InfoTech Tuesday, Kansas State University's information technology news source

InfoTech Tuesday is a weekly newsletter about information technology at K-State.

Get past issues
Subscribe to e-list
Search the archive
Send a news item

Executive editor:
     Rebecca Gould
Managing editor:
     Betsy Edwards

What's hot in IT
Antivirus
eIDs and passwords
Projects
Security
TechBytes seminars
Training calendar

Handy IT resources
Help desk
IT homepage
Computer labs
Tech classrooms
IT Index

IT events
and deadlines

June 3-4, 2004 (Thu-Fri)
CHECK conference. Open to all constituents of higher education and technology in Kansas. KU campus, Lawrence.

See the CHECK website.

July 1, 2004 (Thu)
Deadline for phasing non-administrative uses off the K-State IBM platform. See the Sept. 30 article.

K-State Online: Tip of the Week

What worked and what didn't:  
Ever find yourself at the end of the semester wondering what your students really thought about the specifics of your course that the TEVAL just didn't seem to address? Find out.

Seize the opportunity to ask your students about the particulars in an anonymous and risk-free manner -- use the K-State Survey System at surveys.ksu.edu. A few direct questions can lead to insights that can help improve your course and your students' experiences for subsequent semesters.

E-mail a suggestion or help areas for the K-State Online tip to help@online.ksu.edu. Questions? Contact the K-State Online Help Desk, 532-0198.
May 4, 2004 

   In this issue

Sasser worm hitting K-State hard;
hundreds of PCs at risk

updated May 5, 2004, 9:50 a.m.

Sasser is a dangerous new worm that is hitting K-State hard, and almost 400 K-State computers are at risk. This afternoon, the K-State Security Incident Response Team began blocking network access for all computers that are vulnerable to or infected with this worm (see the blocked-hosts list). This is to prevent disruption of the campus network and reduce further infections.

Simple routine maintenance would have stopped Sasser. It attacks known security problems that were reported April 13 in Microsoft Security Bulletin MS04-011, which also had updates to fix the problems. PCs with Microsoft's Windows Update service and owners who are regularly applying those updates are protected against this worm.

An e-mail warning was sent to all K-Staters Wednesday, April 28. Over the weekend, the worm hit two computers on the K-State campus. Computing and Network Services is scanning the campus network often to identify computers that have not yet applied the MS04-011 patch, and a list of those were sent to departmental SIRT contacts and network administrators.

Other Regents universities are reporting hundreds of infected computers. Within three days of Sasser's initial release, there were already three variants. Symantec rates the B variant of Sasser at a severity level of 4 out of 5 -- it's serious! For more about the Sasser worm:

—K-State Security Incident Response Team

Patches for Sasser worm available on free CDs

Free CDs with the Sasser-worm patches for Windows 2000, NT, and XP and other antivirus software are being distributed to K-Staters starting 8 a.m. Wednesday, May 5, at the K-State IT Help Desk in 313 Hale Library. Questions can be sent to the help desk, 532-7722, helpdesk@ksu.edu.

What you can do:

  1. Apply all Windows critical security patches immediately from the CD and/or Microsoft's Windows Update service and then reboot.
  2. Set your Symantec AntiVirus software to update daily.
  3. If you have any questions, contact your department's security contact (see the SIRT contact list) or the K-State IT Help Desk.

If the W32.Sasser worm does infect your computer, recovery will require reformatting the hard drive and reinstalling Windows and your applications.
—R. Gould, Information Technology Assistance Center

Central e-mail improvements slated for fall release

updated May 5, 2004, 1:29 p.m.

Over the summer, Computing and Network Services will be upgrading the infrastructure for the e-mail system on campus. The upgrade will alleviate the strain on the system that we have been experiencing this semester and provide enhanced spam-filtering and antivirus protection. Specific features of the upgrade are listed below.

The WebMail interface will be replaced by a new, web-based e-mail client. This change will not affect mailboxes, and webmail.ksu.edu will continue to be the official web address. Address books will be moved automatically to the new web-based client.

All e-mail clients connecting to the central e-mail server will require encrypted eIDs and passwords.

The university will only support specific e-mail clients. This list was generated from a university-wide committee on the most prevalent clients on campus. K-Staters are not required to change clients if their existing client is secure; however, support will only be provided for "supported clients". Each year this list of supported clients will be re-evaluated and updated.


Platform Supported e-mail clients
Unix/Linux Mozilla 1.5, Netscape 7.1, Pine 4.44
Windows Mozilla 1.5, Netscape 7.1, Outlook (Express 6/5.02M, 2000, 2003), Pegasus 4.12A
Apple Mozilla 1.5, Apple Mail 10.3

Documentation and self-help training modules will be available by the start of the fall semester.

For more information, see the e-mail project website.
—Marketing Committee, K-State E-Mail Enhancement Project

Kansas Regents Network upgraded
to new operating system

The Kansas Regents Network audio-conferencing service migrated to a new operating system in April. The upgrade, while transparent to audio clients, provides increased reliability and stability to meet the growing demand for voice conferencing at K-State.

As part of the upgrade, the network will set up a second, redundant audio server as a backup to on-going conference operations. KRN, located in Bob Dole Hall, uses the Spectel conferencing platform to run approximately 95 conference calls per month. For more information, see www.telenet2.org or call 532-5995.
—S. Barton, Kansas Regents Network

TechBytes finished for semester;
see resources online

The TechBytes series is over for the semester. If you missed some of the sessions, you can review many of the resources -- including videos, PowerPoint presentations, and handouts -- on the Spring 2004 Series webpage. Topics this semester were
  • Cool PC tools
  • Website/computer accessibility
  • PowerPoint do's and don'ts
  • Amazing Adobe Acrobat
  • Using CSS with K-State Online and the Survey System
  • What's new in FrontPage 2003
  • What's new in Macromedia DreamweaverMX2004
  • Microsoft Access
  • Security best practices
  • Tegrity cart system
—G. Snyder, Research and Extension

Cool IT tool:   Clean out Windows temporary space

At least once a month, clean out temporary storage spaces on your computer:

  • C:\temp
  • C:\windows\temp
  • C:\windows\tmp
  • C:\document and settings\username\temp
  • C:\windows\prefetch

Review the Recycle Bin and empty it. If you haven't used it in the last month, you probably don't need anything in there.

Lastly, close all applications, search the C drive for any other temporary files (search *.tmp) and delete any found.

—from TechBytes "Cool Tools"

 

Website worth watching

Current Cites

Current Cites is "an annotated bibliography of selected articles, books, and digital documents on information technology".

Current Cites is produced monthly by a team of librarians and staff at the Berkeley Digital Library SunSITE. They monitor IT literature in both print and digital form, and annotate 10-15 of the best items into a free publication, with a free mailing list.

Send site suggestions to TellTuesday@ksu.edu.
Tuesday's Gem

Office safety practices

With the growing concerns about identity theft, unlawful use of passwords, and security of information, it never hurts to remind K-Staters about safety practices in the work environment.

The following suggestions can make your work space safer:

  1. Shut down your computer when you leave, to keep sensitive university information private. Lock away CDs and other disks with sensitive information.

  2. Keep personal information put away, including phone numbers, passwords, notebooks, and postal mail.

  3. Keep office keys, cellphones, IDs, and access cards with you or locked away at all times.

  4. Shred documents and junk mail with names, SSNs, or any kind of account numbers.

  5. Never put passwords on sticky notes attached to your computer. If you must write passwords down, hide the paper with others in a cabinet.

  6. Put a password on your computer screensaver, so you don't have to close down your computer if you're away from your desk for a while.

For more tips on office security practices, see CSOonline's March article: "It's not just untidy, it's unsafe". It contains a list of 20 violations, the associated risks, and suggested policies.

—A. Cabrera, Information Technology Assistance Center