|
Written by Janaka Jayawardena
|
|
Wednesday, 23 April 2014 |
In all probability, you have been bombarded with media reports and
e-mails about the recent Heartbleed bug which compromised the password
security of a wide range of institutions (PSU included). OIT has
written an excellent write up about it and how it affects OIT
accounts. You can find it here:
http://www.pdx.edu/oit/news/security-vulnerability-heartbleed-bug
MCECS users and Heartbleed
MCECS services affected by Heartbleed (primarily web and e-mail) have
been patched, old certificates revoked and new certificates installed.
If you run your own Linux Tier 3 Linux systems, make sure you have
installed all recent security patches to make sure any Heartbleed
related issues have been addressed.
Should MCECS Users change their passwords?
It is a very good idea if you change your MCECS passwords if you used
MCECS mail servers or any web services that require the use of
passwords, such as Redmine, Webmail and the MCECS Intranet. The
vulnerability has existed since 2012 and there is no way to tell if
any passwords were compromised during that period. (However, the
vulnerability was not commonly known until recently so it is unlikely
that casual intruders were harvesting passwords in 2012/2013 using
this bug.)
Beware of Heartbleed related Phishing Spam
As affected institutions begin patching their systems, they may be
sending subscribers/users messages that encourage them to change their
passwords. (Just like this message.) This has opened up the
floodgates for scammers who are trying to get you to give up your
passwords.
Treat all messages that request you to change your password with some
skepticism. Try to avoid changing your passwords using a link that
arrived in your e-mail. Go to the affected site directly and do your
password changing there whenever possible.
|
|
|
Written by Janaka Jayawardena
|
|
Thursday, 03 April 2014 |
|
On Tuesday, April 8th, 2014, any CAT supported (Tier 1 or 2) Windows XP systems will be switched to a restricted network access mode. These computers will only be allowed to communicate with CAT Windows services (so that basic system plumbing that it needs to function are possible). There will be no INBOUND or OUTBOUND network access permitted to these systems beyond the basic CAT supplied services provided.
|
|
Last Updated ( Tuesday, 15 April 2014 )
|
|
Read more...
|
|
|
Written by Janaka Jayawardena
|
|
Tuesday, 01 April 2014 |
|
Ada.cs.pdx.edu is a new host for remote logins in CS. (It can also be referred to with a more generic name of linux.cs.pdx.edu.) This machine (a Silicon Mechanics system with 40 cores and 256G ram) runs the same version of Ubuntu Linux currently running in the CS Linux Labs.
Any user with a CS Linux account will be able to log into this machine. With the Linux Labs seeing increased use for directed lab sessions (along with network access restrictions for some sessions), ada will serve as a general use host for CS students and faculty to work without interruptions
|
|
Last Updated ( Tuesday, 15 April 2014 )
|
|
Read more...
|
|
|
Written by Janaka Jayawardena
|
|
Thursday, 06 March 2014 |
|
On April 8th, 2014, after 12 years of service, Windows XP is finally reaching its support End of Life.
http://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx
This means that security updates and patches will no longer be available for Windows XP. Unpatched systems are a security liability and cannot be left networked (ie: exposed to other MCECS computers and the Internet).
After April 8, any CAT supported machines in MCECS which need to continue running Windows XP for software/hardware compatibility reasons will need to be be converted to Tier 3 (unsupported) systems and effectively disconnected from our network
|
|
Read more...
|
|
|
Written by Janaka Jayawardena
|
|
Monday, 30 September 2013 |
|
This is our periodic notice to warn people of dangerous e-mail spam - namely Phishing Spam. We deal with a few waves of these at the start of term and Fall 2013 is shaping up to be a strong phishing season. A few recent victims have been costly, leading to main PSU mail servers being blacklisted over the weekend, so please take note.
The CAT and OIT will NEVER ask for passwords via e-mail.
DO NOT follow links in your e-mail that require you to enter your login and password information.
DO NOT send out any unencrypted, sensitive information via e-mail.
|
|
Last Updated ( Monday, 30 September 2013 )
|
|
Read more...
|
|
|
Written by johnj
|
|
Thursday, 10 November 2011 |
|
Dropbox, an online file repository/backup service, has been gaining in popularity. Its ease of setup and use for personal systems has resulted in rapid adoption among people trying to sync and transfer data between home desktops, laptops and other mobile devices.
We are seeing increased use of this service among faculty, staff and student users. While Dropbox is a hit at home, it has had a rocky road trying to adapt to corporate and centrally driven IT environments - both at a technical and policy level. MCECS users face many of these same challenges.
|
|
Last Updated ( Thursday, 10 November 2011 )
|
|
Read more...
|
|
|
Home
