University of Minnesota Duluth
People | Departments | Search UMD
ITSS

Information in archived ITSS news was current at publication time but may not reflect the present state of technology or ITSS.

Skip to: Content

In This Issue

+ "Greylisting" added to improve anti-spam strategies

+ FTP and telnet access to be restricted

+ UThink blogging comes to UMD

+ Vulnerability in Symantec AntiVirus (SAV)

+ Domain name expanded to include duluth.umn.edu

+ Long distance calling rates to be refunded

+ New "Student Response Systems" planned for classrooms

+ Appropriate Use policy revised

+ New customer service team implemented

+ Securing Private Data

+ Contribute 3 available on Office Server

+ Favorite browsers and email clients

+ SUS simplifies updates, increases security

+ Changes in University password policies

+ AppleTalk zones going away in 2006

Subscribe

View past issues

Search ITSS News archive:

ITSS home : Info.tech.NEWS : March 2005

infotech.News logo

Technology news for UMD faculty, staff and students

March 2005

"Greylisting" added to improve anti-spam strategies

Grelisting.org icon

On Wednesday, March 2, ITSS implemented the latest in our anti-spam arsenal, using a technique known as "greylisting." In this approach, our email server insists that email coming from another host must follow standards related to message retries.

More specifically, legitimate mail servers can store messages and redeliver them if they are not delivered successfully the first time. On the other hand, computers infected with certain viruses become mini-mail servers that spew out spam or messages with infected attachments. These infected machines are not normally able to resend a message if it is not delivered correctly the first time.

Our mail server now addresses these illegitimate machines by refusing a message the first time it is sent from a new (unknown to our mail server) host. Message information is stored on our greylist until the message is resent. If the mail server successfully resends the message, it is accepted. If the mail server cannot resend the message, as in the case of many spam computers, it gets dropped.

Once a legitimate mail server is able to demonstrate that it can resend messages, the UMD mail server will accept all further messages from it without requiring them to be resent.

While greylisting may cause a short delay in some email delivery, the benefits outweigh the slight change in service. We have noticed a significant reduction in spam since this new service was put into place. In particular, it appears the new system blocked approximately 60,000 messages sent to our mail server in the first two days. This is in addition to another 60,000 messages per day blocked by our other spam filters.

More information:   Greylisting.org http://www.greylisting.org/

FTP and telnet access to be restricted

On July 11, 2005, ITSS will eliminate off-campus access to our major servers for non-secure login access and file transfer programs (telnet, ftp, rsh, rcp, etc.). The major servers involved are our login and web servers, including ub and bulldog (general access servers), www (our main web server), and several special purpose web servers.

Access from on campus, the UMD modem pool, and those using our VPN client will not be affected. Also, note that we are not blocking the protocols totally - just to University systems that we control. Access to other servers will not be affected.

Why are we restricting access?

These protocols transfer data in clear text. Since you need to authenticate (using your Internet ID and password) to use any of these services, your password is passed in clear text across the Internet.

What are other options?

If you are on campus or connect to the network through the UMD modem pool, you will not need to make any changes.

If you connect to the network through cable or DSL, you can use our VPN (Virtual Private Network) client. Customers using our VPN server have an on-campus address, so these protocols will continue to work as they do now. We strongly encourage use of our VPN server for off-campus use, especially if you are working with any kind of private data.

Alternately, there are a number of secure telnet and FTP clients you can use if you don't use VPN. We are putting together a web page that will list these alternatives, and will also include instructions on how to turn on secured transfers in programs often used to develop web pages (Dreamweaver). Watch the ITSS home page for more details.

If you have questions or concerns about this issue, please email dburrows@d.umn.edu.

More information:   Virus and Security Information /itss/security/

Uthink blogging comes to UMD

Have you read other people's blogs and thought it might be interesting to start your own, but weren't sure how to get started? Are you interested in publishing your creative works on the web? Would you like to start an online discussion session for a class? If any of these scenarios sound interesting, UThink is for you.

Uthink is a blogging service provided by the University Libraries. Blogs (short for weblogs) provide an easy way for members of the campus community to post information, thoughts, and commentary on the web. UThink is a tool that allows campus members to connect with others, to build commmunities of interest, to provide an outlet for collaborative work, and to promote discussion within classes on campus.

Unveiled in May, 2004, Uthink was originally open to Twin Cities campus members only. Recently, access to UThink was extended to all students, faculty and staff of the UMD campus community as well.

Uthink now has over 1100 blogs and continues to grow. A recent listing of "Random Categories" of UThink blogs produced the following:

Feel free to give this a try. All you need to get started is your University Internet ID and password. Uthink provides templates, instructions and more. Remember, your blog will be readable by the world. The ITSS Help Desk will take calls for support at x8847.

More information:   UThink http://blog.lib.umn.edu/

Vulnerability in Symantec AntiVirus (SAV)

Symantec has warned that older versions of SAV have a critical bug that can cause problems with virus detection and possibly with the running of Windows computers. Version 9.0.2 of SAV (included with Symantec Client Security 2.0.2) fixes these problems.

ITSS recommends that all versions previous to 9.0.2.1000 be replaced. Symantec version number To check which version you have installed on your workstation, double-click on the gold shield icon in the lower right corner of your monitor. Check the "Program Version" listed in the center portion of the Symantec AntiVirus window.

If you have a version prior to 9.0.2, you should upgrade your client using one of the following methods:

  1. Download the managed client from our web site:
    Symantec Anti-virus
  2. If you have a Novell client, you may be prompted when logging in to upgrade your Symantec client during.

Generally, ITSS has found that upgrading to the current program version works well. But as with any software package, uninstalling the previous version, then performing a fresh install is the best choice.

While this exploit does exist, a certain set of conditions need to occur before a system is breeched. If you would like details regarding the latest exploit, please see: Symantec UPX Parsing Engine Heap Overflow

More information:   Symantec anti-virus and security client /itss/security/nav/

Domain name expanded to include duluth.umn.edu

Have you ever had difficulty giving your email address to someone over the phone? Have you ever wondered why UMD doesn't have a more descriptive email address or web address? The domain name d.umn.edu has been ours since the beginning of the World Wide Web, when the computing environment required many more things to be typed in from a command line. Having short names made things easier to type.

In order to modernize our naming scheme and provide better name recognition for UMD, ITSS staff have enhanced technical systems to recognize the domain name duluth.umn.edu in addition to retaining d.umn.edu. This will work in both our email environment and our web environment. For example, our UMD home page can be reached at: http://www.d.umn.edu or http://www.duluth.umn.edu

Computers on the UMD network have names, too; those names do not yet work with the new name. For example, bulldog is still bulldog.d.umn.edu.

If you like the new domain better, feel free to use it for both email (jdoe@duluth.umn.edu) and web addresses. It can be printed on business cards and other campus publications. Feel free to send questions to Linda Deneen at ldeneen@duluth.umn.edu.

Long distance calling rates to be refunded

After a recent billing inquiry by one of our customers about the cost of ITSS domestic long-distance calling rates we discovered a rate error in the current ITSS monthly billing process. We have corrected this error as of March 1 and will be issuing refunds with corresponding documentation to our customers within the next few weeks.

For the current fiscal year, ITSS planned and advertised to charge $.06 per minute for non-international long-distance calling service. Our rate table included an entry that reflected a $.10 per minute charge for domestic long-distance calling service for the first 8 months of the fiscal year, July 2004 through February 2005, which has now been corrected.

ITSS will sum the total monthly domestic long-distance charges by area, org, and sub-org for the first 8 months of the current fiscal year. We plan to calculate the refund amount per area, org, and sub-org based upon the respective area, org, and sub-org total. We will then submit University documentation that will return the appropriate refund amount to the respective area, org, and sub-org.

We try hard not to make errors in our monthly billing and we apologize for making this error. We appreciate that customers pay attention and alert us when there is a problem. If you have comments or questions with the ITSS rates or this refund process please feel free to contact Steve Patterson at extension 8785 or through email to spatters@d.umn.edu.

More information:   Rates and Fees /itss/rates/

New "Student Response Systems" planned for classrooms

For the past few years, several groups on campus have been testing a new learning technology alternately called Personal Response Systems (PRS) or Student Response Systems (SRS). The technology consists of a remote-control-like device in the hands of each student and a receiver connected to the instructor's laptop. The instructor can project questions through an LCD projector and students can press a button on their device to answer the questions. The interactive technology can be used to check for attendance and conduct quizzes, but it also promotes an environment where students think and learn differently from the way they do in traditional lectures.

Grelisting.org icon

A great deal of pedagogical theory as well as anecdotal experience from UMD faculty shows that this new learning technology is worth pursuing. In order to find the most cost-effective and efficient support model, and to avoid the possibility of students or instructors having to purchase different types of systems, ITSS is working with interested faculty and staff to develop a standard solution for SRS on the UMD campus.

A group of faculty and staff who have tested various SRS products in the classroom, the Faculty Technology Team, and the ITSS Classroom Technology Team have collaborated to create a "needs assessment" document that will guide our decision on this standard. The next steps in the process will include presentations from potential vendors in the near term and a final decision on the standard by the end of Spring Semester 2005. By Fall 2005, some classrooms will be equipped with the new standard and faculty training will be available.

If you would like more information, and/or to be included on the email alias for planning this SRS standard, please contact Jason Davis jdavis@d.umn.edu.

"Appropriate Use" policy revised

The UMD Policy on the Appropriate Use of Information Technology has been revised significantly by the Subcommittee on Information Technology and the Library. This subcommittee of the Educational Policy Committee (EPC) has passed the revised policy onto EPC, which has also reviewed the policy.

The policy will be reviewed at the upcoming Campus Assembly meeting this spring. If you have comments or concerns, please direct them to Linda Deneen, Director of Information Technology, ldeneen or 7588.

More information:   Policy on the Appropriate Use of Information Technology /itss/policies/appuse-new.html

New customer service team implemented

In an effort to continue improving customer service, ITSS has created a new team that will strive to improve the way we communicate with our customers and meet their needs. The team includes staff that represent all of the many service processes within ITSS. We also plan to seek input from our customers to help guide these improvements.

The team will simplify and/or combine the multiple inputs, outputs, processes and databases that are part of the way customers interact with ITSS. We will continue planning, gathering customer and staff opinion, and generally thinking about ways that we can improve customer service.

The team's early tasks will include streamlining our online work request forms, improving our Help Desk problem tracking database and processes, and continuing to work more closely with the Academic Technologists. We will use customer focus groups to inform these changes. Longer term goals may include a more comprehensive system to track projects, reported problems, etc. and to allow real-time customer status queries through a web interface.

Suggestions and inquiries regarding ITSS customer service should be sent to jdavis@d.umn.edu

Securing private data

Deans, directors, and department heads are responsible for ensuring that desktop computers in their areas that are used to access private data are compliant with the latest security standards.

Chief Information Officer Steve Cawley sent a letter, Securing Private/Non-public Data Letter, to all administrators on all campuses this week.

ITSS recommends that you use the UMD version of the security template referred to in CIO Cawley's letter. The UMD version of the security template connects local machines to our local SUS server for Windows patches. The UMD security template can be downloaded to your computer from the following web site:
Baseline Security Template.

ITSS can assist you with compliance. Please use our online request form (Install Software on a Desktop Computer) and ask to have security software installed.

More information:   Security Templates /itss/

Contribute 3 available on Office Server

Contribute 3 is now available on the Office Server.

Contribute 3 is a web-publishing package that allows groups of people to easily and securly update a single web site. Most customers use Contribute in conjunction with Dreamweaver. The newest version of Contribute features support for CSS-P, WebDAV connections, content approvals, and advanced administrative controls.

Contribute 3 for Windows is available to all customers who have a full-service Novell account.

More information:   Novell Software /itss/novell/software.html

Favorite browsers and email clients

Reviewed by Bruce Reeves, ITSS Technology Support Professional

Web browsers

Browser icons

For many people, Internet Explorer is the browser of choice, but is it all there is? You may be pleasantly surprised at some of the other options you have. If you'd like to stay with Internet Explorer, please make sure you're using the WindowsXP Service Pack 2 version to get the latest in security enhancements. Also, look for a newer version of Internet Explorer later in the year.

If you'd like to see what other options are available, and there are good ones, please follow the link below:
Web browsers

What's my current favorite? Firefox.

Email clients

Mulberry is the email program of choice for many on our campus. If you're a Mulberry user, please take a look at the latest version of Mulberry (version 3) (see: Mulberry 3.

As with any piece of software, Mulberry may not be right for you. If you'd like to look at some other options, please use the link below to see some that are available, and what operating system they will run on:
Email clients

What works best for me currently? Mac OS X Mail.

Bruce provides support for faculty in the area of learning technology and development of course materials. He works closely with the Instructional Development Service to facilitate better communication on technical issues and support for faculty.

/itss/

SUS simplifies desktop updates, increases security.

If you are responsible for a computer that is connected to the University's network, you must update your system as soon as critical security updates are available. To simplify this process and safeguard the integrity of UMD computers, networks, and data, ITSS is offering a new, automated Software Update Service (also known as SUS). SUS is a local, UMD-specific version of Microsoft's Windows Update service.

Since Microsoft's update sites frequently become very busy when critical updates are released, this service will make installing updates quicker and easier than before. In addition, ITSS staff will be testing all updates in our environment prior to releasing them. We hope this will avoid conflicts and problems with software and network configurations specific to our campus.

To use the ITSS-SUS, you will need to make a simple change to your computer's configuration. Once your system is set up to use this service, you will be alerted whenever a critical update is about to be installed on your system. Updates are scheduled for 4:00 p.m.. If you are not logged in at 4:00 p.m., the update will be applied 30 minutes after your system is started.

More information:   Automating Microsoft Windows Updates /itss/security/sus/

Changes in University password policies

To increase security, a number of changes have been made University-wide regarding the password requirements for University Internet (aka X.500) accounts. These are the accounts students, faculty and staff use to access email, register for classes, authenticate in the labs, access Samba services, update their web sites, and more.

The changes include:

More information:   Changes in University password policy /itss/security/passwords/requirements.html

AppleTalk zones going away in 2006

Next January, ITSS will be changing how the Macintosh AppleTalk protocol works on campus. Most Macintosh users may not even notice the changes, but departments with Apple LaserWriters will need to start planning for a replacement.

More information about this change will be available next fall, but since this change may require replacing some (now very old) Apple printers we wanted to give departments as much lead time as possible for budget planning.

If you have any questions relating to these changes, contact Joel Ness (x8841, email:jness).

AppleTalk zones going away in 2006 /itss/news/2005/appletalk.html

info.tech.News is published monthly during the academic year by ITSS. An email digest is also sent to all users subscribed to the infotech.announce, UMD.business.announce and studenttech.announce. The goal is to distribute information useful to the daily routines of the University of Minnesota Duluth campus community in conjunction with computer and telephone technologies. Comments or suggestions may be sent to the editor at: sbradt@d.umn.edu.