University of Minnesota Duluth
People | Departments | Search UMD
ITSS

Information in archived ITSS news was current at publication time but may not reflect the present state of technology or ITSS.

Skip to: Content

In This Issue

+ ITV options expanded on campus

+ Desktop authentication added in labs

+ Top ten reasons NOT to share your account or password

+ Help Desk calls up during summer, early fall

+ Three-tier approach filters thousands of spam and virus emails daily

+ Email block lists control the spread of spam

+ Security awareness lacking among U.S. computer users

Subscribe

View past issues

Search ITSS News Archive
ITSS home : Info.tech.NEWS : November 2004

infotech.News logo

Technology news for UMD faculty, staff and students

November 2004

Upcoming Workshops

Register for workshop /itss/support/Training/workshop/

Viz Lab Presents...

More events... www.d.umn.edu/vdil/news/index.html

ITV options expanded on campus

Interactive Television (ITV) classrooms are specifically equipped to send and receive live audio and video television signals from one location to another via the Internet. UMD ITV classrooms are also equipped to integrate DVD and VHS content, computer output such as PowerPoint presentations, and on-the-fly instructor notes through document cameras. Multiple cameras and microphones and a user-friendly touch-pad allow for smooth transitions between student and instructor views at multiple sites. Classes can be conducted at two or more sites on the network. Connections are also possible beyond the University, to other parts of Minnesota, the nation and the world.

Traditionally, ITV has been used to connect two or more classrooms for the convenience of students and faculty. More recently, UMD has experimented with opening up ITV use to not only connect classrooms, but also deliver web-streaming video of classes over the Internet, to allow students who are not able to come to an ITV site an opportunity to watch and hear a lecture.

The infrastructure in our ITV classrooms provides for fairly easy and robust on-the-fly production of audio and video as a class is in progress. We are investigating new ways to leverage this capacity. Future expansion of ITV use may allow students to not only view lectures from anywhere (as in the web-streaming example above), but to also interact with the class, just as they currently do from ITV equipped sites. ITSS is currently assessing various technologies that would allow this. If you are interested in this subject, have needs in this area, or have potential solutions in mind, please contact Jason Davis.

More information:   Classroom technology /itss/classroom

Desktop authentication added in labs

All student computing labs were changed over the summer to require desktop authentication. This means that to use a computer in the labs, a person must log in to the machine using his/her Internet ID and password.

This change was made to ensure that only authorized students, staff and faculty are allowed to use the software and hardware purchased with the full-access lab fees. It was also intended to reduce the burden on lab consultants acting as 'traffic cops' at the doors.

The old system allowed the computer to automatically log in at startup, and required the consultants to verify each lab user manually. In the new system, the user logging in is verified as belonging to the select group of those who have paid the lab access fee. If the verification fails, the user cannot access the machine and is returned to the login prompt.

The lab computers utilize a system of Novell servers. ITSS worked with IT staff in the Twin Cities to program a system which updates UMD's Novell user information directory with a 'feed' from the People Soft database residing there. This creates the list of authorized users for the labs. These accounts are created, updated, and deleted automatically as the students' status changes.

 

Top ten reasons NOT to share your account or password

10. Avoid practical jokes that may not be funny.
9. Protect your intellectual property.
8. Prevent others from running up charges on your accounts.
7. Make appropriate use of university resources.
6. Avoid embarrassment that can result from someone else pretending to be you.
5. Prevent others from installing key loggers or other malicious programs on your computer.
4. Protect grades and other private student data.
3. Prevent others from changing your personal records, such as directory information and benefits choices.
2. Protect private university data that you have access to.
1. Protect yourself from identity theft.

Setting your passwords: Internet, Workstation, Novell and Enterprise

Many people on campus have multiple accounts that require passwords. The temptation is to set them all the same - but there are valid reasons not to do so.

ITSS recommends that you keep your Internet (X.500) password different from your computer workstation and/or Novell password. (It is not possible to set it the same as your Enterprise password). This allows you to share your computer workstation password with a trusted IT professional or a co-worker who may need access to your computer in your absence. You should never share your Internet password with anyone.

While it is more secure to set separate Novell Office Server and workstation passwords, it is reasonable to synchronize them to simplify the login process. However, you should not do this if you are storing critical private data on your Novell Office Server account and/or you share the workstation with another person who should not have access to the Novell server files.

More information:   Your University passwords /itss/security/passwords/

Help Desk calls up during summer, early fall

Help Desk calls were up significantly in summer 2004 as compared to previous years. Summer used to be a slower time period than fall, but summer '04 exceeded fall '03 calls by a large margin.

While 100+ calls in a day may not sound like much, when you factor in the human element...one person talking to all of those people...the volume takes on new meaning. We often hear the comment, "I called the help desk and no one was there." However, we are here...just on another line!

Jun-Aug 2004 Sept 2004 Oct 2004
Day High Avg High Avg High Avg
Mon 161 80 158 120 126 114
Tue 119 63 221 101 110 93
Wed 147 78 160 138 93 82
Thu 131 56 166 138 117 70
Fri 79 58 91 65 102 74
Total 4613 2560 1977

More information:   ITSS Helpdesk /itss/helpdesk/

Three-tier approach filters thousands of spam and virus emails daily

ITSS filters email at three different levels: a block-list filter, an anti-virus filter, and then an optional personal SpamAssassin filter.

Block lists: When email first comes into the campus, an initial filter compares each email message to a block list of known spam sites. All mail from these sites is immediately thrown away. We delete 50,000 to 70,000 messages per day based on block lists. (See the related article, Email block lists control the spread of spam, for more details.)

Anti-virus filter: Email next goes through our Symantec Anti-Virus (SAV) filters. SAV looks for both spam and viruses. We filter email coming to our campus as well as email destined out of our campus. In September and October 2004, SAV rejected an average of over 1000 problem messages per day. In response to an increasing number of complaints about annoying spam, ITSS increased the screening threshold on our SAV spam-filtering services on Monday, November 1. It will be interesting to see how much these numbers go up after this change.

SpamAssasin filter: Finally, email may be filtered by SpamAssassin. This is an optional filter that is set up by an individual user for his/her account. As an example, Linda Deneen, ITSS Director, uses SpamAssassin in combination with several ITSS mail filters. Using this combination, an additional 135 problem messages were filtered from her account in September and October 2004.

Number of problem messages
rejected
Block lists 50,000-70,000 per day
Anti-virus 1000+ per day
SpamAssassin Varies by individual

More information:   Spam - what it is and how to fight it /itss/email/spam.html

Email block lists control the spread of spam

Question: A friend tried to send me an email, but got a reply saying the "message was rejected by SORBS" - what's happening?

Answer: Your friend's email server, or possibly her individual computer, is included on an email block list.

Email block lists are lists of known spam hosts that are created and shared publicly to help stop the spread of spam. While there are many block lists available, UMD is currently using the following lists:

When mail is delivered to our mail system, it is automatically checked against the above lists. If the sender's email host is in one of the block lists, the mail is rejected. A message is returned indicating it was rejected and referencing the specific block list (SBL, SORBS, etc.) that rejected it. It will usually include a link to the block list's web site that has more information regarding the nature of the block and how to get off the list.

How do email hosts get on these lists?

While most hosts on these lists are true spam hosts, sometimes legitimate hosts (like Yahoo, which was recently on a block list for a short period of time) get added. This can happen if the mail server is configured incorrectly or if a problem computer is sending email through the server. Individual computers can also be added to a block list; these are usually computers that have a virus (such as Gaobot, Backdoor.Hogle, or Mitglieder) that turns their computer into a "spam relay" - then other computers use it to relay spam out to the Internet.

How do email hosts get off the lists?

The blocked host owner cleans up the spam problem, then contacts the spam block list to say "I fixed it". Many lists are automated: a removal request is submitted, a certain amount of time elapses (usually 24 to 72 hours), then a retest of the system is done. If the problem persists, the system can be stuck in another recheck cycle or it could be a week before taken off the list (since the list may think you're lying).

Well established organizations of sufficient size can usually be removed from a list within an hour or two. Some lists ask that you explain that you're a system administrator making the request.

Eventually the block is lifted and email flows again. However, it may take several days for the information to spread across the Internet due to DNS cache timeouts.

What should I do?

If you can't receive email from a specific person: Have that person forward the error message to their service provider or organization's IT staff. They will need to fix the problem and contact the appropriate block list to remove them from the list.

If you can't send email: Forward the error message to the ITSS Helpdesk (helpdesk@d.umn.edu). ITSS staff will contact you with more information.

More information:   The Spamhaus Block List http://www.spamhaus.org/sbl/

Security awareness lacking among U.S. computer users

A survey commissioned by the National Cyber Security Alliance (NCSA) demonstrated that there is a significant lack of understanding among computer users in the U.S. about the risks associated with lack of computer security.

Thirty percent of those surveyed believe that they have a greater risk of being struck by lightning than they do of being a victim of a security problem. In fact, the change of being hit by lightning is 0.0000102 percent, while the chance of being the victim of a computer security problem is estimated at 70 percent.

The NCSA declared October to be National Cyber Security Awareness Month.

More information:   Survey http://news.bbc.co.uk/2/hi/technology/3708260.stm

info.tech.News is published monthly during the academic year by ITSS. An email digest is also sent to all users subscribed to the infotech.announce, UMD.business.announce and studenttech.announce. The goal is to distribute information useful to the daily routines of the University of Minnesota Duluth campus community in conjunction with computer and telephone technologies. Comments or suggestions may be sent to the editor at: sbradt@d.umn.edu.

Didn't find what you were looking for?