IRIS

Due to the Winter Holidays, Energy Curtailment, and New Year’s Holidays, the Berkeley campus is officially closed for the period Monday 12/24/2005 to Monday 01/02/2006.

All departmental computing servers will remain on and should be available during the break, but there will be no staff on site to provide any computing support or handle any requests. Automatic monitoring systems will alert staff to critical infrastructure problems, and any such problems will be dealt with on a best-effort basis. We expect full service to resume on January 2nd.

The EECS Department’s Computer Helpdesk will be closed during this time. Problem reports can be left on the Helpdesk voice mail (2-7777) or emailed to help@eecs, but staff may not receive or reply to these messages until January 2nd.

During the break, Instructional labs will be locked, but the main servers should remain online (imail.eecs, inst.eecs, cory.eecs, mamba.eecs and fileservice.eecs). Instructional support staff will occasionally monitor inst@eecs over the break. If you are unable to contact inst@eecs, you can leave a message at 2-9543. Please be aware, though, that staff may not be able to respond or reply to messages until January 2nd.

We recommend that all desktop computers be shutdown during the Energy Curtailment Period. If your Windows computer needs to stay on during the break, we recommend that you check with your system administrator to ensure that Automatic Updates are enabled with the option ‘Automatically download the updates and install them on the schedule that I specify’, with a daily update schedule. For all windows systems, especially mobile laptops, we also suggest that you consider installing personal firewalls.

Computing support staff will be monitoring their email when possible, so please use standard email addresses to report any urgent problems. As a reminder:

• Instructional Computing Environment: inst@eecs
• Research / Staff Computing Environment: help@eecs

Enjoy your holiday break!

The BID center router will be down for repairs on Friday Dec. 23 from 8:00 AM until 8:30 AM.

The server is back up as of 9:10am. Thanks for your patience.

********************************************************************
Title: Microsoft Security Bulletin Summary for December 2005
Issued: December 13, 2005
Version Number: 1.0
Bulletin: http://socrates.berkeley.edu:2002/MinStds/
********************************************************************

Security patches defined by Microsoft as “critical” or “important”
MUST be applied within 10 business days of notification. Should there
be active exploits, the time will be adjusted and users will be
informed appropriately. Hosts unpatched after the defined time are
subject to scanning and removal from the EECS network as per campus
IT security policies http://socrates.berkeley.edu:2002/MinStds/

Patching is sometimes dependent on the service pack level of the
Microsoft OS, and installed applications, please read requirements
carefully.

Critical Security Bulletins
===========================

MS05-054 – Cumulative Security Update for Internet Explorer (905915)

Impact: Remote Code Execution

Affected Software:

Windows Server 2003

Windows Server 2003 Service Pack 1

Windows Server 2003 x64 Edition

Windows Server 2003 for Itanium-based Systems

Windows Server 2003 with SP1 for Itanium-based Systems

Windows XP Service Pack 1

Windows XP Service Pack 2

Windows XP Professional x64 Edition

Windows 2000 Service Pack 4

Review the FAQ section of bulletin MS05-054 for information about these operating systems:

Windows 98

Windows 98 Second Edition (SE)

Windows Millennium Edition (ME)

Version Number: 1.0

Important Security Bulletins
============================

MS05-055 – Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)

Impact: Elevation of Privilege

Affected Software:

Windows 2000 Service Pack 4

Version Number: 1.0

Microsoft will release their patches for the month on Tuesday, December
13, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the
following Wednesday, December 14, 2005, from 3:00 – 5:00pm.

macserver.eecs.berkeley.edu, which hosts the Mac software warehouse, will
be down for maintenance at this time as well.

As part of the effort to continue to strengthen our IT security, and to comply with the campus requirement, our exemption from the campus Windows RPC services blocking will cease after Dec. 21, 2005.

This will impact remote authentication to our Windows Active Directory (ie. the “EECS” domain) from offsite. It will also prevent ALL remote mounting of coeus, project, or WinSWW from any Windows system. Some examples are listed here:

You will not be able to log in to the “EECS” domain with your account and password if you are on the internet.

You will not be able to map or mount any drives such as \\coeus, \\project, or \\winsww (or any of your research group shares).

You will not be able to access \\print directly.

You will not be able to access fontus.eecs.berkeley.edu (Exchange server) directly.

This block was put in place by campus SNS group at UCB border approximately two years ago. EECS has an exemption, but the exemption is expiring.

There are two ways to alleviate this impact:

1. Use “remote desktop” to log into hermes.eecs.berkeley.edu (or your own terminal server) and access your data. For more information on this, please follow this link.

2. Use the campus VPN service. This will give you an UC Berkeley campus IP address, and allow you to authenticate and access directly our resources.

If you have any questions, please contact help@eecs.

As previously announced on the Oct. 11 Town Hall meeting, EECS will be making some changes to its wireless service offerings:

1. Effective Nov. 1, 2005, campus Airbears service is now available throughout the entire EECS, including all floors of Soda and Cory Halls, BWRC, and HMMB (CITRIS and BID centers).

2. After Dec. 20th, 2005, the existing EECS guest wireless service will cease to function. EECS users with valid Calnet IDs can obtain Airbears guest wireless service for their guests, for up to one week.

3. Effective Jan. 2006, EECS will be offering an extended guest wireless service, with a nominal charge, for our guests that need wireless internet access for more than the 7 days offered thru Airbears. The registration process is done thru
https://guest.eecs.berkeley.edu. A valid COA will be required. Guest wireless service can be provided on a monthly basis.

For details, please direct your inquiries to help@eecs.

Nov. 15 2005 from 0600-0630, core router inr-202 will be reloaded to upgrade the software running on it. This is necessary for two reasons:

1. A recently announced vulnerability that is fixed in newer software;
2. A problem with incremementing error counters, on which CNS is working with Cisco’s tech support.

There will not be any prolonged outage, because this router is redundant with another, inr-201. However, there may be a brief disruption while routing converges.

********************************************************************

Title: Microsoft Security Bulletin Summary for November 2005

Issued: November 8, 2005

Version Number: 1.0

Bulletin: http://go.microsoft.com/fwlink/?LinkId=56129

********************************************************************

Security patches defined by Microsoft as “critical” or “important”
MUST be applied within 10 business days of notification. Should there
be active exploits, the time will be adjusted and users will be
informed appropriately. Hosts unpatched after the defined time are
subject to scanning and removal from the EECS network as per campus
IT security policies (http://socrates.berkeley.edu:2002/MinStds/).

Patching is sometimes dependent on the service pack level of the
Microsoft OS, and installed applications, please read requirements
carefully.

Critical Security Bulletins

===========================

MS05-053 – Vulnerabilities in Graphics Rendering Engine Could Allow

Code Execution (896424)

Impact: Remote Code Execution

Affected Software:

– Windows 2000 Service Pack 4

– Windows XP Service Pack 1

– Windows XP Service Pack 2

– Windows XP 64-Bit Edition Version 2003 (Itanium)

– Windows XP Professional x64 Edition

– Windows Server 2003

– Windows Server 2003 for Itanium-based Systems

– Windows Server 2003 with SP1 for Itanium-based Systems

– Windows Server 2003 x64 Edition

We are very pleased to announce that a second EECS computing/networking helpdesk is now officially established in Soda hall, room 313. The Soda Hall helpdesk will be open daily from 9 am to 5pm, and our onsite consultants will do their best to resolve all your computing and networking inquiries or facilitate other requests. You can also reach them via email (help@eecs) or phone (2-7777). Software will be available for checkout from the Soda Hall helpdesk as well.

The Cory Hall helpdesk (395 Cory) will continue to be in operation.

Please come to say hello to our helpdesk consultants when you get a chance. And if you have comments or suggestions, please let us know.