Announcements from CMS
(Notes from Underground)
For the most current news, read minerva's message of the day and check
our list of network downtime. Questions?
Comments? Email action.
Virus Alert: Swen (September 18, 2003)
Another worm, Swen (also known as Gibe.F), is making its rounds through
email, network shares, and file sharing programs (KaZaA). The email message
associated with this worm claims to contain Microsoft Updates. It does not
contain updates, but rather the worm. For more details, see
Vulnerability Alert: DCOM-RPC (September 10, 2003)
Another Windows 2000/XP vulnerability has been found
We strongly recommend that all Windows computers be running Windows Update
daily. To run updates manually, go to
For instructions on configuring Windows Updates to run automatically see the
Server Upgrades (September 2, 2003)
Over the course of the past few days the kernels on all of the servers
have been upgraded. Additionally, some physical improvements were made to
the central networking setup.
Virus Alert: Sobig.F (August 19, 2003)
Another virus, this one quite different from the last. Sobig.F spreads
primarily over email, and filtering is in place on our mail server to catch
the virus. However, you will likely receive some (even many) virus
infection warnings, as this virus forges the sender address, causing
warnings and bounce messages to go to people who didn't send out the
message. See F-PROT
for more details.
Virus Alert: Welchia (August 18, 2003)
Another RPC worm, Welchia (aka Nachi) has been found. This worm has the
potential to be more disruptive to the network than Blaster. For more
information, see F-PROT.
Again, please patch your computer immediately!
Virus Alert: Blaster (August 12, 2003)
There is a new worm on the Internet which threatens Windows XP, 2000, and
NT systems which have not been patched for a Windows RPC vulnerability.
Please patch your computer immediately! We are taking steps to prevent
computers from on-campus from being infected by (or infecting) computers
off-campus, but once the worm is on-campus, it will spread on-campus. If
you are on-campus, we can provide you with the necessary updates on a CD
and/or can install them for you. Unpatched machines will not be allowed on
the network. Off-campus users may obtain the updates from Windows Update.
For more information about the worm, see:
Services Outages and Upgrades (July 15, 2003)
There will be several service outages next week. On Monday, July 21st,
there will be a very brief network and minerva outage sometime between 5PM
and 7PM. On Tuesday, July 22nd, there will be a lengthier minerva (web
pages, dialup access, and shell accounts) outage sometime after 10 PM, as
new hard drives are installed. On Wednesday, July 23rd, there will be brief
outages of some of the web-based applications and of the web proxy, as
partition tables are modified. Also on Wednesday, there will be a lengthier
email outage sometime between 5PM and 7PM for hardware upgrades.
Additionally, substantial changes will be made to the firewall policy.
Thanks for your patience with this temporary incovenience as we work to
improve our services.
New Secure Website (July 1, 2003)
Many secure web applications have been consolidated into one site,
secure.simons-rock.edu. Please note the URL changes for webmail (https://secure.simons-rock.edu/webmail/),
email address lookups (https://secure.simons-rock.edu/ref/find.html),
and many other such pages.
Newly-Enrolled Students Website (June 13, 2003)
Information for newly-enrolled students can now be found here. The Inside pages for faculty, staff,
and current students have also been revised.
minerva Downtime (June 10, 2003)
Due to unanticipated hard drive problems, minerva (web pages, dialup
access, and shell accounts) was unavailable from the early morning until
4:30 PM. Everything should be restored now. Please let us know if you
notice any problems.
Webmail and Pine Ugrades (June 2, 2003)
Both webmail and pine have been upgraded to newer versions.
Additionally, we have made changes to the mail server so that mail delivery
now makes use of procmail.
AUP Revised (May 30, 2003)
The Network Acceptable-Use Policy has been
revised (shortened), and a new bandwidth policy
document has been created. Please review both of these documents, as use of
the network implies consent to these policies.
Account Expiration Policy (May 28, 2003)
Since there has been some confusion about this, it's worth restating that
alumni accounts are kept automatically for at least one year after
graduation (or otherwise leaving) and indefinitely thereafter provided the
accounts are actively in use. Old unused accounts will be expired annually.
293 such accounts will be expired next month. If you would like to have your
account reinstated, email guestacct.
Miscellaneous Server Changes (May 10, 2003)
In the past week, several changes were made to the way the servers keep
track of time, handle mail delivery, authentication, and logging. There was
no noticeable downtime while implementing these changes.
Hard Drive Changes on minerva (April 13, 2003)
In the process of making changes to minerva today, it is possible that
some files got displaced. Should you notice that any of your files are
not where you expect them, send email to action.
Maintenance for minerva (April 3, 2003)
Please take note: minerva will be down for maintenance on Sunday, April
13 between noon and 8 PM. During this time, you will be
unable to log in to minerva or dial up to the Simon's Rock network.
Interruptions to the website should be brief, and webmail will remain
available for the whole day.
Backup Procedures (March 18, 2003)
We have taken a number of steps in the past few months to improve
backups of institutional data. Details available to the curious upon
More Anti-Spam Restrictions (February 19, 2003)
In our continued fight against spam, we have added more restrictions on
incoming mail. Any email in which the domain of the sender (everything
after the @) does not exist will be rejected. This may not be the address
that appears in the "From:" line. As always, if you suspect any legitimate
email of being blocked, please email action. Please continue to
report spam will full headers to spam.
Firstname.Lastname (February 14, 2003)
Everyone with a Simon's Rock email account now has an alias of
email@example.com. For example, William Shakespeare, were
he to by some miracle to teach at Simon's Rock, would be reachable at
firstname.lastname@example.org. He might choose to email a gifted
student musician at email@example.com. While the email
system hasn't been improved enough to allow email to Shakespeare, we hope
these aliases will make communication a bit easier.
More Announcements, Different Format (January 24, 2003)
After a lengthy hibernation, there's a new edition of Notes from
Underground. Important news includes the announcement of a new
Please use this to submit requests for help with computer problems.
Spam Again (January 23, 2003)
Hopefully this will be the last spam update for awhile. We're now using
a number of different lists for blocking spam. If you believe that
legitimate email is being blocked, please contact spam. We are also
running spamassassin, which will tag, but not block, spam. If you take a
look at your email headers, you should notice that we are using X-Spam-* to
mark the probability that a message is spam. You can use your mail client
to filter based on these headers. Additionally, we have begun to draft a
spam filtering policy.
Fisher Network Upgraded (January 20, 2003)
The network in Fisher has been upgraded to a gigabit switch.
Secure Connection for Pine Users (January 10, 2003)
Pine users are now using imaps (imap-ssl), an encrypted protocol for
email-checking. If you are not using pine, you should consider using imaps
in your mail client (see the FAQ for
Resolution for the New Year: Less Spam (January 1, 2003)
One of our goals for the new year is to try to reduce the amount of spam
we receive. In the fall semester we have been taking increasing measures to
monitor and block spam (about 10-25% of our mail) and will continue to do so.
It will help us greatly if you forward any spam you receive with full
headers to spam.
Bandwidth Quotas Revised (December 28, 2002)
Rather than have a daily bandwidth quota where once the quota is exceeded
computers are blocked for a full day, we have decided to try out a new
method. We have broken the day up into four 6-hour quota periods (2AM-8AM,
8AM-2PM, 2PM-8PM, 8PM-2AM). Any computer which moves 400 MB in one of these
6-hour periods will be blocked until the end of the 6-hour period. This
means that a 1.6 GB of traffic can be moved in one day. There is no free
period, but exceptions may be granted by CMS. For more information, see the
policy and the FAQ.
Backups for Christmas (December 25, 2002)
We have once again improved our backup procedures to protect College
data. Staff members who are not doing administrative backups should contact
CMS about doing so.
Student Discussion Mailing List (December 17, 2002)
A mailing list for student discussions has been created. Go to
to subscribe. Note that this is an opt-in discussion list in contrast with
the other student mailing list to which all students are subscribed. As
such, the global student mailing list should be using sparingly for
Changes to Web Applications (December 15, 2002)
A number of web applications which were previously on
https://scorpio.simons-rock.edu/ have been moved to a different server. Any
bookmarks you have to this site will be invalid.
Wireless in the Library (December 11, 2002)
There is now wireless network access available in the library. Try out
the wire-free network and let us know what you think.
Dining Hall Menu on Calendar (December 1, 2002)
You can now see the dining
hall menu on the web calendar.
Network Outages (November 6, 2002)
You may have noticed some network outages yesterday and earlier this
week. These were due to problems with our main firewall/router. We
apologize for the inconvenience.
Faster Library Network (November 2, 2002)
The network in the library has been upgraded from two 10 megabit hubs to
two gigabit connections.
Software on the CMS Website (October 31, 2002)
A collection of free and site-licensed software is now available
(on-campus only) at http://cms.simons-rock.edu/software/.
Router and Switch Upgrades (October 13, 2002)
Both the main campus switch and firewall have been replaced. We are
considering revising the bandwidth limits. If you are running a p2p
application, please consider reducing the load you
put on the network.
Switch from FTP to SFTP (October 6, 2002)
Like telnet, ftp is insecure. When you use ftp, all of your data
(password, files, etc.) is sent plain text, which is fairly easy for
malicious people to intercept. As an alternative, we strongly encourage
using sftp. For more information, please see http://cms.simons-rock.edu/ssh/sftp.html.
Spam Statistics (September 29, 2002)
We have identified about 20% of the mail we receive (roughly 10,000 spam
messages a week) as spam or viruses and are blocking these messages.
Blocked messages include klez, Nigeria 409 scams, and "opt-in" mailings.
Please continue to report unsolicited email to spam (forward with
full headers), and we will do our best to block.
Lookup Email Addresses (September 27, 2002)
To look up the email address of someone at Simon's Rock, go to the lookup page.
To prevent unauthorized access, you will need to log in with your username
and password. You will then be able to search for the addresses of others
with Simon's Rock email accounts.
DNS Problems Finally Resolved (September 25, 2002)
As several people have noticed, we have had some DNS propagation problems
from off-campus for the past month and a half. These were caused in part by
polluted whois data involving our old IP addresses. These problems should
be cleared up in the next few days.
Welcome BHSEC (September 18, 2002)
We welcome members of BHSEC to our network.
HTTPS Webservers by Exception Only (September 16, 2002)
Due to recent heightened security concerns, secure (SSL) webservers are now
restricted to on-campus only by default. Exceptions will be granted upon
demonstration of the security of the server to the network adminsitrator.
Backup Procedure Improved (September 12, 2002)
We've been working to improve our backup procedures. Changes include more
frequent backups of administrative data as well as of user files and email
stored on servers and server configurations.
New Printers (September 11, 2002)
There are now new networked printers in the following locations: Hill
House bottom floor, Hill House middle floor, Crosby study room, and Pibly.
Faculty Discussion Mailing List (September 4, 2002)
The faculty mailing list is now open to all faculty members to post
whatever they want. The staff and student mailing lists remain moderated.
The student and staff lists are for important, official, global
announcements only. Messages are approved by the Dean of Student Life and
the Computer Services staff respectively.
Dining Hall Card System (September 4, 2002)
The dining hall card system is now tied in to the central College
AUP Modified (August 27, 2002)
The AUP (http://cms.simons-rock.edu/policy.html)
has been revised (mostly shortened). Please read it before using the
network. The FAQ (http://cms.simons-rock.edu/faq/) has
also been revised.
Manage Your Account and Password (August 21, 2002)
You can now change your password and other account information via the
web. See http://cms.simons-rock.edu/account.html.
Orientation Week (August 20, 2002)
There are now 122 new machines on the network. Good work CAs! If your
room has a bad ethernet drop, report it to a CA.
New Dorm on the Network (August 12, 2002)
The new dormitory is now completely networked.
Changes to the Mail Server (August 11, 2002)
The mail server has been significantly upgraded.
To change your password and set up and subscribe to mailing lists, see https://mail.simons-rock.edu. If
you are having trouble finding some of your mail, please see the FAQ. Changes include upgrading to a much faster machine,
switching from qmail to postfix, changing mailing list managers, and adding
a virus scanner. Additionally, we have significantly improved spam
filtering using DNSBLs and a variety of custom rules. Please report spam to
New minerva and Changes to Dialup (August 10, 2002)
Last night (this morning?) minerva was replaced with a new machine.
Significant changes include making use of a new password authentication
model (LDAP), upgrading the modems to 56K (dialup users should no longer
need a dialup script or to use a terminal window for connecting), and moving
some of the web services to a different web server. Dialup users should
refer to the FAQ for the new dialup settings.
Additionally, the mail server will be replaced today. As always, report
system problems to action.
Server Upgrades (August 4, 2002)
The re-addressing appears to have gone rather painlessly. If you are
still unable to dial up to Simon's Rock, see the note about new addresses
below. If you have been using telnet to connect to minerva, you will now
need to use SSH. The kernel and other software on most of the servers has
been upgraded. Probably the most significant change is to the webserver.
Let us know if you notice anything that is broken.
New Addresses for Us All (July 29, 2002)
This is a reminder that on Friday, August 2 we will be re-addressing all our
IP addresses (the numbers assigned to computers to communicate with each
other on the local network and Internet). Our new network block (for those
who are interested in such things) is 184.108.40.206/21; the new DNS servers
will be 220.127.116.11 and 18.104.22.168. Again, there will be some brief
network outages Friday evening as well as some off-campus network outages
for another day or two (or three or four or five). We will also be
increasing our bandwidth capcity at this time and making some other internal
changes, including changes to the firewall and the webserver.
For All Your Passwording Needs (July 29, 2002)
Do you know what your passwords are? In just a few short weeks (as opposed
to long weeks) you will only have one password that you can use for your
minerva account, email password, and Simon's Rock web-based applications.
You will be able to change your password and modify such options as email
forwarding via a web interface. If you don't know what your passwords are,
you will need to have your password reset by someone in Computer Services.
To have your password reset, stop by our office or (from off-campus) call
New Mail Server (July 29, 2002)
On Saturday, August 10, the email server will be upgraded. The new email
server will allow us to block some spam and viruses before they get to you.
To make this improvement, email service will be interrupted for a few hours
on Saturday. For more details about the new email server, email
More Bandwidth and More IPs (July 1, 2002)
On Friday, August 2, we will increase our off-campus bandwidth capacity
from three T1s to four T1s. We will also double the number of IP addresses
available to us. This latter change will involve re-addressing all IPs and
may result in email delays (think of the delays associated with changing
your postal address) and difficulty accessing the Simon's Rock website or
SSHing to your account from off-campus for up to five days. There will be
some brief network outages Friday evening to implement these changes. (If
you are interested in the specifics of the migration or to know the new IPs,
send a message to action.)
The Last Telnet Announcement (May 28, 2002)
As of Thursday, August 1, telnet to minerva will be completely disabled.
Off-campus users will no longer be able to use telnet at this time.
instead, all telnet users are encouraged to install an ssh client, or switch
to web-based ssh or web-based email. See
http://cms.simons-rock.edu/ssh/ for more information.
Spam Filtering, Part II (May 1, 2002)
We are now blocking spam from mail servers listed in relays.osirusoft.com. Once again,
report spam (with full
headers), to spam.
Changes to Webmail and Backups (April 30, 2002)
Webmail has been upgraded to a new version. Additionally, several
changes have been made to the administrative backup server. If you
experience any problems with either system, please report them to action.
Staff members who would like to request accounts on the backup server should
stop by CMS.
Virus Alert: Klez (April 26, 2002)
A variety of worms, known collectively as Klez, have been spotted on our
network. As always, exercise extreme caution opening email attachments
(that is, don't open them). You should be especially suspicious of messages
which contain no text in the body of the message, only attachments. Please
note that Klez-infected messages very likely forge the header information,
making the virus appear to be coming from someone you know or even from
yourself. For more general virus information, see the
FAQ. For more information, on Klez see F-Secure and Symantec.
No More Telnet (April 8, 2002)
Faculty and staff please take note: As of Friday, April 12, you will no
longer be able to telnet to minerva from your office computers. As of
Friday, April 26, on-campus students will no longer be able to telnet to
minerva. Off-campus telnet will be discontinued before the beginning of the
fall semester. Instead, you will need to use ssh. For more information, see
New Website (March 26, 2002)
undergone a site revision. Check it out!
Spam Filtering (March 9, 2002)
In an attempt to minimize the amount of unsolicited email sent to Simon's
Rock email accounts, we are blocking email from certain sites. For more
details about the filtering we are using, see
ordb.org. If you believe legitamate email
is being blocked, let us know. As always, you are encouraged to report spam
(with full mail headers only) to spam.
Account Expiration (March 8, 2002)
As per the announcement on Jan 5, 56 inactive accounts have been
More Upgrades (March 2, 2002)
Over break there was a bit of network downtime as a number of upgrades
were performed. Upgrades included software on all of the servers, replacing
the primary network switch, and installing a newer version of webmail.
Switch from Telnet to SSH (February 8, 2002)
Telnet, the method you might be using to connect to minerva, is not
secure. When you use telnet, all of your data (password, email, etc.) is
sent in plain text, which is fairly easy for malicious people to intercept.
Fortunately, there's a more secure alternative. SSH, or Secure SHell, is
like telnet, except that all of your data is encrypted. We strongly
encourage you to switch from telnet to SSH and change your password. For
more details, see http://cms.simons-rock.edu/ssh/.
Bandwidth Limits Revised (January 25, 2002)
Once again, we just don't have enough bandwidth. The current bandwidth
limits are 650 MB/day with a free period from 11 PM to 8 AM. Please see the
File Sharing Tip below to help reduce your bandwidth consumption.
Faster Networking (January 18, 2002)
At long last the network for all offices in the College Center has been
upgraded to 100 Mbps. Staff and faculty will now join the students in
having a faster and more secure network.
File Sharing Tip (January 10, 2002)
If you are using Morpheus/KaZaA, Gnutella, or other such programs,
you may be unintentionally sharing files. You can dramatically reduce your
bandwidth usage in KaZaA by going to Tools -> Options and checking "Disable
sharing of files with other KaZaA members". Then go to the Advanced tab and
select "Do not function as Supernode." For more tips, see cms.simons-rock.edu/fileshare.html.
Notice of Account Expiration (January 5, 2002)
To all former faculty and staff with Simon's Rock email accounts:
As you may or may not know, you still have an active email address at
Simon's Rock. Because many people are no longer using their Simon's Rock
email (causing email to bounce), we are trying to weed out the unused
addresses. If you are still using your Simon's Rock address, you are
welcome to keep it.
If you would like to continue to send and/or receive email (or other network
services) through Simon's Rock, you must send a message to
firstname.lastname@example.org containing your full name and/or Simon's Rock
email address before March 6th. If no confirmation has been received by
that time, it will be assumed that you are no longer using your Simon's Rock
account, and it will be disabled. If you feel this message has been sent to
you in error or have any further questions, please send email to
Network Improvements (December 21, 2001)
In the basement things are always changing. This week we implemented new
quality of service rules on the main router and made some physical changes
to the central network to improve security. The details are quite
technical, but if you are interested, ask.
Restricting Telnet Access (December 11, 2001)
In the first step of a plan to eliminate telnet from the Simon's Rock
network for security reasons, users are no longer allowed to run telnet
servers that are accessible from off-campus. At some point next semester
off-campus users will no longer be able to access their accounts via telnet.
We strongly encourage all telnet users to switch to ssh. For information
about SSH clients, see the Server section of the FAQ.
Two New Viruses (December 4, 2001)
Two new viruses to be on the lookout for are the
If you are using Outlook, both will send themselves to everyone in
your address book. Even if you are not using Outlook, do not open
attachments. The Goner-infected attachment will likely be called
`Gone.scr''; the Badtrans attachment goes by a variety of names.
Bandwidth Limits Revised (December 1, 2001)
The bandwidth policy has been revised. The limit is now 800 MB per day with
a free period from 9 PM to 8 AM. Expect further changes as we attempt to
improve network performance. As always, you can find out information about
your daily usage at
Calendar and Webmail Moved (November 27, 2001)
The online calendar can now be found at
Similarly, webmail has moved to http://inside.simons-rock.edu/webmail/.
Security Improvements (October 30, 2001)
In response to nimda and other security concerns, we have been tweaking the
firewall rules to protect computers at Simon's Rock from other computers
off-campus. As a result, if you wish to run services on your computer, you
may need to register to do so with us before you will be allowed access.
Nimda Virus Alert (October 10, 2001)
The nimda worm is still on the loose. It spreads in a number of
different ways, as are documented by Symantec and other vendors.
Simon's Rock is protected from the most common dangerous
method of propagation, but we are in no way invulnerable. Nimda can be
spread by email attachments (README.EXE), infected Network Neighborhood (My Network
your virus definitions are up-to-date. (For more information about
antivirus software, see the CMS FAQ at
For more technical information about nimda, see http://www.incidents.org/react/nimda.pdf.