Minutes of Smathers
Middle Manager's Meeting
January 17, 2002
Present: Joe Aufmuth, Bill Covey, Gary Cornwell, John Ingram, Vernon Kisling, Patrick Reakes, Carol TurnerW2K Public Rollout/Authentication
Squid Server Hacked
- Rollout is substantially completed. Having it working the way we want – is not exactly complete. We are currently adjusting, making new images.
- It is proving to be challenging to hit a balance between making the workstations workable, having enough security and having them able to function with Xerox printing. All three are difficult to achieve alone.
- Xerox has cancelled scheduled meetings here in the past two weeks due to emergencies elsewhere in the state.
- Authentication is working fine. There has not been much in the way of complaints from the public.
- There was one grad student who was complaining that when he was referred to the Library Web site for an explanation as to why we are requiring authentication it didn’t specify if we are checking to see what exactly people are looking at. The Libraries are not exactly trying to determine that, but we have no control as to what is done at the University/NERDC level. We are not routinely recording site information unless we are legally forced. There have only been a total of about three complaints thus far.
- Given the way the Net is set up, privacy is dead – get over it. It is very difficult to maintain privacy in this day and age.
- The Unix proxy server for the public networks that prohibits access to email, chat & game sites runs on one CPU. If it goes down, all of the public access workstations go down.
- Last Monday evening, NERDC reported that our Squid server was probing other computers on the Internet. The server was compromised - to be used later in an attack. We found out about it 30 hours after it started, but we were able to get it offline in 20 minutes. There was no apparent sign that it was probing or that it had been hacked. Had to rebuild it from scratch, reinstall Linux, format the disk – took about two hours.
- Under these circumstances, the public is either locked out of the Web or the workstations can be totally open.
- We’re planning on picking up several different servers to put in various departments to act as proxy servers. That way we could shift one over if it becomes necessary to rebuild one.
- A non-proxy profile is not practical.
- It’ll be another 2-3 weeks before we get an order out for new computers.
- We’ll purchase the proxy servers first. We need to get going on them.
- It is uncertain how we will be funded in the future. FCLA may not be funding us in the future, given the budget uncertainty.
- If we are unable to purchase new computers, we’ll have 3-4 groups of warranties running out. It will be expensive to repair the machines when they are down.
- The strategic plan for technology for the whole University – IT. President Young wants us to be one of the top ten technology-savvy schools.
- There are training issues. Some people are concerned with the evenness of the training.
- Funding issues need to be re-thought from the top down. Ideas have been submitted, plans have been collected.
Back to the Systems Homepage
Last updated January 23, 2002
by Debra Harris