Simon's Rock CMS

Announcements from CMS
(Notes from Underground)

For the most current news, read minerva's message of the day and check our list of network downtime. Questions? Comments? Email action.

Virus Alert: Swen (September 18, 2003)

Another worm, Swen (also known as Gibe.F), is making its rounds through email, network shares, and file sharing programs (KaZaA). The email message associated with this worm claims to contain Microsoft Updates. It does not contain updates, but rather the worm. For more details, see F-PROT.

Vulnerability Alert: DCOM-RPC (September 10, 2003)

Another Windows 2000/XP vulnerability has been found (MS03-039). We strongly recommend that all Windows computers be running Windows Update daily. To run updates manually, go to For instructions on configuring Windows Updates to run automatically see the FAQ.

Server Upgrades (September 2, 2003)

Over the course of the past few days the kernels on all of the servers have been upgraded. Additionally, some physical improvements were made to the central networking setup.

Virus Alert: Sobig.F (August 19, 2003)

Another virus, this one quite different from the last. Sobig.F spreads primarily over email, and filtering is in place on our mail server to catch the virus. However, you will likely receive some (even many) virus infection warnings, as this virus forges the sender address, causing warnings and bounce messages to go to people who didn't send out the message. See F-PROT for more details.

Virus Alert: Welchia (August 18, 2003)

Another RPC worm, Welchia (aka Nachi) has been found. This worm has the potential to be more disruptive to the network than Blaster. For more information, see F-PROT. Again, please patch your computer immediately!

Virus Alert: Blaster (August 12, 2003)

There is a new worm on the Internet which threatens Windows XP, 2000, and NT systems which have not been patched for a Windows RPC vulnerability. Please patch your computer immediately! We are taking steps to prevent computers from on-campus from being infected by (or infecting) computers off-campus, but once the worm is on-campus, it will spread on-campus. If you are on-campus, we can provide you with the necessary updates on a CD and/or can install them for you. Unpatched machines will not be allowed on the network. Off-campus users may obtain the updates from Windows Update. For more information about the worm, see:

Services Outages and Upgrades (July 15, 2003)

There will be several service outages next week. On Monday, July 21st, there will be a very brief network and minerva outage sometime between 5PM and 7PM. On Tuesday, July 22nd, there will be a lengthier minerva (web pages, dialup access, and shell accounts) outage sometime after 10 PM, as new hard drives are installed. On Wednesday, July 23rd, there will be brief outages of some of the web-based applications and of the web proxy, as partition tables are modified. Also on Wednesday, there will be a lengthier email outage sometime between 5PM and 7PM for hardware upgrades. Additionally, substantial changes will be made to the firewall policy. Thanks for your patience with this temporary incovenience as we work to improve our services.

New Secure Website (July 1, 2003)

Many secure web applications have been consolidated into one site, Please note the URL changes for webmail (, email address lookups (, and many other such pages.

Newly-Enrolled Students Website (June 13, 2003)

Information for newly-enrolled students can now be found here. The Inside pages for faculty, staff, and current students have also been revised.

minerva Downtime (June 10, 2003)

Due to unanticipated hard drive problems, minerva (web pages, dialup access, and shell accounts) was unavailable from the early morning until 4:30 PM. Everything should be restored now. Please let us know if you notice any problems.

Webmail and Pine Ugrades (June 2, 2003)

Both webmail and pine have been upgraded to newer versions. Additionally, we have made changes to the mail server so that mail delivery now makes use of procmail.

AUP Revised (May 30, 2003)

The Network Acceptable-Use Policy has been revised (shortened), and a new bandwidth policy document has been created. Please review both of these documents, as use of the network implies consent to these policies.

Account Expiration Policy (May 28, 2003)

Since there has been some confusion about this, it's worth restating that alumni accounts are kept automatically for at least one year after graduation (or otherwise leaving) and indefinitely thereafter provided the accounts are actively in use. Old unused accounts will be expired annually. 293 such accounts will be expired next month. If you would like to have your account reinstated, email guestacct.

Miscellaneous Server Changes (May 10, 2003)

In the past week, several changes were made to the way the servers keep track of time, handle mail delivery, authentication, and logging. There was no noticeable downtime while implementing these changes.

Hard Drive Changes on minerva (April 13, 2003)

In the process of making changes to minerva today, it is possible that some files got displaced. Should you notice that any of your files are not where you expect them, send email to action.

Maintenance for minerva (April 3, 2003)

Please take note: minerva will be down for maintenance on Sunday, April 13 between noon and 8 PM. During this time, you will be unable to log in to minerva or dial up to the Simon's Rock network. Interruptions to the website should be brief, and webmail will remain available for the whole day.

Backup Procedures (March 18, 2003)

We have taken a number of steps in the past few months to improve backups of institutional data. Details available to the curious upon request.

More Anti-Spam Restrictions (February 19, 2003)

In our continued fight against spam, we have added more restrictions on incoming mail. Any email in which the domain of the sender (everything after the @) does not exist will be rejected. This may not be the address that appears in the "From:" line. As always, if you suspect any legitimate email of being blocked, please email action. Please continue to report spam will full headers to spam.

Firstname.Lastname (February 14, 2003)

Everyone with a Simon's Rock email account now has an alias of For example, William Shakespeare, were he to by some miracle to teach at Simon's Rock, would be reachable at He might choose to email a gifted student musician at While the email system hasn't been improved enough to allow email to Shakespeare, we hope these aliases will make communication a bit easier.

More Announcements, Different Format (January 24, 2003)

After a lengthy hibernation, there's a new edition of Notes from Underground. Important news includes the announcement of a new problem-reporting system. Please use this to submit requests for help with computer problems.

Spam Again (January 23, 2003)

Hopefully this will be the last spam update for awhile. We're now using a number of different lists for blocking spam. If you believe that legitimate email is being blocked, please contact spam. We are also running spamassassin, which will tag, but not block, spam. If you take a look at your email headers, you should notice that we are using X-Spam-* to mark the probability that a message is spam. You can use your mail client to filter based on these headers. Additionally, we have begun to draft a spam filtering policy.

Fisher Network Upgraded (January 20, 2003)

The network in Fisher has been upgraded to a gigabit switch.

Secure Connection for Pine Users (January 10, 2003)

Pine users are now using imaps (imap-ssl), an encrypted protocol for email-checking. If you are not using pine, you should consider using imaps in your mail client (see the FAQ for instructions).

Resolution for the New Year: Less Spam (January 1, 2003)

One of our goals for the new year is to try to reduce the amount of spam we receive. In the fall semester we have been taking increasing measures to monitor and block spam (about 10-25% of our mail) and will continue to do so. It will help us greatly if you forward any spam you receive with full headers to spam.

Bandwidth Quotas Revised (December 28, 2002)

Rather than have a daily bandwidth quota where once the quota is exceeded computers are blocked for a full day, we have decided to try out a new method. We have broken the day up into four 6-hour quota periods (2AM-8AM, 8AM-2PM, 2PM-8PM, 8PM-2AM). Any computer which moves 400 MB in one of these 6-hour periods will be blocked until the end of the 6-hour period. This means that a 1.6 GB of traffic can be moved in one day. There is no free period, but exceptions may be granted by CMS. For more information, see the policy and the FAQ.

Backups for Christmas (December 25, 2002)

We have once again improved our backup procedures to protect College data. Staff members who are not doing administrative backups should contact CMS about doing so.

Student Discussion Mailing List (December 17, 2002)

A mailing list for student discussions has been created. Go to to subscribe. Note that this is an opt-in discussion list in contrast with the other student mailing list to which all students are subscribed. As such, the global student mailing list should be using sparingly for important announcements.

Changes to Web Applications (December 15, 2002)

A number of web applications which were previously on have been moved to a different server. Any bookmarks you have to this site will be invalid.

Wireless in the Library (December 11, 2002)

There is now wireless network access available in the library. Try out the wire-free network and let us know what you think.

Dining Hall Menu on Calendar (December 1, 2002)

You can now see the dining hall menu on the web calendar.

Network Outages (November 6, 2002)

You may have noticed some network outages yesterday and earlier this week. These were due to problems with our main firewall/router. We apologize for the inconvenience.

Faster Library Network (November 2, 2002)

The network in the library has been upgraded from two 10 megabit hubs to two gigabit connections.

Software on the CMS Website (October 31, 2002)

A collection of free and site-licensed software is now available (on-campus only) at

Router and Switch Upgrades (October 13, 2002)

Both the main campus switch and firewall have been replaced. We are considering revising the bandwidth limits. If you are running a p2p application, please consider reducing the load you put on the network.

Switch from FTP to SFTP (October 6, 2002)

Like telnet, ftp is insecure. When you use ftp, all of your data (password, files, etc.) is sent plain text, which is fairly easy for malicious people to intercept. As an alternative, we strongly encourage using sftp. For more information, please see

Spam Statistics (September 29, 2002)

We have identified about 20% of the mail we receive (roughly 10,000 spam messages a week) as spam or viruses and are blocking these messages. Blocked messages include klez, Nigeria 409 scams, and "opt-in" mailings. Please continue to report unsolicited email to spam (forward with full headers), and we will do our best to block.

Lookup Email Addresses (September 27, 2002)

To look up the email address of someone at Simon's Rock, go to the lookup page. To prevent unauthorized access, you will need to log in with your username and password. You will then be able to search for the addresses of others with Simon's Rock email accounts.

DNS Problems Finally Resolved (September 25, 2002)

As several people have noticed, we have had some DNS propagation problems from off-campus for the past month and a half. These were caused in part by polluted whois data involving our old IP addresses. These problems should be cleared up in the next few days.

Welcome BHSEC (September 18, 2002)

We welcome members of BHSEC to our network.

HTTPS Webservers by Exception Only (September 16, 2002)

Due to recent heightened security concerns, secure (SSL) webservers are now restricted to on-campus only by default. Exceptions will be granted upon demonstration of the security of the server to the network adminsitrator.

Backup Procedure Improved (September 12, 2002)

We've been working to improve our backup procedures. Changes include more frequent backups of administrative data as well as of user files and email stored on servers and server configurations.

New Printers (September 11, 2002)

There are now new networked printers in the following locations: Hill House bottom floor, Hill House middle floor, Crosby study room, and Pibly.

Faculty Discussion Mailing List (September 4, 2002)

The faculty mailing list is now open to all faculty members to post whatever they want. The staff and student mailing lists remain moderated. The student and staff lists are for important, official, global announcements only. Messages are approved by the Dean of Student Life and the Computer Services staff respectively.

Dining Hall Card System (September 4, 2002)

The dining hall card system is now tied in to the central College databases.

AUP Modified (August 27, 2002)

The AUP ( has been revised (mostly shortened). Please read it before using the network. The FAQ ( has also been revised.

Manage Your Account and Password (August 21, 2002)

You can now change your password and other account information via the web. See

Orientation Week (August 20, 2002)

There are now 122 new machines on the network. Good work CAs! If your room has a bad ethernet drop, report it to a CA.

New Dorm on the Network (August 12, 2002)

The new dormitory is now completely networked.

Changes to the Mail Server (August 11, 2002)

The mail server has been significantly upgraded. To change your password and set up and subscribe to mailing lists, see If you are having trouble finding some of your mail, please see the FAQ. Changes include upgrading to a much faster machine, switching from qmail to postfix, changing mailing list managers, and adding a virus scanner. Additionally, we have significantly improved spam filtering using DNSBLs and a variety of custom rules. Please report spam to spam.

New minerva and Changes to Dialup (August 10, 2002)

Last night (this morning?) minerva was replaced with a new machine. Significant changes include making use of a new password authentication model (LDAP), upgrading the modems to 56K (dialup users should no longer need a dialup script or to use a terminal window for connecting), and moving some of the web services to a different web server. Dialup users should refer to the FAQ for the new dialup settings. Additionally, the mail server will be replaced today. As always, report system problems to action.

Server Upgrades (August 4, 2002)

The re-addressing appears to have gone rather painlessly. If you are still unable to dial up to Simon's Rock, see the note about new addresses below. If you have been using telnet to connect to minerva, you will now need to use SSH. The kernel and other software on most of the servers has been upgraded. Probably the most significant change is to the webserver. Let us know if you notice anything that is broken.

New Addresses for Us All (July 29, 2002)

This is a reminder that on Friday, August 2 we will be re-addressing all our IP addresses (the numbers assigned to computers to communicate with each other on the local network and Internet). Our new network block (for those who are interested in such things) is; the new DNS servers will be and Again, there will be some brief network outages Friday evening as well as some off-campus network outages for another day or two (or three or four or five). We will also be increasing our bandwidth capcity at this time and making some other internal changes, including changes to the firewall and the webserver.

For All Your Passwording Needs (July 29, 2002)

Do you know what your passwords are? In just a few short weeks (as opposed to long weeks) you will only have one password that you can use for your minerva account, email password, and Simon's Rock web-based applications. You will be able to change your password and modify such options as email forwarding via a web interface. If you don't know what your passwords are, you will need to have your password reset by someone in Computer Services. To have your password reset, stop by our office or (from off-campus) call 413-528-7344.

New Mail Server (July 29, 2002)

On Saturday, August 10, the email server will be upgraded. The new email server will allow us to block some spam and viruses before they get to you. To make this improvement, email service will be interrupted for a few hours on Saturday. For more details about the new email server, email action.

More Bandwidth and More IPs (July 1, 2002)

On Friday, August 2, we will increase our off-campus bandwidth capacity from three T1s to four T1s. We will also double the number of IP addresses available to us. This latter change will involve re-addressing all IPs and may result in email delays (think of the delays associated with changing your postal address) and difficulty accessing the Simon's Rock website or SSHing to your account from off-campus for up to five days. There will be some brief network outages Friday evening to implement these changes. (If you are interested in the specifics of the migration or to know the new IPs, send a message to action.)

The Last Telnet Announcement (May 28, 2002)

As of Thursday, August 1, telnet to minerva will be completely disabled. Off-campus users will no longer be able to use telnet at this time. instead, all telnet users are encouraged to install an ssh client, or switch to web-based ssh or web-based email. See for more information.

Spam Filtering, Part II (May 1, 2002)

We are now blocking spam from mail servers listed in Once again, report spam (with full headers), to spam.

Changes to Webmail and Backups (April 30, 2002)

Webmail has been upgraded to a new version. Additionally, several changes have been made to the administrative backup server. If you experience any problems with either system, please report them to action. Staff members who would like to request accounts on the backup server should stop by CMS.

Virus Alert: Klez (April 26, 2002)

A variety of worms, known collectively as Klez, have been spotted on our network. As always, exercise extreme caution opening email attachments (that is, don't open them). You should be especially suspicious of messages which contain no text in the body of the message, only attachments. Please note that Klez-infected messages very likely forge the header information, making the virus appear to be coming from someone you know or even from yourself. For more general virus information, see the FAQ. For more information, on Klez see F-Secure and Symantec.

No More Telnet (April 8, 2002)

Faculty and staff please take note: As of Friday, April 12, you will no longer be able to telnet to minerva from your office computers. As of Friday, April 26, on-campus students will no longer be able to telnet to minerva. Off-campus telnet will be discontinued before the beginning of the fall semester. Instead, you will need to use ssh. For more information, see

New Website (March 26, 2002) has undergone a site revision. Check it out!

Spam Filtering (March 9, 2002)

In an attempt to minimize the amount of unsolicited email sent to Simon's Rock email accounts, we are blocking email from certain sites. For more details about the filtering we are using, see,, and If you believe legitamate email is being blocked, let us know. As always, you are encouraged to report spam (with full mail headers only) to spam.

Account Expiration (March 8, 2002)

As per the announcement on Jan 5, 56 inactive accounts have been expired.

More Upgrades (March 2, 2002)

Over break there was a bit of network downtime as a number of upgrades were performed. Upgrades included software on all of the servers, replacing the primary network switch, and installing a newer version of webmail.

Switch from Telnet to SSH (February 8, 2002)

Telnet, the method you might be using to connect to minerva, is not secure. When you use telnet, all of your data (password, email, etc.) is sent in plain text, which is fairly easy for malicious people to intercept. Fortunately, there's a more secure alternative. SSH, or Secure SHell, is like telnet, except that all of your data is encrypted. We strongly encourage you to switch from telnet to SSH and change your password. For more details, see

Bandwidth Limits Revised (January 25, 2002)

Once again, we just don't have enough bandwidth. The current bandwidth limits are 650 MB/day with a free period from 11 PM to 8 AM. Please see the File Sharing Tip below to help reduce your bandwidth consumption.

Faster Networking (January 18, 2002)

At long last the network for all offices in the College Center has been upgraded to 100 Mbps. Staff and faculty will now join the students in having a faster and more secure network.

File Sharing Tip (January 10, 2002)

If you are using Morpheus/KaZaA, Gnutella, or other such programs, you may be unintentionally sharing files. You can dramatically reduce your bandwidth usage in KaZaA by going to Tools -> Options and checking "Disable sharing of files with other KaZaA members". Then go to the Advanced tab and select "Do not function as Supernode." For more tips, see

Notice of Account Expiration (January 5, 2002)

To all former faculty and staff with Simon's Rock email accounts:

As you may or may not know, you still have an active email address at Simon's Rock. Because many people are no longer using their Simon's Rock email (causing email to bounce), we are trying to weed out the unused addresses. If you are still using your Simon's Rock address, you are welcome to keep it.

If you would like to continue to send and/or receive email (or other network services) through Simon's Rock, you must send a message to containing your full name and/or Simon's Rock email address before March 6th. If no confirmation has been received by that time, it will be assumed that you are no longer using your Simon's Rock account, and it will be disabled. If you feel this message has been sent to you in error or have any further questions, please send email to

Network Improvements (December 21, 2001)

In the basement things are always changing. This week we implemented new quality of service rules on the main router and made some physical changes to the central network to improve security. The details are quite technical, but if you are interested, ask.

Restricting Telnet Access (December 11, 2001)

In the first step of a plan to eliminate telnet from the Simon's Rock network for security reasons, users are no longer allowed to run telnet servers that are accessible from off-campus. At some point next semester off-campus users will no longer be able to access their accounts via telnet. We strongly encourage all telnet users to switch to ssh. For information about SSH clients, see the Server section of the FAQ.

Two New Viruses (December 4, 2001)

Two new viruses to be on the lookout for are the Goner worm and Badtrans. If you are using Outlook, both will send themselves to everyone in your address book. Even if you are not using Outlook, do not open attachments. The Goner-infected attachment will likely be called `Gone.scr''; the Badtrans attachment goes by a variety of names.

Bandwidth Limits Revised (December 1, 2001)

The bandwidth policy has been revised. The limit is now 800 MB per day with a free period from 9 PM to 8 AM. Expect further changes as we attempt to improve network performance. As always, you can find out information about your daily usage at

Calendar and Webmail Moved (November 27, 2001)

The online calendar can now be found at Similarly, webmail has moved to

Security Improvements (October 30, 2001)

In response to nimda and other security concerns, we have been tweaking the firewall rules to protect computers at Simon's Rock from other computers off-campus. As a result, if you wish to run services on your computer, you may need to register to do so with us before you will be allowed access.

Nimda Virus Alert (October 10, 2001)

The nimda worm is still on the loose. It spreads in a number of different ways, as are documented by Symantec and other vendors. Simon's Rock is protected from the most common dangerous method of propagation, but we are in no way invulnerable. Nimda can be spread by email attachments (README.EXE), infected Network Neighborhood (My Network Places) shares, and through a javascript bug in Internet Explorer. Please make sure your virus definitions are up-to-date. (For more information about antivirus software, see the CMS FAQ at For more technical information about nimda, see