Minutes of Smathers
Middle Manager's Meeting
June 3, 2004
Present: Shelley Arlen, Tom Caswell, Gary Cornwell, Trudi DiTrolio, David Fuller, Iona Malanchuk, Tom Minton, Cathy Mook, Pat Reakes, Betsy Simpson, Jan Swanbeck, Ben WalkerFlat screen monitors
- CPUs and flat screens – why do the flat screens have to stay with the original CPUs for which they were purchased? Why can’t they be broken up and the monitor be hooked up to another machine? The flat screen monitors are optimized for the CPUs that they came with. Resolution/display problems are the most common. We are currently unable to purchase equipment, period. We have no commitment to replacing working equipment. This is a moot point.
- Yes, still send incidents of possible virus-infected email to SYSHELP if you are suspicious. In almost every case, it is the result of your name/email address being hijacked to send spam, but you are not the source of a virus. If you are dubious, send it to Systems for further investigation. As always, delete any suspicious emails. Remember to put reasonably valid descriptions in the subject line of your emails to prevent any possibility of deletion due to suspicion.
- Expect short-lasting rolling network blackouts in the near future. Our switches have been under attack and we will need to trade out the compromised units. The switches rout the network from the core to individual workstations. These are Cisco switches – they have a fundamental flaw that makes them susceptible to attack.
- We don’t believe that they can mount an attack from the switch once they get in. We are currently trying to identify the compromised boxes. We were under the impression that our boxes were locked down and could not be seen from the outside. They were broken into, anyways.
- It is possible the attack came from within the Libraries, but it could also be from an outside source.
- We’ll be checking every switch for vulnerability. If compromised, it will be swapped out. We will give brief notice – about 5 minutes or so – but it only takes a few minutes to make the swap. Often the outage is undetectable.
- Right now the attack is restricted to the 223 and 228 subnets. Unknown if a reoccurrence is preventable. We are currently speaking with CNS about how to make the switches less obvious to the outside world.
- We also have a trouble ticket in with CNS regarding the Allegro site at FCLA. Private IPs are unable to access the site. Seems to be a problem only for DLC at this time. Please alert SYSHELP whenever you have a number of workstations that cannot access a site.
Back to the Systems Homepage
Last updated June 4, 2004
by Debra Fetzer