CIT Alerts

Check the CIT Alert Archive for current alerts.

CIT Scheduled Maintenance

CIT maintains a maintenance schedule for planned network/server changes and planned changes/updates to desktop software.
feedback
Please let us know how can we improve The IT Connection.

Previous Articles

Search


Advanced Search

Syndicate

Home | Admin
Welcome to The I.T. Connection, your source for all the latest news and events that are happening in Calvin Information Technology that affect the faculty and staff of Calvin College.

Tuesday, January 24, 2012




Some Calvin e-mail accounts compromised

Calvin community member,

Near the end of last week CIT discovered a handful of Calvin student and faculty / staff email accounts that were delivering spam email across the internet. As a result you may have noticed delayed email delivery or email that was being returned to you and designated as undeliverable. CIT was able to diligently contain over one million spam messages from reaching their intended destinations. Unfortunately enough spam messages were delivered from calvin.edu addresses such that other email services on the internet flagged the calvin.edu domain as suspect. As a result mail providers such as Comcast and AOL were not delivering calvin.edu email to their customers for a period of time. In addition due to the large volume of spam our mail delivery server was over loaded and legitimate email was not delivered in a timely fashion. CIT and Information Security are monitoring this situation closely and doing their best to limit damage and loss of productivity.

None of the Calvin email account holders were purposely delivering spam. Rather their accounts were being abused by someone else to propagate massive amounts of spam across the internet. One of the most common ways this happens is through email phishing in which passwords are acquired from the account holder.

Your Calvin passphrase unlocks all kinds of sensitive information. Such information includes private and confidential information, intellectual property, and College proprietary information. It is important that you always protect your Calvin passphrase, and never give it to anyone. Furthermore, Calvin employees will never ask you for your passphrase; especially in an email (see http://www.calvin.edu/it/policies/AUP.pdf).

If you suspect that your passphrase has been compromised or you willingly made it known to someone, it is your responsibility to change your passphrase immediately. It is easily done from the link on the Calvin College portal login page (https://www.calvin.edu/cgi-bin/chpass.pl). Although we enforce an annual passphrase change there is no harm in changing your passphrase more regularly as a good security measure. This is especially prudent after a security incident.

CIT and Information Security have worked hard in the background to minimize the effects of this incident to you. Please continue to partner with us in maintaining a safe and secure computing environment here at Calvin.

For more information on phishing please read the following article: Cyber Security 2011: Phishing Attacks


Adam P. Vedra
Information Security Officer
Calvin College




Previous Articles
Continue below to read previous IT Connection articles. You can also view the complete archives to see a listing of all previous articles.


Wednesday, January 18, 2012

"Reboot Required" - That pesky Novell Zenworks pop up explained...

Those of you with PCs at home are probably familiar with Windows Updates. Our Patch Management system (ZenWorks) functions in place of Windows Updates but works much the same way by analyzing the computer for missing patches, contacting a server, downloading and installing necessary patches, and calling for a reboot to finalize the installation. CIT tests each patch on campus before deploying the patch to campus PCs to ensure that the patch will not cause conflict with the way we have customized the Windows operating systems on campus. Our Apple computers running the Macintosh operating system also receive routine software and security updates via Absolute Manage.

In order to maintain the security and stability of our campus PCs, CIT routinely "delivers" Microsoft patches to Calvin PCs running Microsoft Windows operating systems. These patches are delivered to PCs one week after Microsoft releases them to the public. We have a Patch Management system (Novell ZenWorks) setup on our network and installed on PCs. This Patch Management system downloads patches from Microsoft and delivers them to Calvin PCs. Each patch has a designated status from Microsoft which determines how important/critical they are. Our Patch Management system uses the ZENworks Agent to scan each PC to detect what patches are already installed and what patches need to be installed. The scan is sent to our Patch Management system via a specific file and then it is analyzed by our system to determine what patches are needed.

Once we have the scans from all the PCs, we can see how many computers need a particular patch. CIT first tests the patches within CIT to see if any issues result from the installation. These patches are installed and tested over a 2 day period before they are sent out to the rest of campus. Once the patches are sent to campus PCs, each PC will perform a scan and download the necessary patches from our system. This number can range anywhere from 1 - 20, depending on how many patches Microsoft released and whether the PC is behind on patches. Once the patches are installed, you will receive the pop up box letting you know that patches have been installed and that a reboot is necessary. This pop up box is part of the ZenWorks application and unfortunately CIT is not able customize it as far as how often it appears and what is says. Because patches often involve critical system files, a reboot may be necessary between patches. It is always good practice to reboot a computer after any new installations or changes to system files.

Another function of our Patch Management system is "baselining" of Microsoft Patches. Baselining patches means that patches that were missed from a previous patch management release will automatically be downloaded and installed on the PC missing the patches. We baseline patches one month after they are released from Microsoft. The insures that all PCs on campus are keeping up with important/critical patches from Microsoft in order to maintain the stability and security of our systems at Calvin. If a computer has been off campus or shut down during a patch time frame, the baselining will take place when ZENworks refreshes the next time the computer is logged in on campus. Once the baselined patches are installed, you will receive the pop up box letting you know patches have been installed and that a reboot is necessary.

There has been an increase of pop up restart notifications due to patch installations. This is due to our recent upgrade to ZENworks 11.1. Many computers on campus had an outdated or faulty Patch Management Agent running on them which caused the computer to fall behind in installing critical patches. Once these computers were upgraded ZENworks 11.1, the Patch Management issues were resolved and old baselined patches started installing. This process can result in numerous restarts to be sure that the patches are installed properly and the computer is fully updated and secure. Because patches often involve critical system files, a reboot may be necessary between patches. It is always good practice to reboot a computer after any new installations or changes to system files.

In addition to the I.T. Connection, CIT also maintains several blogs that serve as notice regarding upcoming patches, upgrades, server maintenance, and network down-time:
Official CIT Communications


Tuesday, January 17, 2012

Wednesday SOPA/PIPA Protest: Web Site Blackouts

On Wednesday, January 18, several major web sites such as Wikipedia and Reddit will be down in protest of bills meant to stop illegal file sharing. Other sites said to be involved include Boing Boing, and Cheezburger network. Major sites such as Twitter, Facebook, Yahoo, Google, etc are unconfirmed. Sites participating in the protest will go offline for 24 hours from midnight Eastern Standard Time (05:00 GMT) on Wednesday.

Please read the following ABC.com article for more information:

Wikipedia Blackout: Websites Wikipedia, Reddit, Others Go Dark Wednesday to Protest SOPA, PIPA


Wednesday, December 21, 2011

Moodle: End of Fall Semester & Spring Semester Courses

As we wrap up the fall semester, there are a number of things you'll want to consider doing with your Moodle courses before December 29 @ 5:00 p.m. (All fall Moodle courses will be removed on December 30)

Copy your fall course(s) back into your Master course(s):

http://moodle.calvin.edu/mod/resource/view.php?id=1717

BEFORE you copy your fall course(s) back into your master course(s), please confirm:

Note: The course copy process will not run correctly if you have not done these two things.

Request a temporary extension
http://www.calvin.edu/it/academic/tools/moodle/request/keep.html


Spring 2012 courses

All spring Moodle course are currently available to faculty only. Spring classes will be made available to students automatically 35 days before the first day of spring classes. This is a system-wide setting that cannot be customized.

If you have content in your courses you do not want your students to see, you can hide topic areas/sections or individual items until you are ready to make them available to students. To hide topic sections, click the eye in each topic section. You can also hide individual items as you create them by selecting hide in the item settings. All content you have hidden will be displayed in light gray.

Don't see one of your Spring 2012 courses?
If you are teaching a spring course, but can't see it in Moodle, please contact the Registrars Office to confirm you have been assigned as the instructor of the course. Once the Registrar's Office adds you as the instructor for a course, the course will become available to you in Moodle within 12-24 hours.




Wednesday, November 30, 2011

E-mail Spam, Scams, and Phishing Attacks – When to Contact the HelpDesk?

If you think it might be spam, it probably is!

CIT offers three tiers of e-mail protection for faculty and staff.  At the top tier, all incoming mail must pass through the Barracuda spam firewall.  The firewall currently blocks about 80% of incoming mail.  The second tier allows individuals to access the Barracuda firewall and manage spam filtering on their own account.  At the third tier, individuals can use the Junk Mail Handling settings within GroupWise (note: CIT does *not* recommend using the Block List function in GroupWise).  If an individual is not personally configuring Barracuda or GroupWise Junk Mail Handling, spam is still being rejected at the first tier by the Barracuda firewall.  You are not required to use these tools but they are available.

Click HERE for more information on the Barracuda spam firewall

Unfortunately CIT cannot guarantee that all spam, scams, and phishing attempts will be blocked.  There must be a balance between allowing legitimate traffic through the firewall and blocking spam.  Sometimes CIT is able to target and block specific phishing attacks but not always, since the sender’s e-mail address or the content within the message can fluctuate. 

When should you contact the HelpDesk?

You do not need to contact the HelpDesk or forward e-mails that contain unsolicited spam/junk. 

  • Advertisements
  • Requests for a response such as “I came across your profile and really want to chat, please respond….”
  • Bounce messages for e-mails that you did not send
  • "Cool job offer" type announcements
  • Messages that inform you that you have won a lottery or are inheriting a large sum from overseas

You may forward the HelpDesk e-mails that contain a “phishing attack” – e-mails that ask you to respond with the following information:

  • Username and password
  • Social Security number
  • Account number

What should you do if you responded to a phishing attack?

If you got "hooked", you should immediately change your Calvin passphrase.  Contact the HelpDesk if you would like assistance.  You should also check your other e-mail and financial accounts for suspicious activity and change those passwords as well.

What can you do if you are not sure whether an e-mail is legit?

If you are receiving messages from a financial institution or regarding any other non-CIT account and are not sure if the message is legitimate, the best course of action is to access your account directly and see if any action is needed.  For example, if you receive a message that claims to be from PayPal, do not respond to that message or click a link in that message, but go directly to www.paypal.com, login, and see if there are any alerts or notices available.  You can also call the company directly using a number from their web site or phone book (do not call a phone number given in the e-mail).

E-mails that appear to be from CIT or the HelpDesk

Occasionally you may receive spam or phishing attacks that appear to be from CIT.  CIT will never ask you to provide your login information via e-mail or require you to provide any account numbers or a full SSN.  Even if the e-mail is from an "@calvin.edu" address, if it is asking you to respond with login info or personal info, it is not legitimate and did not come from CIT.

These are examples of legitimate e-mail communications from the HelpDesk:

  • Your Calvin passphrase expires once a year (or 90 days for employees working with credit card processing).  You will receive notices from CIT as the expiration date draws near.  You are not required to respond to these messages and can change your passphrase at www.calvin.edu/it.
  • When you contact the HelpDesk you will receive automated e-mails regarding the status of a work order.  These e-mails are from the address "heat@calvin.edu" and always contain a valid “work order number” (#002 - - - - -).  These e-mails notify you of when a work order has been opened or closed, or if more information is needed.
  • The HelpDesk sends important alerts regarding service outages from the address “cit-alert@calvin.edu”.
  • Any valid communication from the HelpDesk address helpdesk@calvin.edu will always be signed with the technician’s name followed by “CIT HelpDesk” and a formal signature including the HelpDesk’s contact information.
  • CIT will post announcements to Calvin-Students and Calvin-News from the address “cit-notify@calvin.edu” and the heading of the message will begin with “CIT:….”

More Information

Phishing Attacks

E-mail and Personally Identifiable Information




Monday, October 24, 2011

Windows 7 64-bit PCs to receive large update Service Pack 1 Wednesday, October 26

ALERT: PC-Windows 7 Service Pack 1 update Wednesday, October 26, 2011
Outage Type: Planned/ Informational
This affects: All campus owned PC computers running Windows 7 that do not already have Service Pack 1

Beginning Wednesday, October 26, CIT will be pushing a mandatory update to all PCs running Windows 7 64-bit that do not currently have Service Pack 1 installed. This does not apply to any Mac computers or PC computers running Windows XP or Windows 7 32-bit. About 500 computers will be receiving this update which is being released beginning Wednesday, October 26, and will continue over the next few days from 8am-5pm.

**Who is getting this update?**

This update *only* applies to PCs running Windows 7 64-bit. This update does not apply to Mac computers or PC computers with Windows XP or Windows 7 32-bit (Service Pack 1 was already built into CIT's 32-bit Windows 7). To determine what operating system you have and whether or not you will be receiving this update, click your Start button and then right click on Computer on the right side of the menu and choose Properties. If your "Windows Edition" says d"Windows 7 Enterprise" but does not say "Service Pack 1" below the copyright information, then you do not currently have Service Pack 1 and will be receiving the mandatory update starting Wednesday. If your computer has Windows XP (which should say "Service Pack 3") or has Windows 7 but already says "Service Pack 1" you will not receive the update. CLICK HERE for an example.

**Why is CIT pushing this update?**

"Service Packs" are large Windows updates provided by Microsoft that make a system more reliable and more secure. Microsoft typically issues a Service Pack for each supported operating system every few years. Before incorporating a new Service Pack into the operating systems used on Calvin computers, CIT thoroughly tests each Service Pack for compatibility and stability within the Calvin computing environment.

CLICK HERE for more info on Service Packs.

**What will the update involve?**

Because this is a large update, you should expect it to take about an hour. You will receive an initial prompt when the update is going to begin. You may continue to use your computer while the update is running, but you may notice significant decreases in speed and performance while the update is running. This is a "silent" installation, meaning you will not be prompted during the update once it begins. Please do not shut down or logout while the update is running. When the installation is complete, you will receive a prompt stating that the computer will reboot in three minutes. This reboot cannot be delayed. Please save your work during the three minutes and allow the computer to reboot. When the computer turns back on, it will run through a series of Windows configurations for about 20 minutes. You should see a blue screen indicating the status of the configuration as a percentage. When the Service Pack 1 update is complete, you will see the normal Novell login screen. At this time you may login and use your computer as normal.

If you have any questions or concerns, please contact the HelpDesk by calling 6-8555 or e-mailing helpdesk@calvin.edu.