is more than likely that emails with such links are forged and are fraudulent attempts to steal your account and personal information.
There have recently been a large number of such attempts.
Never reply to these emails, simply delete the phishing email,
or if you use Lotus Notes you can report any phishing email to our
spam filter provider by doing an "Actions - Other, This is Spam"
from the menu bar.
If you believe your personal information has been scammed file a
complaint at http://www.ftc.gov and then visit the
government's ID theft Web site at http://www.consumer.gov/idtheft
If you feel a university account has been compromised please contact
University Police."
ONGOING WORK
1. CEWIT
In the process of setting up a monitoring system called 'Nagios' for the
Rocks Cluster Frontend. Nagios is capable of sending email alerts and
monitoring Windows/Linux machines at various hardware and service levels.
2. Backup server
A new backup server is being setup to address backup needs including
research labs and CEWIT. It is expected to become available by the Spring
2008 term.
3. Wireless
The staff is working to complete the upgrade of the current 802.11B network
to 802.11N for the whole production wireless network.
4. Teaching Lab/Transaction Processing Lab
In the process of upgrading/adding software in Translab for Spring 2008
semester.
5. User Provisioning and integrated file services
We are working on a project to integrate all the user logins and file
services in the department. The same login will work on UNIX, Windows and
other infrastructure services provided by the department. Also, the file
servers will be accessible from various systems.
6. New mail/dns/anti-spam servers.
We are continuing to setup and install a new set of Linux-based servers to
replace the aging Solaris servers. They are expected to be deployed during
the Spring 2008 term.
FUTURE PLANS
1. Production MySQL database server
A MySQL server is planned to take over production DB support to replace the
current shared (between educational and production tasks) server.
2. Dynamic provisioning of CEWIT systems
The staff is working on mechanisms to dynamically allocate portions of the
CEWIT cluster. We're exploring some new software from CA.
3. Imap coming to town.
The staff is working on installation of Dovecot Imap server due to numerous
request from faculty for Imap support.
4. Unified LDAP-based login
We have begun investigating the use of LDAP servers in our department. This
would help to consolidate the many user-ID domains we have into one;
currently there are different user-ID domains being managed on the Unix
systems, undergrad and grad teaching labs, database servers, and more. With
LDAP, we hope to be able to manage all user IDs more efficiently and
centrally.
REMINDERS
1. Staff hot-line
2-2772 (CSSB). It will ring all staff office phones and has voicemail.
Business hours are 8 a.m. -- 6 p.m. Mon-Fri except State and Federal
holidays.
2. CEWIT
The CEWIT reporting website is: <http://www.cs.sunysb.edu/~cewit>. There
are 110 compute nodes (Dell, Xeon cpu). There are two HP 32GB RAM 4-CPU
nodes available (compute-1-0, compute-1-1). There are 46 storage nodes
online with 50TB of scratch space via PVFS. A number of additional nodes are
assigned to "Planet Lab". If you are interested in projects for CEWIT,
Planet Lab or have specific requests for support (add software, problems,
questions) please use WREQ to send the request.
3. WREQ Problem Reporting Tool
Work requests and problem reports must be submitted to WREQ and not to
ntadmin/root or individual staff members. This helps us track the progress
of work requests better. We suggest using the Web interface to submit wreq
requests at the URL: <http://www.cs.sunysb.edu/~wreq>. You can also email
wreq at cs.sunysb.edu but the Web interface is preferred. If you send
email, please send plain text (without MIME attachments) and send from your
CS department account.
4. SECWREQ Problem Reporting Tool
You are encouraged to use SECWREQ for requests such as requisitions, course
room changes, office supplies, grade changes, room reservations, payroll
issues, tuition issues, reimbursements and building management issues
(heat/cooling/ lights/leaking roof). The SECWREQ tool is located at:
<http://www.cs.sunysb.edu/~secwreq>. You can send mail to secwreq at
cs.sunysb.edu; please do not send MIME mail or attachments there. Send
email from your CS department account.
Previous Newsletters
- November 2007
- April 2007
- March 2007
- February 2007
- December 2006
- November 2006
- October 2006
- March 2006
- February 2006
- January 2006
- December 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- May 2004
- March 2004
- February 2004
- January 2004
- November 2003
- October 2003
- September 2003
- August 2003
- July 2003
- June 2003
- May 2003
- April 2003
- March 2003
- February 2003
- January 2003
- December 2002
- November 2002
- Index of Newsletters
