.
Uranium Sulfur Oxygen Department of Chemistry The Ohio State University Department of Chemistry Department of Chemistry The Ohio State University I go round and round Department of Chemistry The Ohio State University return to the chemistry home page return to the chemistry home page return to the main graduate page return to the chemistry home page return to the main internal resources page return to the chemistry home page return to internal resources page return to the computer support page return to the chemistry home page return to the main undergraduate page

     
Graduate Program
Undergraduate Program
Scholarships
Faculty Research
Career Resources
Facilities & Services
Personnel Directory
Seminars & Events
Outreach
Internal Resources
Alumni
Contribute
Positions Available

_blank  C O M P N E W S: --- The Computer Newsletter of the Chemistry Department
_blank Issue 41; October 25, 2002 

Topics

1) General News: Student worker changes
2) General News: How to block spam
3) General News: New equipment checkout/return method
4) General News: OIT will discontinue Homenet
5) General News: OIT email system changes
6) Windows News: Access to Windows U: shares from outside changed
7) Windows News: Automated Windows2000 Updates
8) Lab News: More New Lab PCs
9) Unix News: Linux upgrades
10) General Tips: Did you know that...?


Chemistry Department Related FAQs:

	http://www.chemistry.ohio-state.edu/compsupp/Faqs/

Newsletter Archive:

        http://www.chemistry.ohio-state.edu/compsupp/Newsletter/

Due to the many hyperlinks, COMPNEWS is best viewed on the web
at the above URL, or by going to the main Chemistry page and
clicking on Internal --> Computer Support --> The Newsletter Archive




1) General News: Student worker changes:



We hired Waiping 'Anita' Chiu as a new student worker at the beginning of
summer quarter. Her hours are posted in the Computer Lab 2105 NW.

Nathaniel Graham left us in September, after finishing a big project he
worked on (NIM, an automated way to install, upgrade and maintain all IBM AIX
computers in the Department). He also created the current system of
'kickstart' for unattended installs of Linux computers. We are now trying to
find somebody to extend his work to SGI IRIX computers.


2) General News: How to block spam:



Since the beginning of May, we have been screening all incoming and outgoing
email on the chemistry Unix server for viruses (see COMPNEWS issue 40). With
viruses, the situation is relatively easy: an email message either contains a
virus or it doesn't. There is no gray area in between. The only possibility
for a virus to slip through is if the virus is so new that the vendor
(McAffee) hasn't had the time to update the virus definitions yet.

With spam, the situation is much more complicated. There is no, and there can
be no, universally accepted definition of what constitutes spam. For this
reason, any attempt on our part to globally block all incoming spam is bound
to fail because it leads to false positives -- you don't get legitimate mail
because it is wrongly classified as spam. In particularly egregious cases, we
can block individual sender addresses or entire domains. But in general,
since spammers frequently change ISPs and/or forge From: addresses, this
strategy is not effective.

We have installed a software package called 'SpamAssassin' on the chemistry
Unix server that will allow you to individually opt in. Each email message
will be assigned a numeric score based on a set of rules, and messages that
score higher than a certain threshold will be flagged as spam. You can adjust
the threshold, modify the rule set (change existing rules, add new rules),
and select the final disposition of email flagged as spam.

For more information on how to use and configure SpamAssassin, see our new
FAQ

  Internal --> Computer Support --> Chemistry Department Related FAQs -->
           --> How do I block spam email?

Here are some more general comments about spam:

Until stronger laws concerning spamming are enacted, spamming will remain a
problem. Until that day comes, here are some general suggestions for dealing
with spam...

1. Just delete the spam messages.

2. Use SpamAssassin as described above.

3. NEVER respond to a spammer's email using your own email address. If you
use your own email address, that only verifies to the spammer that he has
found a real email address; he will continue to send you spam and probably
sell your email address to others.

4. NEVER click on the little button or link that is frequently at the bottom
of the spam message saying something like "remove", "remove me" or something
similar. The address given to respond to may be completely bogus and any
message sent bounces. Or, if the address is valid, clicking on the
button/link again serves to verify a legitimate email address to the spammer,
who, if less than ethical, will keep on sending you spam.

5. Often, the most effective method of dealing with spammers is to forward
the entire spam message to the sender's ISP (Internet Service Provider). A
legitimate and ethical ISP will delete an account if they know it is being
used for spam. Unfortunately, spammers may counter this by obtaining new
accounts through some other ISP and continuing spamming.

6. System administrators may create "blacklists" to block messages from known
spammers' addresses/domains. There are problems with this, since spammers
frequently change their addresses, and so blocking a larger block of
addresses (like all those from a given domain), may also prevent legitimate
messages from getting through (the throwing-out-the-baby-with-the-bathwater
syndrome).

There is no easy fix for the problem of spam. It is not generally illegal
(except in cases involving child pornography). As long as there is economic
incentive for e-marketers to send unsolicited commercial email and there are
no economic/legal DISincentives to do so, the problem will continue.


3) General News: New equipment checkout/return method:



We have implemented a new equipment checkout/return method to facilitate
checkouts and returns outside of business hours and when the computer support
staff are away from their offices. We have established an equipment closet in
the stairwell in the southeast corner of Newman Wolfrom Lab (you reach the
stairway if you continue walking straight past the computer lab, 2105NW,
coming from the elevator).

The new system works like this:

1) If you are checking out or returning any piece of equipment during normal
   business hours, continue as you have in the past.

2) If you are returning equipment well outside normal business hours, you
   will find a key in the case in which the equipment came. You will use this
   key to open the padlock on the equipment closet in the stairwell AND
   RETURN the key where you found it. You will then place the equipment (with
   the key) in the closet and lock the closet with the padlock.

3) If you wish to check out equipment very early (and someone else has the
   equipment checked out late the previous morning so you can't simply pick
   it up early) you will receive a 'checkout' key.

   This will allow you entry to the equipment closet where the equipment was
   dropped off late the previous evening.

4) We will ask that you leave an ID whenever you take a checkout key.

All keys are on 4" plastic rings and should be more difficult to misplace.
Be VERY careful with the keys, as when one is lost we will be forced to
abandon this clever scheme and return to the method we have in place now.

FYI: The equipment closet is securely bolted to the wall so that someone
can't easily just walk off with the entire cabinet.

Note that we now have VGA cables that can be used to connect laptops to the
projection units in certain conference rooms like 1015 MP.

We have 3-4 cables, so you can check out a cable well in advance of your need
and try it out.

They can be returned using the same method discussed above.


4) General News: OIT will discontinue Homenet:



The new Information Technology Resources Guide for Faculty and Staff arrived
in the campus mail. In it, OIT announced to the campus community that due to
reduced funding, declining use and outdated equipment, the complimentary
Homenet dial-in service is being discontinued as of June 30, 2003.

Data gathered through the OSU Poll show that while connectivity to the
Internet is steadily increasing, the use of HomeNet as an ISP is steadily
decreasing, especially among the student population. Additionally, the modem
pool terminal servers supporting HomeNet are no longer sold, maintained or
supported by Cisco - they were obsoleted in February, 2002.

OIT hopes that with nine months of lead time, current HomeNet users will be
able to find an alternative ISP suited to their needs. As a low cost
alternative with speeds up to 56K, UNITS offers three different access plans
through OSUWeb.Net: $1.95 for 10 hours per month; $6.95 for 100 hours per
month; and unlimited access for $12.95 per month.


5) General News: OIT email system changes:



OIT has been notifying customers for the past several months about phasing
out legacy addresses while implementing a new email system.

If you're still using old magnus or postbox addresses, for example in your
.forward file on the chemistry Unix server, please replace them with valid
OSU email addresses.

More information can be found under

  http://8help.ohio-state.edu/724.html


6) Windows News: Access to Windows U: shares from outside changed:



Until recently you could access your U: share on the Windows file server from
outside the Department in the same way you access your share from inside,
namely by mapping a drive letter (U:) to \\windows\your_username$, or with
the IP-address of the "windows" server in place of the name.

For the past several months, we've been testing SFTP (Secure FTP, a protocol
built on SSH) to transfer files to and from Windows from inside and
especially from outside the Department in a secure way.

NetBIOS-style mapping from outside the Department had to be disabled on the
Windows file server without prior announcement because of a newly discovered
vulnerability in WindowsNT and Windows2000 that can be exploited to launch
denial-of-service attacks.

The only way to access your U: share on the Windows server from outside the
Department from now on is SFTP. This is a much more secure way of accessing
data, since usernames/passwords are encrypted and not transmitted in clear
text (in fact, the entire data transfer through SFTP is encrypted).

On Windows PCs, we recommend the SFTP client included in the "SSH Secure
Shell" package available for download from OIT's Software To Go site at
http://softwaretogo.osu.edu/upgrades/stg2wnx.html . This SFTP client will
open like a folder allowing you to double-click on and drag files, giving you
the same functionality as a locally mounted share. For example,
double-clicking on a Word file will download the file to your local computer,
start Word, and offer to upload the modified file when you save and exit from
Word.

For updated information on what other SSH clients with SFTP are available for
PCs and Macs, see

  Internal --> Computer Support --> The Great SSH Primer

For more details on SFTP, see the new FAQ

  Internal --> Computer Support --> Chemistry Department Related FAQs -->
           --> How do I access data on the central Unix and Windows
               servers from outside the Department?


7) Windows News: Automated Windows2000 Updates:



Keeping the approximately 600 Windows PCs in the Department updated is a
rather difficult proposition. Microsoft issues security and other fixes on a
regular basis. Until recently, there was no mechanism to automatically roll
out fixes without somebody having to walk to each and every PC.

Windows2000 Service Pack 3 includes an AutoUpdate utility that will check a
server periodically for new software updates. We have installed a Software
Update Server in the Department that automatically downloads the latest fixes
from Microsoft. After we approve some or all of those fixes, individual
Windows2000 desktop machines in the Department will automatically download
and install them between 2 am and 4 am. Some of those fixes require reboots;
if you find your Windows2000 machine rebooted in the morning even though you
didn't log out in the evening, this is a good sign indicating that the
mechanism is working (note that the reboots can be turned off if you need
your computer to stay up because of computations or running experiments).

We are continuing with our effort of rolling out Windows2000 Service Pack 3
to as many computers as possible. There are still a lot of PCs, especially
older models, running Windows 95, 98, ME and NT. Whereever possible, we'd
like to upgrade those to Windows2000. Only Windows2000 and WindowsXP
computers can use AutoUpdate, and the computers need to be in the CHEMISTRY
domain for this to work.


8) Lab News: More New Lab PCs:



Continuing the upgrade process of the aged PCs in the Computer Lab 2105 NW
mentioned in the last issue of COMPNEWS, the remaining 6 old PCs have been
replaced with brand-new ones built from parts. We now have a total of 12 new
PCs running Windows2000. All the old mice have been replaced with new optical
mice, and 10 monitors have been replaced. The specs of the 6 latest PCs are
as follows:

 1.47 GHz Athlon CPUs
 256 MB Kingston 266 MHz DDR memory
 IBM 40 GB ATA-100 disk drives
 GeForce2 video cards
 IntelPro 10/100 Ethernet cards
 Iomega 250 MB ZIP drives
 Plexwriter 24/10/40 CD-RW

A FAQ on how to use the CD-RW drive to burn your own CDs is available under

  Internal --> Computer Support --> Chemistry Department Related FAQs -->
           --> How do I burn a CD from the lab machines?

Sound cards have been added to all 12 PCs.


9) Unix News: Linux upgrades:



We've been running Redhat (RH) 6.2 for several years on about 20 centrally
managed PCs in research groups for several years, and it has been very
stable. RH the company has since gone to a new version, 7.x, using the newer
2.4 kernel. This newer kernel offers better multi-processor support, among
many other things. While it doesn't make a lot of sense to upgrade computers
every few months to be on the cutting (bleeding) edge, we need to upgrade
from time to time to get the benefit of new features and better security.

We tested RH 7.2 and 7.3 for a while and found both to be equally stable (RH
7.3 came out after we had finished testing 7.2). As of this writing, RH 8.0
has been released, but it's almost always a bad idea to go to a '.0'
version.

With this new release, we've developed a method to automatically install and
configure the computers even faster than before, with less operator input
required (kickstart). While we had to add security patches "by hand" under RH
6.2, this is now automated as well; each RH 7.3 computer will check an FTP
site for updates every night (autoupdate).

As far as the desktop is concerned, you have a choice between KDE and Gnome
at the login page (default: Gnome). Sun's Java SDK v1.4 is installed. The
rest of the installed software packages is comparable to what was available
under RH 6.2.

Gaussian is installed on all systems; the current version is g98 RevA11.3.

For the first time, we now have a batch queuing system, PBS, on all Linux
machines. Each computer has one default queue 'workq'. The job limit is 1 on
single-processor machines and 2 on dual-processor machines. Gaussian jobs can
be submitted to PBS with the command 'subgauss'. The subgauss command works in
the same way as on the RS6000 computers in the Lab 2105 NW. If you want to
submit jobs other than Gaussian to PBS, you may want to check the 'qsub'
man-page ('man qsub'), and/or look at a Gaussian job file as created by
subgauss.

We also remind everyone that the local /scr directories are not being backed
up. Important data should be stored in your /home directory.

Most of the Linux computers in the Department have been upgraded, and any new
machines will be installed with RH 7.3


10) General Tips: Did you know that...?



 ... you need to remember your passwords? See FAQ "Why do I have so many
     accounts/passwords?" The most frequent reason why users think the DPR
     system, or their Eudora, or the Calcium calendar is broken is because
     they can't remember their password, or they don't know which password to
     use. PLEASE read this FAQ. Really.

 ... you may not deploy wireless access points (e.g. Apple Airports) in the
     Department? Open access points are against University policies, and they
     allow anybody on the street to get behind our firewall.

 ... you're not supposed to remove shortcuts, remove software or install
     any software on the PCs in the Computer Lab 2105 NW?

 ... if you use one of the Macs in the Computer Lab 2105 NW, you need to
     authenticate with your osu.edu username/password before you can use
     an application that accesses the network (such as SciFinder)?

 ... staff members should not attempt to install new software on their
     computers themselves? Usually such attempts result in broken systems,
     and it often takes hours to fix them.

 ... you are supposed to send all requests and problem reports to

        support@chemistry.ohio-state.edu

     and NOT to individual members of the support staff? Otherwise, you might
     not get any response if one of us is sick, on vacation, or very busy
     with other tasks.

 ... our FAQs on the web pages contain lots of information about
     recurring problems? Check them out under

        Internal --> Computer Support --> Chemistry Department Related FAQs

     If you have a question that looks like something that somebody else may
     have asked already, try checking the FAQs first.

 ... we perform daily backups of Unix home directories and email spools on
     the chemistry Unix server, as well as daily backups of all U: shares on
     the Windows file server? There are NO BACKUPS of files on individual
     PCs, Macs or Unix workstations.

 ... if you get a message from someone telling you that IBM or another
     computer company just released info about the latest and most terrible
     virus, or one that says that this warning is very new and to SEND IT TO
     EVERYONE YOU KNOW! this message is very likely a hoax? See

        Internal --> Computer Support --> Security and Virus Information

 ... laptops being taken in and out of the Department represent a huge
     security exposure against which our firewall and other tools are
     powerless? Unless you have secured your laptop, have disabled
     unnecessary services, have kept up with patches and are running a
     personal firewall, it is only a question of time until disaster
     strikes.

 ... we cannot tell you your current passwords on Unix or Windows? Passwords
     are stored in encrypted form. We can only change them. If you want to
     have a password changed, please stop by in person and bring an ID.














		
      
    

  

	Contact Information:

	Department of Chemistry

	The Ohio State University

	100 W. 18th Avenue

	Columbus, Ohio 43210

	phone: (614) 292-2251

	fax: (614) 292-1685

	Contact Us






 


If you have trouble accessing this page and need to request an alternate format, 

please contact Michael Reed at mreed@chemistry.ohio-state.edu


© 2005, All rights reserved, The Ohio State University, Department of Chemistry