We will be changing out some major network hardware on the 5th floor of Cory Hall. This should only take about half an hour, but for safety’s sake we will schedule a 2 hour maintenance window from 0630 to 0830 AM. This will take place either this Thursday(11AUG05) or Friday(12AUG05) depending on when we get the parts. This will knock out most of the South and West side of the 5th Floor, along with the wireless covering that area. Some servers may be down which cover larger areas. This is being done proactively to avoid a major meltdown. Thank you for your patience.
[Read more…] about 5th Floor Cory Network Outages
Switch Maintenance
Due to some potential problems with one of the switches servicing the 5th floor of Cory, we will possibly be doing some work on it either tomorrow (Friday) or Monday morning from 07:30 to 08:30. Actual outage may only be for a few minutes.
This should only be noticed by people on the 5th floor of Cory, however, since this may be experienced by servers on the 5th floor, the outage may be felt elsewhere.
Bruce
HERMES, PRINT, RIS, AND WINSWW Downtime
Microsoft will release their patches for the month on August 9th, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, August 10th, from 3:00 – 5:00pm.
Campus-wide Scheduled Maintenance
There will be a campus-wide scheduled maintenance on Saturday, July 16, 2005 8:00am – 12:00pm
Communications and Network Services (CNS) will be upgrading and moving inr-202, one of two core routers in the campus network. The other core router is inr-201; since inr-201 and inr-202 are redundant, there should not be any major disruption to campus network connectivity. There will likely be minor interruptions when the inr-202 is powered down shortly after 8:00am.
This work may involve downtime on one of EECS’s links to the campus backbone.
Microsoft Security Bulletin Summary for July
Microsoft has released security patches as of July 12th, 2005.
http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx
Security patches defined by Microsoft as “critical” or “important” MUST be applied within 5 business days of notification.
Should there be active exploits, the time will be adjusted and users will be informed appropriately.
Hosts unpatched after the defined time are subject to scanning and removal from the EECS network as per campus IT security policies (http://socrates.berkeley.edu:2002/MinStds/).
Patching is sometimes dependent on the service pack level of the Microsoft OS, and installed applications, please read requirements carefully.
Microsoft Security Bulletin MS05-035
Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)
– Impact: Remote Code Execution – US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Office 2000 Software Service Pack 3 Word 2000
Microsoft Office XP Software Service Pack 3 Word 2002
Microsoft Works Suites:
Microsoft Works Suite 2000
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003
Microsoft Works Suite 2004
Microsoft Security Bulletin MS05-036
Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
– Impact: Remote Code Execution US-CERT currently is not aware of any exploits for this vulnerability.
Affected Software:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Security Bulletin MS05-037
Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
– Impact: Remote Code Execution – US-CERT: A Proof of Concept exploit script has been published.
Affected software:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium), Microsoft Windows Server 2003 x64 Edition, and Microsoft Windows XP Professional x64 Edition
Brief Wireless Network Switch Outage
There will be a brief wireless network outage on the upper floors of Cory Hall @ 7:30AM on Monday, July 11th. The outage should last no longer than 15 minutes.
[Read more…] about Brief Wireless Network Switch Outage
Patching Servers Jul 13, 2005
Microsoft will release their patches for the month on July 12th, 2005. HERMES, PRINT, RIS and WINSWW will be down for patching the following Wednesday, July 13th, from 3:00 – 5:00pm.
Microsoft Security Advisory, June 2005
Security Advisory (903144) June 30th, 2005
Title: A COM Object (javaprxy.dll) Could Cause Internet Explorer to Unexpectedly Exit. See http://go.microsoft.com/fwlink/?LinkId=49999 for more information.
Security Advisory (891861) June 28th, 2005
Title: Release of Update Rollup 1 for Windows 2000 Service Pack 4 (SP4) The Update Rollup contains all security updates produced for Windows 2000 between the time SP4 was released and April 30, 2005, the time when the contents of the Update Rollup were locked down for final testing by Microsoft.
See http://go.microsoft.com/fwlink/?LinkId=49772 for more information.
VPN Service
For those that are interested in using the VPN service, please download the software from \\winsww\sww\public\vpnclient\vpn403f.
Once you install, you will have several pre-set profiles to choose from, “UCB-split”, and “EECS” among them.
To install, copy the vpn403f directory to your local drive and run setup.exe, then reboot the system. After reboot, go to C:\Program Files\Cisco Systems\VPN Client and launch the vpngui.exe to open the VPN Client window. In the VPN Client window, highlight the connection entry you wish to use. You can set this as the default connection entry from the “Connection Entries” pull-down. Click “connect” and use the appropriate authentication credentials for the profile.
If you have a Calnet ID, we strongly recommend that for now you use the “UCB-split” profile. This will get you an UCB IP address. This service is in production and supported by the campus (http://www.net.berkeley.edu/vpn).
If you select the “EECS” profile, you will need to use your EECS Windows account and password to authenticate. Once connected, you will get an EECS IP address, and will be treated as if you are on the EECS network. However, we know certain subset of EECS users with accounts migrated from old NT domains will NOT work correctly all the time. If you encountered problems logging in, please switch back to the “UCB-Split” connection. There are many technical difficulties in setting the EECS service up, so once we have a better solution, we will let everyone know.
Please note that the campus (and EECS) vpn service will NOT work while you are physically on campus.
For those users that use non-Windows platform, you can download the campus VPN software directly from http://www.net.berkeley.edu/vpn. These will not have the EECS profile, and once we have tested them, we will make them available on our local software distribution.
For more information, please see the
VPN FAQ page.
EECS Wireless 802.11a in service!!
We are pleased to announce the deployment of the new 802.11a wireless service in EECS. 11a offers a much higher link speed (54mb as opposed to 11mb for 802.11b), less interferences, and the possibility of stronger encryption.
For the first phase, we will deploy a non-encrypted 802.11a service. If you have a 802.11a wireless interface, you should be able to connect to “EECS-11a” SSID (there is no other keys required, but your system has to be registered in the EECS wireless network). The service will now require users to authenticate prior to routing. Once you start your browser (please be sure that javascript is turned on), it should redirect you to the authentication page. Use your EECS LDAP username and password for authentication. The lease will expire after a certain period of inactivity, so one can always reconnect to https://1.1.1.1/login.html to re-authenticate. Please note that you should only accept the certificate for the current session when you use the https://1.1.1.1/login.html to reauthenticate. Do not accept the certificate “forever” or you might encounter problems when you roam around EECS. Due to caching problems with firefox, you might be receiving an error about certificates. Please use another browser to authenticate before using firefox.
We have tested only a limited number of 802.11a devices, so it is possible that your 802.11a network device is not fully supported.
Due to limited staffing, we regret to say that we might not be able to get to your specific device immediately.
We know IBM and Dell laptops with built-in 802.11a work, as well as Avaya 802.11a cards (you must install the driver for this).
If you have problem using 802.11a, please let us know what kind of configuration you have. 802.11b service remains your best alternative.
EECS guest wireless will stay on 802.11b.