Technology Update TSAG Meeting 9/12/02. Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup.

Slides:

Advertisements

Similar presentations

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Advertisements

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Technology Update TSAG Meeting 8/8/02. Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Technology Update TSAG Meeting 6/13/02. Announcements: DNS Naming and Cleanup (coming!)  imap: , mail, mail1, mailsrv1  telnet, csun1: csun2, hp9k2,

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Technology Update TSAG Meeting 11/13/03. Rollout of Portal and SOLAR ( Portal and SOLAR are part of the.

Technology Update TSAG Meeting 3/13/03. Announcements: Disaster Recovery Test:[Bill]  (2/18-19) Networking Infrastructure: DNS, DHCP, Authentication.

CNIL Report April 4 th, CNIL Report (Apr 4 th, 2005) Two Major Goals: –Improvement of Instructional Services –Strengthening research IT infrastructure.

Technology Update TSAG Meeting 2/13/03. Announcements: Self-Service Account Utility Available Disaster Recovery Test:  (2/18-19)

Technology Update TSAG Meeting 11/14/02. Announcements: Spam Open Forum  Monday November 18, 2pm-3pm  OV Presentation Room Campus Operations Center:

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.

Technology Update TSAG Meeting 10/10/02. Announcements: DNS Cleanup Send periodic ICMP ping probes to all DNS entries (8/26- 9/13) Correlate data obtained.

TSAG Meeting 3/14/02 Update on Current Technology Initiatives.

Technology Update TSAG Meeting 7/11/02. Announcements: DNS Naming and Cleanup (coming!)  imap: , mail, mail1, mailsrv1  telnet, csun1: csun2, hp9k2,

Fermilab VPN Service What is a VPN ?.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Remote Access Mark Nicolay Computing & Communications.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Virtual Company Group 8 Presentation Date: June /04/2017

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

SCO Insight Connector Training. The SCO Insight Connector  Product Overview  Technical Specifications  Installation  Using the Components  Target.

Brown University Exchange 2003 Molly Baird Manager, Windows-Novell Services.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e

Chapter 6: Packet Filtering

Agenda Overview of Seneca Computer System –File Servers / Student Computer Accounts –Telnet application –How to Logon to Learn / Phobos accounts How to.

Technology Update TSAG Meeting 4/8/04. Announcements IPX and Appletalk being phased out Friday June (Last day of academic year)

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Technology Update TSAG Meeting 3/11/04. Reminders CENIC (Corporation for Education Network Initiatives in California)  4CNET is being phased out. (our.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

TSAG Meeting 1/09/02 Update on Current Technology Initiatives Steven Fitzgerald.

Technology Update TSAG Meeting 7/8/04. Announcements New Interim Director of User Support Services: Bill Hardy Outage on July 17 Udrive status Anyone.

Status of Exchange deployment Alberto Pace for the IT/IS group Desktop Forum, April 3 rd 2003.

Agenda Steps to Obtain your Phobos and Matrix Accounts. How to use a Telnet Application to Access your Phobos and Matrix Accounts How to Create an Effective.

Agenda Overview of Seneca Computer System File Servers / Student Computer Accounts Telnet application How to Logon to Learn / Phobos accounts How to Change.

Technology Update TSAG Meeting 12/12/02. Announcements: Campus Operations Center: Holiday Hours  Christmas: 12/22-1/1 8am-5pm Coverage  On Call Coverage:

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

LO1 Know types of Network Systems and Protocols. Application Layer Protocols.

Technology Update TSAG Meeting 6/10/04. Old Voic System New Voic System installed on May 17 Remaining Issues:  Migrating calling trees  Some.

Plan for the Exchange 2000 Deployment Proposal Desktop Forum IT/IS 30/10/02.

Agenda Overview of Seneca Computer System File Servers / Student Computer Accounts Telnet application How to Logon to Learn / Phobos accounts How to Change.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

XXIII HTASC Meeting – CERN March 2003 LIP and the Traveling Physicist Jorge Gomes LIP - Computer Centre.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

What’s New in Fireware v WatchGuard Training.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

Labs. Session 1 Lab: Installing and Configuring Windows 7 Exercise 1: Migrating Settings by Using Windows Easy Transfer Exercise 2: Configuring a Reference.

Getting Connected to NGS while on the Road…

Working at a Small-to-Medium Business or ISP – Chapter 8

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Welcome To : Group 1 VC Presentation

Physics Network Integration

Getting Connected to NGS while on the Road…

Firewalls Chapter 8.

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Technology Update TSAG Meeting 9/12/02

Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup Send periodic ICMP ping probes to all DNS entries (8/26- 9/13)  Correlate data obtained from probes (9/16-9/19)  Inform TSAG of DNS names to be deleted (9/20)  Purge all defunct DNS names (9/23) Account Cleanup: Collecting information from you.  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~ 8K ???)

Training For TSAG Members Big Picture:  Provide XP training to TSAG members  Prepare for the TSAG recommended wide-spread deployment of XP  First training session in an envisioned series First training session cancelled: lack of participation (9/16 – 9/20) Second training session in jeopardy! Tentative date: 10/14 – 10/18 Coordinate with Chris Sales.

Network Access Control: Recent Changes to Inbound Traffic:  Port-based blocking: with exceptions (ftp, ssh, telnet, http/s) Mail related ports except to identified mail servers Printer-related, X1, and service location related  Subnet blocking: 108 – 111 (Education Building)

Network Access Control: Recent Changes to Inbound Traffic:  Port-based blocking: with exceptions (ftp, ssh, telnet, http/s) Mail related ports except to identified mail servers Printer-related, X1, and service location related  Subnet blocking: 108 – 111 (Education Building) time Application of Subnet Blocking

Proposed Edge ACL Changes Block all inbound ports in the range: Block all inbound connections on subnets: ??? Target date: October 4 Next step: Block all inbound connections to non Internet Servers Internet Server: A server that provides one or more services to individuals off campus. We need information on Internet Servers! Target date: ? January 2003 ?

Preparing for an IDS From the May TSAG Examine “services” provided (by each unit) Determine general philosophy for Access Control Defined typical traffic patterns Block all unwanted traffic Monitor traffic for abnormal behavior I.e., we need to understand the services we provide to our constituents.

Dragon Intrusion Detection System IDS: Real-time detection, reporting, and termination of unauthorized network activity Problem: We need to know which traffic is authorized or unauthorized based upon your units needs. Current Status of System

Virtual Private Networking Preproduction Service Installed: Cisco Systems VPN 3060 Network Address: vpn.csun.edu Clients Available for:  Windows (95-XP)  Macintosh System 10.1  Solaris  Linux (Intel) Works with the campus directory!

What does the VPN do? Encrypted Traffic:

Secure Services Provide via VPN Examples of uses:  Create secure wireless connections on campus  Gain more complete secure access to the campus network over wireless  Create secure connections to the campus network from home  Full, secure use of your campus using POP or IMAP client from your home computer  Share on campus files securely with your home computer More to be added?

Bypassing x1400 (For TSAG Members Only) To provide better support to technical savvy individuals, the Campus Helpdesk and ITR techs will be monitoring an IRC chat room. Server Name:irc.csun.edu Chat Room:#helpdesk Software Clients:  xchat:  mIRC: Status of System:Experimental!

Mail Migration Update Recap:  >41K users migrated (1 user took 11 hours)  >160 GB of data migrated (Quota’s are NEEDED!)  Planned 4 day activity  11 day activity End-user Problems: (2172 helpdesk calls) 85% Desktop Issues 12% Mail aliases 3%Duplicate for POP users

Directory Lookup for Aliases $ ssh csun1.csun.edu $ ldapsearch –h dir.csun.edu –b o=csun uid=steve dn: uid=steve, ou=People, ou=Auth, o=CSUN uid: steve … mail: mailLocalAddress: mailLocalAddress: mailhost: petrel.csun.edu mailRoutingAddress: steve

POP / Duplication Issue POP users indicated receiving multiple copies of mail each time they POPed I recommended: Configure POP without save on server option This is a Red Herring! Feel free to configure POP as you see fit.

Mail and Calendaring: Next Step More aggressive SPAM filtering SSL/TLS support SMTP auth support SMTP auth requirement TSAG committee to evaluate: “Support Issues for Campus Calendaring System” Contact: David Sorkin