News

There will be a brief wireless network outage on the upper floors of Cory Hall @ 7:30AM on Monday, July 11th. The outage should last no longer than 15 minutes.
[Read more…] about Brief Wireless Network Switch Outage

Microsoft will release their patches for the month on July 12th, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, July 13th, from 3:00 – 5:00pm.

Security Advisory (903144) June 30th, 2005
Title: A COM Object (javaprxy.dll) Could Cause Internet Explorer to Unexpectedly Exit. See http://go.microsoft.com/fwlink/?LinkId=49999 for more information.

Security Advisory (891861) June 28th, 2005
Title: Release of Update Rollup 1 for Windows 2000 Service Pack 4 (SP4) The Update Rollup contains all security updates produced for Windows 2000 between the time SP4 was released and April 30, 2005, the time when the contents of the Update Rollup were locked down for final testing by Microsoft.
See http://go.microsoft.com/fwlink/?LinkId=49772 for more information.

For those that are interested in using the VPN service, please download the software from \\winsww\sww\public\vpnclient\vpn403f.

Once you install, you will have several pre-set profiles to choose from, “UCB-split”, and “EECS” among them.

To install, copy the vpn403f directory to your local drive and run setup.exe, then reboot the system. After reboot, go to C:\Program Files\Cisco Systems\VPN Client and launch the vpngui.exe to open the VPN Client window. In the VPN Client window, highlight the connection entry you wish to use. You can set this as the default connection entry from the “Connection Entries” pull-down. Click “connect” and use the appropriate authentication credentials for the profile.

If you have a Calnet ID, we strongly recommend that for now you use the “UCB-split” profile. This will get you an UCB IP address. This service is in production and supported by the campus (http://www.net.berkeley.edu/vpn).

If you select the “EECS” profile, you will need to use your EECS Windows account and password to authenticate. Once connected, you will get an EECS IP address, and will be treated as if you are on the EECS network. However, we know certain subset of EECS users with accounts migrated from old NT domains will NOT work correctly all the time. If you encountered problems logging in, please switch back to the “UCB-Split” connection. There are many technical difficulties in setting the EECS service up, so once we have a better solution, we will let everyone know.

Please note that the campus (and EECS) vpn service will NOT work while you are physically on campus.

For those users that use non-Windows platform, you can download the campus VPN software directly from http://www.net.berkeley.edu/vpn. These will not have the EECS profile, and once we have tested them, we will make them available on our local software distribution.

For more information, please see the
VPN FAQ page.

We are pleased to announce the deployment of the new 802.11a wireless service in EECS. 11a offers a much higher link speed (54mb as opposed to 11mb for 802.11b), less interferences, and the possibility of stronger encryption.

For the first phase, we will deploy a non-encrypted 802.11a service. If you have a 802.11a wireless interface, you should be able to connect to “EECS-11a” SSID (there is no other keys required, but your system has to be registered in the EECS wireless network). The service will now require users to authenticate prior to routing. Once you start your browser (please be sure that javascript is turned on), it should redirect you to the authentication page. Use your EECS LDAP username and password for authentication. The lease will expire after a certain period of inactivity, so one can always reconnect to https://1.1.1.1/login.html to re-authenticate. Please note that you should only accept the certificate for the current session when you use the https://1.1.1.1/login.html to reauthenticate. Do not accept the certificate “forever” or you might encounter problems when you roam around EECS. Due to caching problems with firefox, you might be receiving an error about certificates. Please use another browser to authenticate before using firefox.

We have tested only a limited number of 802.11a devices, so it is possible that your 802.11a network device is not fully supported.

Due to limited staffing, we regret to say that we might not be able to get to your specific device immediately.

We know IBM and Dell laptops with built-in 802.11a work, as well as Avaya 802.11a cards (you must install the driver for this).

If you have problem using 802.11a, please let us know what kind of configuration you have. 802.11b service remains your best alternative.

EECS guest wireless will stay on 802.11b.

As of March, 2005, EECS has implemented a measure to block all INCOMING www/telnet/ftp/smtp traffic into EECS, except for those systems pre-registered (see this previous IRIS News item).

In order to further comply with the campus
“minimum security standards” policy ,
effective July 1, 2005, any EECS system that currently supports unauthenticated email relaying or unencrypted telnet/ftp/rsh access will be subject to immediate removal from the EECS network until an acceptable remediation plan is obtained.

Thank you for your cooperation.

The multi-user Solaris machine argus has been shutdown due to an unpatchable local root exploit.

IDSG currently has a trouble call in to Sun to address this problem and will bring argus up as soon as the problem is resolved/mitigated.

[Read more…] about Argus Shutdown

Microsoft has released Microsoft Security Advisory (902333) stating that browser windows, without indications of their origins, may be used in phishing attempts.

For more information please see:
http://go.microsoft.com/fwlink/?LinkId=49437

You may have noticed problems during or immediately after the recent IMAP server upgrade. Some unanticipated migration problems occurred that may have caused some lost or delayed mail.

We currently believe that this is limited to mail that arrived between approximately 7am and 10am on Saturday, June 4. If you believe you’ve lost additional mail that arrived either before or after the morning of Saturday, June 4 or if you are still having issues related to the upgrade, please contact idsg@eecs.

We believe that all the problems have now been resolved and sincerely apologize for this inconvenience.

HERMES, the EECS Windows general login server is being configured with
quotas on Wednesday, June 29th.

The quota limit will be 500MB and will apply to C:\Documents and Settings\user.

This is the default users profile location and the only directory users can write to on HERMES.

When a user profile reaches 250MB a reminder will be sent to the user
that the profiles is approaching the 500MB limit.

When a user reaches the 500MB limit, no more data storage will be allowed. This is a fixed quota.

IDSG recommends users save files in their home directories and not on
the local C:\ drive of HERMES as HERMES is not being backed up.

In the event of data loss, no restoration effort will be made.

[Read more…] about HERMES Quota