login.EECS.Berkeley.EDU will be down for
Solaris operating system patches beginning
Tuesday May 25, 2010 6:30 am. The
scheduled down time is two hours but we
expect to be down in less time if there are
no problems.
[Read more…] about login.EECS.Berkeley.EDU
BWRC wireless problem
The dhcp server for the IRIS wireless networks
at BWRC is down. Clients are not
able to get a new dhcp lease or renew their
lease.
Staff is working to resolve this problem.
[Read more…] about BWRC wireless problem
IMAP outage
Email is being delivered to the IRIS imap
server but is not being delivered to people’s
INBOXes.
Currently the imap server is suffering a very high
load but is not logging any errors.
[Read more…] about IMAP outage
New SSL Certificate for gateway.EECS
The current 1024 bit SSL certificate for
gateway.EECS.Berkeley.ED will expire soon.
The current Entrust SSL certificate is being replaced by a 2048 bit Entrust SSL certificate that utilizes the Entrust 2048 bit L1B chain root certificate.
Our testing suggests that thunderbird, pine, Outlook, Microsoft Windows Mail (replacement for Outlook Express) and Apple Mail should be able to use the 2048 bit SSL certificate on gateway.EECS.Berkeley.EDU for outgoing smtp service using STARTTLS without any problems.
If you have problems sending email using gateway.EECS.Berkeley.EDU with the new SSL certifciate please contact the IRIS help desk (help@eecs, 395 Cory M-F 9:30am-5pm, 642-7777).
https://iris.eecs.berkeley.edu/15-faq/15-software/#Email has documentation on configuring various mail user agents.
Note, if your mail user agent can not handle 2048 bit SSL certificates, the outgoing smtp server on calmail.Berkeley.EDU still uses a 1024 bit SSL certificate.
The current Entrust SSL certificate is being replaced by a 2048 bit Entrust SSL certificate that utilizes the Entrust 2048 bit L1B chain root certificate.
Our testing suggests that thunderbird, pine, Outlook, Microsoft Windows Mail (replacement for Outlook Express) and Apple Mail should be able to use the 2048 bit SSL certificate on gateway.EECS.Berkeley.EDU for outgoing smtp service using STARTTLS without any problems.
If you have problems sending email using gateway.EECS.Berkeley.EDU with the new SSL certifciate please contact the IRIS help desk (help@eecs, 395 Cory M-F 9:30am-5pm, 642-7777).
https://iris.eecs.berkeley.edu/15-faq/15-software/#Email has documentation on configuring various mail user agents.
Note, if your mail user agent can not handle 2048 bit SSL certificates, the outgoing smtp server on calmail.Berkeley.EDU still uses a 1024 bit SSL certificate.
Resolved as of 2009-11-16 07:14:00
DHCP service outage
There was a dhcp service outage when a buggy
newer version of dhcpd was installed this morning.
Resolved as of 2009-10-26 08:28:00
vulnerability in Internet Explorer
Microsoft posted Security Advisory (972890)
entitled “Vulnerability in Microsoft Video ActiveX
Control Could Allow Remote Code Execution” on
Monday July 6, 2009 –
The flaw affects people running Internet Explorer
on machines running Windows XP or Windows Server 2003.
A remote, unauthenticated attacker could execute arbitrary code
with the privileges of the victim user.
For such devices, it is recommended that
Microsoft Video ActiveX Control be disabled from
running in Internet Explorer –
http://support.microsoft.com/kb/972890#FixItForMe
http://www.kb.cert.org/vuls/id/180513
[Read more…] about vulnerability in Internet Explorer
BWRC wireless networking maintenance
There will be maintenance affecting BWRC
wireless networking starting Thursday
June 25, 2009 at 9:30 am. During the
maintenance, BWRC wireless clients will
not be able to get a new dhcp lease on the
IRIS wireless network. Devices that obtained a
dhcp lease prior to the maintenance will not
be affected. AirBears will not be affected.
Maintenance is scheduled to be completed by
10:30am, but if work goes as planned
it could be completed by 9:40am.
The existing dhcp server at BWRC providing
IRIS wireless support has a corrupted operating
system and will be replaced by another device
during the maintenance.
[Read more…] about BWRC wireless networking maintenance
phpMyAdmin vulnerabilities and scanning
John Ives from the campus SNS (System & Network Security) wrote:
“Everyone,
As many of you may be aware, web based management tools, whether they are used to manage database backends, web content or anything else, are frequently the targets of attacks by would be hackers. In both March an April, phpMyAdmin, a tool for managing MySQL servers via the web, released patches for issues that would allow users to execute arbitrary php code on the server. In the last couple of days, System and Network
Security has seen a marked increase in the number of attackers who have been scanning for these vulnerabilities across campus. This increase also coincides with an increase in phpMyAdmin scanning that has been reported from other sources, like the Internet Storm Center.
If your system runs phpMyAdmin and you have not already applied the March and April patches (see the reference section below), I would urge you to do so, as soon as possible.
Yours,
John Ives
References:
phpMyAdmin Homepage:
April Patch:
March Patch:
IRIS wireless networks problem at BWRC
The IRIS dhcp daemon was not responding
to requests for EECS, EECS-Open and
EECS-Secure network support at BWRC (the 128.32.63.128/25 network).
A script utilized to update dhcp support at BWRC for the EECS, EECS-Open and EECS-Secure networks contained a logic error which resulted in an attempted restart of the dhcpd daemon when the dhcpd configuration files contained an error. Both the configuration file and the script were corrected and the dhcp daemon was started to resume service.
AirBears support at BWRC was not affected by this outage.
IRIS wireless support in other buildings was not affected.
This incident was not related to some devices on the BWRC restricted network (128.32.63.0/26) having incorrect netmasks.
A script utilized to update dhcp support at BWRC for the EECS, EECS-Open and EECS-Secure networks contained a logic error which resulted in an attempted restart of the dhcpd daemon when the dhcpd configuration files contained an error. Both the configuration file and the script were corrected and the dhcp daemon was started to resume service.
AirBears support at BWRC was not affected by this outage.
IRIS wireless support in other buildings was not affected.
This incident was not related to some devices on the BWRC restricted network (128.32.63.0/26) having incorrect netmasks.
Resolved as of 2009-02-20 13:14:00
mailspool.CS.Berkeley.EDU was not accepting incoming email
mailspool.CS.Berkeley.EDU was not accepting incoming email from Thursday February 5, 2009 02:56 to 05:30.
This resulted in delay of delivery of email. No email was lost. No warning messages should have been sent back to senders.
It appears the process table on mailspool.CS.Berkeley.EDU became full. It appears this may have been a ddos attack.
mailspool.CS.Berkeley.EDU was rebooted to resume normal service.
This resulted in delay of delivery of email. No email was lost. No warning messages should have been sent back to senders.
It appears the process table on mailspool.CS.Berkeley.EDU became full. It appears this may have been a ddos attack.
mailspool.CS.Berkeley.EDU was rebooted to resume normal service.
Resolved as of 2009-02-05 05:30:00