| Index A-Z | Apply Now | From the Chancellor | Visitors | Alumni | People Finder | For the Media | For Parents | Jobs |
Southern Illinois University Carbondale Icon
| SalukiNet | Intranet | Athletics | Public Events Calendar | Weather |
Dawgbytes masthead

The Campus Wireless Project

A campus-wide wireless networking project is underway to transform exterior spaces and high-traffic throughways into wireless access zones. IT has already deployed wireless technology inside several buildings on campus. The outside wireless initiative eliminates the issue of “place” as it pertains to the SIUC network and will provide new ways for technology users to interact with the university and each other. The enhanced flexibility will let students, faculty, and staff take advantage of the open spaces on campus to enhance learning and research in new ways.

Wireless access will be provided through large-capacity wireless panels installed atop key campus buildings. Initial locations include the Steam Plant at Plant and Service Operations (two installations), Pierce Hall, Wham, Mae Smith (two installations), Life Science II, and Communications. These installations are planned to be in service during late November and are expected to cover 80% of the areas planned for coverage. The system will then be tuned and expanded as needed to provide coverage to the other areas where coverage was intended.

Recently implemented security features will accompany the wireless capability. Wireless users will be required to authenticate to the SIUC campus network in order to send or receive data. The system is designed to provide outside coverage and not intended to replace wired services in the residence halls because of bandwidth limitations of 802.11 wireless technology. Rogue access points may create problems with the campus-deployed system. If discovered, they will have to be turned off. We will work with departments that have installed wireless Access Points (APs) with our approval to remedy any conflicts that may arise with the new wireless system.

The SIUC Firewall

In August 2004, an Internet firewall was implemented at SIUC. A firewall is a device that enforces an access control policy across one or more networks. The SIUC Internet firewall provides protection from a variety of Internet-based attacks by only allowing network traffic that is required (such as access to www.siu.edu) and blocking all else. The firewall also provides intelligence that can be used to pinpoint machines infected with worms and viruses or machines that are being used to attempt unauthorized access into other computing resources.

All requests for access to a campus resource from the Internet (such as a web server) should be coordinated with each department’s LAN Administrator. If no LAN Administrator is available, consult whatever computer support staff is available. The LAN Administrators and computer support staff can then fill out a firewall rule request form that will be found in the near future on the SIUC Network Security website (not yet live) at www.infotech.siu.edu/security. Once the firewall rule request form is filled out, the LAN Administrator or computer support staff can e-mail this form to the network security team at firewall@siu.edu. Most LAN Administrators on campus have already dealt with the firewall request process and know what to expect.

While a firewall of this nature is very helpful and long overdue, it is not a panacea. Information security itself is a complex and ever-evolving field that requires vigilance, education, and timely action. Administrators and computer support staff must continue to apply service packs, hot fixes, and operating system and application patches in a timely manner. Anti-virus software must be installed and kept up to date. Both desktop PCs and server systems should be configured properly to exclude unnecessary services. Desktop firewalls, such as the Windows XP Service Pack 2 firewall, ZoneAlarm, BlackIce, Kerio personal firewall, Sygate firewall, and others, should also be used when possible. In addition to this, passwords should be complex enough that they cannot easily be guessed or taken from a dictionary word. Computer users also should practice safe computing by not opening attachments unless they are expecting them or if they can verify that the attachment is legitimate. More information about safe computing practices will be posted to the SIUC Network Security website in the near future.

Despite some early firewall implementation headaches regarding VPN (Virtual Private Network) access and videoconference units that are now resolved, the SIUC Internet firewall is working well and is doing its part to help protect campus computing resources. Questions or comments can be directed to Curt Wilson, SIUC Network Security Officer, at 453-6237 or curtw@siu.edu.

New E-mail System Installed in July 2004

When faculty and students returned to campus in August, they may have noticed changes in the siu.edu e-mail service. Over the summer break, Information Technology purchased and installed commercial Sendmail software, including Sendmail’s Mail Center software (POP/IMAP protocols, webmail, and Intelligent Inbox) and Mailstream Manager software (Anti-Spam, Anti-Virus, and Flow-Control). Some features of the new e-mail system are:

Details about the new e-mail software can be found under Announcements on Information Technology’s web site (www.infotech.siu.edu).

VM/CMS to be Removed

VM/CMS will be removed from service in June 2005. The VM/CMS operating system is hosted on the IBM Multiprise 7060-H30 mainframe. The mainframe will continue to host the MVS/OS390 operating system. VM/CMS utilization has decreased over the years (14,000 accounts in the 1980s to fewer than 200 active accounts today), while software costs continue to rise ($170,000 increase in FY 2006). VM Customers who need to continue to access mainframe-based services must transition to OS390/TSO before June 30, 2005.

In an effort to ensure that migration efforts are complete prior to the June shutdown, some VM/CMS services will be removed prior to the June shutdown date. The following actions are planned in the coming months:

November 15, 2004: VM/CMS accounts that have been inactive for a 12-month period will be suspended. A detailed list of these accounts will be posted on the following Web site: https://itmfs1.it.siu.edu/vm/. After November 15, customers who need to access an account that has been suspended should contact the Computer Support Center (453-5155).

February 1, 2005: The VM/CMS-based JobTrac EXEC will be removed from service. Customers requiring JobTrac application services will now use OS390/TSO.

March 1, 2005: VM/CMS Submission services will be shutdown. Customers requiring job submission services will now submit jobs via OS390/TSO.

June 30, 2005: VM/CMS Shutdown.

If you are a VM/CMS customer and require access to OS390/TSO, please contact Adam Floro (adam@siu.edu, 453-6238) at your earliest convenience. Adam can assist you in establishing an OS390/TSO account and provide documentation and consulting assistance that will aide in the transition.

Z/OS will Replace OS/390

Information Technology staff are in the process of installing a new operating system on the IBM Multiprise 7060-H30 mainframe. The new IBM operating system (Z/OS 1.4) will replace OS/390 2.10. The system is expected to be available for testing in the January 2005 time frame. It is expected that Z/OS 1.4 will be migrated into production in the spring of 2005. If you have questions about Z/OS, please contact Nancy Carr (ncarr@siu.edu).

New Grants for Disability Support Services

IT and Disability Support Services (DSS) have won two grants totaling $95,000 from the Illinois Board of Higher Education to aid students with disabilities, regardless of which Illinois University they plan to attend. SIUC has a long history of excellence in serving the needs of disabled students, who comprise about 10% of all college students; there has been a 50% increase in disabled student attendance at SIUC over the past decade.

Information Technology is a natural partner for DSS because of the critical role computers play in assistive technology. Adapted computers offer screen reading, Brailling, enlarging, audio, and other features. Computer skills are already essential for survival in a University environment and will become indispensable.

The grant is targeted at this fact: computer skills are critical, but disabled students are arriving at SIUC without those skills. Americans with disabilities are less than half as likely as their nondisabled peers to own computers and about one-quarter as likely to use the Internet. The grant money will be used to provide a transition camp at the University that will begin a few days before the semester begins. DSS staff, representatives of numerous campus departments, and disabled students already at SIUC will provide a guided transition to campus life. A primary focus will be learning adapted computer technologies.

SIUC students with disabilities have signed a formal letter petitioning the need for more information about adaptive computer technology earlier in the educational process. The overall project goal is to infuse adaptive technology into the educational process from elementary school, through secondary and postsecondary education and into eventual employment.

SMART Free Tutorials

SMART Technologies’ SMART Training Center (www.smarttech.com/trainingcenter/online) is offering free online orientation sessions to provide users of its interactive whiteboards with tutorials that teach whiteboard basics. SMART instructors are able to provide step-by-step instructions to participants’ questions in real time via data-conferencing software.

Two different half-hour orientation sessions are currently available: “SMART Board Interactive Whiteboard Basics,” which covers writing on-screen in digital ink and capturing annotations made in computer applications; and “Notebook Software Basics,” which covers basic functions such as using the toolbar, creating objects, and accessing clip art and templates. In addition to these free tutorials, the comprehensive online training center provides educators with various other resources, including downloadable training materials for Windows and Macintosh users.

IT LAN Administration Service Offerings

Information Technology is offering a variety of LAN administration services. IT will provide server support services behind our firewall. The following service packages are offered:

Saluki “Platinum” Full LAN Administration Support of IT-based Servers

Saluki “Platinum” Remote Full LAN Administration Support of Departmental-based Servers

Saluki “Gold” LAN Administration Support of IT-based Servers

Saluki “Gold” Remote LAN Administration Support of Departmental-based Servers

Good Web Sites and Pages

A number of off-campus and on-campus web sites continue to be very useful to SIUC students and staff. We encourage you to visit them and look over their resources.

Off-campus

Visit McAfee’s home page (mcafee.com/us/), especially their Virus Information Library (vil.nai.com/vil/). The McAfee VirusScan Enterprise is a first-rate antivirus program. IT spends a lot of money on this license so we can make the software free to all SIUC students, faculty, and staff, so we want to make sure all our users know about it. The Virus Information Library page always lists the current “top ten” malware threats, and it also lets you easily search its database for any known virus. A hoax page (vil.nai.com/vil/hoaxes.asp) is also available. Or, you can start with our local page at www.infotech.siu.edu/virus, which also points to the McAfee pages.

EDUCAUSE (www.educause.edu) is a nonprofit association whose mission is the advancement of higher education by promoting the intelligent use of information technology. Membership is open to institutions of higher education, corporations serving the higher education information technology market, and other related associations and organizations. Pay special attention to the “Effective Security Practices Guide” link (www.educause.edu/security/guide/), which points to an excellent, in-depth analysis of balancing the need for security with the need for open, collaborative networking between a university’s constituents.

On-campus

The SIUC personal Web page server (mypage.siu.edu) is a resource available to all SIUC faculty, staff, and students. The page includes links for requesting space on the server for your page and a set of instructions for first-time authors. Additional instructions are available at <a href=” http://www.infotech.siu.edu/csc/howto/prsnlweb/index.html”>www.infotech.siu.edu/csc/howto/prsnlweb/index.html</a>.

The Computer Support Center’s (www.infotech.siu.edu/docs/docindex.htm) documentation page is at this link. This is an alphabetized page of all the documentation written by CSC staff on topics ranging from Antivirus to XP. CSC documents are written for beginners, and most people consider it a good page to bookmark.

Download software. This page (www.infotech.siu.edu/downloads.htm)is a handy starting point for downloading the software SIUC makes available to its students, faculty, and staff. You will probably be able to navigate to what you want from this one page. If software is on this page, it’s safe to download and run on your computer.

How do I? (www.infotech.siu.edu/quickinfo/howto.htm) This is another one-stop page that points to a myriad of computer services. You will find links to Telephone Services, Ethernet configuration settings, getting e-mail or other computing IDs, installing software, checking account status, changing your password, configuring e-mail software, reporting computer problems, and many others.

IT’s Network Engineering Services has a fine page at www.infotech.siu.edu/neteng/DMCA.htm. This is an excellent, one-stop place to review what you need to keep yourself and your computer out of legal trouble at SIUC. Like the other pages described in this column, it is a comprehensive gathering together of links related to a common topic. From this page, you can read IT’s Acceptable Use Guidelines; Network Connection Guidelines; the university’s legal position on downloading and distributing music and video files; software piracy; copyright infringement procedures; and the Digital Millennium Copyright Act (DMCA).

New SalukiWare CD for the Fall 2004 Semester

The Computer Support Center has produced a new SalukiWare CD to help protect users from the growing problem of viruses and spyware. The CSC has worked with the Housing Department to provide each individual living in the residence halls a copy of the SalukiWare CD. The programs and guides on the CD were chosen to help residents use Ethernet in the dorms (the Rez-Net service).

The SalukiWare CD contains the latest McAfee Anti-Virus programs for all operating systems and platforms, including: SpyBot Search and Destroy to help remove spyware problems; SpywareGuard to protect users’ web browsers; and SpywareBlaster to help block known spyware/virus sites. The SalukiWare CD also contains useful guides for installing these programs with easy-to-follow instructions. The CD also contains other guides explaining Dial-up procedures, and a Rez-Net guide aimed for the first-time user. Programs such as web browsers and other utilities are also just a click away on the CD, as well as helpful web links to SIUC resources and other content on the internet.

New updates are made to the SalukiWare CD almost weekly, and all students and staff needing a new copy can simply bring in a blank CD-R/RW to the CSC, and we will burn the latest versions of the software onto the CD.

Safe Computing

In most situations, computer users at SIUC unknowingly get into problem situations via unsafe computing habits. People do not choose to create problems for themselves; rather, they drift into trouble, one harmless-looking step after another. We will be using this Safe Computing column to call attention to unsafe computing habits people tend to underestimate. This issue’s column is about “malware,” a contraction of “malicious software,” which includes viruses and spyware.

The subject certainly deserves space. Information Technology’s Computer Support Center (CSC) staff are constantly helping users disinfect their computers, and IT’s network engineers spend a lot of time tracking down infected computers, disabling their access to the network, restoring access, and then cycling through the sequence again and again. Computing-industry analysts expect the number and complexity of viruses to increase. More than 100,000 threats have been identified at this time, and there are going to be a lot more. Some of these virus attacks are worldwide; disruption of productivity, major financial loss, and irreversible destruction of data are often involved. Estimated costs to repair and recover from the damage done by viruses range from 10 billion to 100 billion dollars worldwide per year.

Antivirus software, combined with a little common sense, is a very common preventative, so why do viruses continue to be such an expensive, long-term threat? Why do smart people persist year after year in letting these infectious pests inflict so much expense and grief? There are four basic reasons why viruses remain a chronic threat:

The skill of the virus creators

The risks inherent in networked computing

Software vulnerabilities

Human carelessness

First, consider the level of skill coming at us. The Internet is infested with professional sharks who spend their days probing for security flaws in software. After finding a weakness, these bug-makers write programs—whether we call them viruses, worms, or Trojan horses—that exploit these weaknesses by inserting themselves into computers, concealing their presence, replicating themselves across networks, and doing as much damage or denying as much service as possible before an antidote is found. If you don’t yet understand that the Internet is a jungle, this is a good time to start. There are talented programmers out there who channel their talent and energy into destructive pathways, and the worst thing we can do is underestimate them. They are not distracted by contributing to the common good and can therefore focus all they know on creating confusion. Speculating on their motives is a waste of time; some have a political cause or grievance, some don’t.

And not all hackers are mischievous kids or malicious vandals. A lot of malware these days is coming from organized crime—certainly the phishing scams, the spambots, and the spyware that steals personal data. There is a lot of variation in the motives of malware-creators, but we can be sure of one thing: they’re going to be with us a long time.

Second, consider the risk inherent in using any network. A network—let’s say our Ethernet Campus Area Network (CAN) —propagates so much data so fast that it is difficult to perfectly control all the traffic passing through it. SIUC has recently installed a firewall on our CAN that is remarkably efficient—it examines every data packet passing through it while only slowing traffic by about one-percent. But please remember that an increase in network security is simply seen as a new challenge to a hacker and that we cannot guarantee a perfect, permanent security to our network users.

There are other “givens” associated with network hardware. A virus arriving at your computer has a potential “doorway” waiting for it. Think of a door in a house. You’ve got to have a way into and out of the house, so a door is an unavoidable given. It also unavoidably compromises the integrity of your house. You can let in the stuff you want through a door but sooner or later you will also let in stuff you don’t want: heat, cold, rain, dust—and bugs. You can install a porch light over the door, put locks on it, and even hire a security guard, but a doorway will remain an exploitable opening into your house.

A doorway in a computer is called a “port.” Data enter and leave your computer through ports. Like the door in a house, a port offers a potential doorway into your computer. When you sign on to a network, your computer’s ports, if not protected, can quickly become potential targets for system compromise by a worm or by an attacker. This can happen in a matter of seconds in some cases. The data a port lets in and out will range from what you want, annoying but harmless stuff you don’t want, and harmful programs deliberately written to hijack your computer, damage your files, or flood your network with service-denying, endlessly transmitted traffic.

Imperfect software is a third source of risk. Many viruses use a vulnerability or security hole in a firewall, communication protocol, operating system, or application as a means of infection. When you start up some application on a network—such as a web browser or an e-mail program—you’re sailing out into a small sea of software. And your boat has holes in it you don’t know about, but the sharks do.

Your operating system is always running in the background, regardless of whether you’re signed on to the network. And when you do sign on, a large suite of communication protocols (TCP/IP) is also activated. And of course you’re going to have an application open—let’s say a web browser or an e-mail program. And none of this software is perfect, and by its nature it’s hidden from you, and you don’t even know you’ve been infected until Information Technology tells you you’re flooding the network with bogus e-mail and your Ethernet port has been shut down.

You and I are the fourth source of risk. Computer viruses cannot survive without human cooperation. They need our help. Viruses depend on direct human interaction to spread among computers. They need you to let them into your computer before they can begin their assault on whatever software flaw they are aimed at. Self-propagating worms do not need such direct action, depending instead on human inaction, such as failing to update outdated operating systems that have built-in vulnerabilities.

Many users are too trusting for their own good. Malware-creators depend on users’ gullible complacency and false sense of safety. They need you to click on that “attachment” or download and install that “game.” A communication protocol suite like TCP/IP (the lingua franca of the Internet) hides the technical details of its function from us—it’s supposed to. Communication between computers has become so widely accessible and easy that many of us now take information-delivery for granted, just as we do such commodities as water and electricity. It’s easy to get complacent, to drop our guard, to become less cautious.

We’ve been talking about viruses, but our real subject is wasted time. Other invasive software on the Internet, such as spyware, is not technically a virus but takes just as much time to detect and clean. Spyware typically infects computers via the same unsafe computing habits. CSC staff spend an enormous amount of time helping users clean their machines of spyware. (A visit to this Counterexploitation [http://cexx.org/adware.htm] site will give you a glimpse of the extent of this “malware” problem.)

This brings us to a summary of the reasons underlying viruses’ persistence. The people who write them tend to be very capable individuals—many are trained programmers—who are intimately familiar with the weak points in Internet software. They know high-speed networks cannot perfectly filter all their traffic, and they know anyone who has signed on to a network has created a potential entry-point into his computer. And they know many users have been lulled into assuming the data coming in from the networks is as safe as the water coming in through their faucets and will therefore unknowingly function as the final link in an infecting sequence.

We have little control over the first three sources of risk. We can’t hold our breath waiting for human nature to improve, or for a way to move only safe data around a network, or for a silver-bullet fix for all software bugs.

But the degree of caution we exercise is very much within our control, and so we arrive at this column’s reason for being. The bugmakers’ need for our cooperation or negligence is the Achilles’ heel of the virus industry. Each one of us can make or break the cycle leading to an infected network. Information Technology’s network and security staff work hard to protect the SIUC Campus Area Network, and the University spends a lot of money on state-of-the-art equipment and firewall and antivirus software, but all that work and money are wasted if we do not do our part. Our staff needs to communicate to you in the strongest and plainest language possible that we need you to keep your operating system updated, no matter what kind of computer you use, and to install and keep updated Microsoft’s Windows patches and the antivirus programs we provide—McAfee for Windows and Virex for the Macintosh. We need you to work with us.

SIUC Usenet News Server Changes

As mentioned in the Spring 2004 issue of Dawgbytes, Information Technology’s News server (Saluki-News.it.siu.edu) has been phased out of service and replaced with a new server: schooner.siu.edu. Users need to change their news client configuration to use "schooner.siu.edu" instead of "saluki-news.it.siu.edu" or "saluki-news.siu.edu." In addition to changing host hardware and operating system, the newer server has more disk space.

Anyone who would like to request that additional newsgroups be carried by "schooner" should first set up their Network/Usenet News access for "schooner.siu.edu" and subscribe to the "siuc.announce" newsgroup, and read the relevant notes.

Please report any problems to Jim Dutton (jimd@dutton2.it.siu.edu).

Did You Know…

Laptop computer assistance is available. Computer Support staff are available to assist you in configuring your laptop computer. The CSC offers this help only by appointment. Please be aware that this assistance is limited to software configurations pertaining to SIUC networks. Call the CSC at 453-5155 to make an appointment.

Information Technology has established a TAC (Technical Assistance Center) team, which is comprised of students with academic backgrounds in computer-related fields. The TAC team’s primary focus is to assist faculty and staff with hardware and software installations, departmental software migrations, networking, security, and general computer troubleshooting. TAC services can be requested by contacting the Computer Support Center at 453-5155. Problems and projects are prioritized, based on the time the request is received, the current technician workload, and a fair distribution of services across departments.

The Computer Support Center has moved to the Northwest Annex. We are in the A-wing, room 137A. Our hours are the same, 8:00 AM to 4:30 PM, Monday through Friday, and our telephone number is still 453-5155.

About Information Technology’s IT Alert List server? Notices about scheduled maintenance activities of the NES team and the Information Technology department are posted to this list.  You can subscribe to this listserv by sending an e-mail message from the e-mail account that you want to receive the message. The note should be addressed to: listserv@siu.edu, and the text of the message should be: subscribe ITALERT-L firstname lastname. Substitute your first and last names for ‘firstname’ and ‘lastname’. The Network Control Center (NCC) web page is at https://itmfs1.it.siu.edu/ncc/php/, which is a good source of other information about the SIUC network.

About ‘Phishing’ scams? That’s not a typo. Phishing refers to the practice of designing a website to look like a legitimate financial institution to gather information like your credit card number, bank account number, social security number, PINs, etc. This kind of scam appears at SIUC regularly and is circulating now. The phishing scams are getting more complex, so it's really important not to give out sensitive information on the Internet unless you’re sure the recipient is legitimate. Our online article covers phishing in more detail.

Index A-Z | Apply Now | From the Chancellor | Visitors | Alumni | People Finder | For the Media | For Parents | Jobs
SalukiNet | SIUC Intranet | Athletics | Public Events Calendar | SIUC Home

Comments: IT Webmaster

Copyright © 2003, Board of Trustees, Southern Illinois University
Privacy Policy
Last Updated