Blog from June, 2012

On Thursday 28 June 2012 between 07:00 and 08:00 local Bremen time servers and network components will be updated.

Server and network operations will be unreliable. Expect unavailable servers and sudden downtimes of services without prior explicit announcement.

If you have to work on files stored on the server during that time, then before the maintenance hour copy the respective files to your local hard disk, work on it locally, and after finishing your work and after the end of the maintenance interval, copy them back onto the server.

For more details on the maintenance hours see the Maintenance Hours page.

External mail gateway overloaded due to SPAM attack

A user account on our internal mail system has been compromised and abused to send SPAM mails. The attack started around 2:40 p.m., Sun June 25th.

Symptoms 

Due to the huge number of mails to process on the external mail gateway, the cluster software used to provide high-availability for this service was unable to verify the fitness of the provided services and stopped the processing of mails. Thus no mail passes from outside the University to the inside and vice versa. 

Impact 

Due to the huge number of SPAM mails currently spooled in the mail system it will take a while to clean up the queues. No regular mail will be lost, all mail in transit is spooled on either our internal mail server or on the mail servers of the sending side.

At 9 a.m. Monday morning it is not clear, if our mail servers are blacklisted on DNS black lists used for fighting SPAM, see also http://en.wikipedia.org/wiki/DNSBL. If this happened, IRC-IT will act promptly to remove these listings to return the mail connectivity back to normal. 

Update 9:20 a.m.

The external mail gateway is back up again, and so far no listings in DNSBLs are visible, although major mail providers like Yahoo or AOL currently block mails from our mail server. This restriction will be lifted in the next few hours.

Update 9:40 a.m. 

All mail systems are running clean again.

The cause of the SPAM attack has been identified as a password passed on by a Jacobs user due to a successful phishing attempt, the origin of the attack has been localized to an IP address range assigned to a Nigerian Internet service provider.

Herewith again a reminder to use a secure password - a combination of upper and lower case characters, numbers, punctuation and symbols. Avoid passwords, which are regular words found in dictionaries, also avoid passwords which are shorter than 8 characters. Change the password frequently, and no not - never - give the password to a third party!

Update 3:15 p.m. 

Unfortunately the external mail gateway is again blacklisted by major mail providers, namely Yahoo, T-Online and AOL. Mail delivery to these addresses will be delayed.

After more than 10 years of operation, Jacobs University's central network components need to be replaced. As this operation involves exchange of physical devices and requires recabling, there will be no data network during the upgrade.

THERE WILL BE NO DATA NETWORK AT JACOBS UNIVERSITY ON WEDNESDAY, JULY 25, 2012, from 18:00 to around 22:00.

"Data network" includes "The Internet", any server access, file server included, external or internal, WLAN, desktop switches, VPN, CampusNet, Jacobs Email, any other email provider, IRC-IR library resources, RefWorks, Find It, Skype, Google, YouTube, DiabloIII, Dropbox, Skydrive, last.fm, everything.

(warning) If it needs Jacobs' data network, it won't be accessible.

Telephony in general will not be affected and will continue to work, though network-based telephony features including Blue House phones and Jacobs phones migrated to Jacobs Unified Communications won't work, either.

IRC-IT will shutdown virtual servers hosted in our infrastructure starting at 18:00, and restart them after network access has been restored.

All server and application administrators at Jacobs University need to ensure, that their IT services will recover gracefully from the network interruption and/or from the reboot.

The date has been chosen and harmonized to minimally impair operation of Jacobs University.

If you have questions regarding your server(s) or network access, please contact Service Desk for Faculty and Staff.

 

Update  Jul 25, 2012, 21:10

All network services are back to normal. 

Jacobs University's computer science teaching lab (CSTL) installation has received the award "Best of 2012" from the "Initiative Mittelstand"!

The certificate reads:

"Dieses ausgezeichnete Produkt hat die Jury besonders überzeugt und gehört damit zur Spitzengruppe aus über 2.500 eingereichten Bewerbungen."

Our product is called "Flexible Desktop Provisioning" and the award was received in the category "On Demand" of the program "Innovationspreis-IT"!

 

On Thursday 21 June 2012 between 07:00 and 08:00 local Bremen time servers and network components will be updated.

Server and network operations will be unreliable. Expect unavailable servers and sudden downtimes of services without prior explicit announcement.

If you have to work on files stored on the server during that time, then before the maintenance hour copy the respective files to your local hard disk, work on it locally, and after finishing your work and after the end of the maintenance interval, copy them back onto the server.

For more details on the maintenance hours see the Maintenance Hours page.

WLAN improved

 

Additional access points have been installed in various buildings to increase WiFi/WLAN Access availability.

WLAN access points having caused sporadic issues in the past have been upgraded with a new firmware or replaced with different models to increase WiFi/WLAN Access stability.

 

On Thursday 14 June 2012 between 07:00 and 08:00 local Bremen time servers and network components will be updated.

Server and network operations will be unreliable. Expect unavailable servers and sudden downtimes of services without prior explicit announcement.

If you have to work on files stored on the server during that time, then before the maintenance hour copy the respective files to your local hard disk, work on it locally, and after finishing your work and after the end of the maintenance interval, copy them back onto the server.

For more details on the maintenance hours see the Maintenance Hours page.

On Thursday 07 June 2012 between 07:00 and 08:00 local Bremen time servers and network components will be updated.

Server and network operations will be unreliable. Expect unavailable servers and sudden downtimes of services without prior explicit announcement.

If you have to work on files stored on the server during that time, then before the maintenance hour copy the respective files to your local hard disk, work on it locally, and after finishing your work and after the end of the maintenance interval, copy them back onto the server.

For more details on the maintenance hours see the Maintenance Hours page.

This is an automatically generated measurement of key performance indicators (KPIs) of Application Provisioning Services for May 2012.

The list of other KPI measurement reports is at KPI Measurements.

KPI Summary Table

KPIs Specified

Not Measured (warning)

Targets Met (plus)

Targets Failed (minus)

13

0

13

0

KPI Measurements

If the specification is met, a (plus) is in the Met column, else a (minus); KPIs not measured have a (warning) there.

SLA

Host

Service

Target

Measured

Met

Remote Login Shell Service

login

SSH

99.000000%

100.0%

(plus)

Teamwork Service

hermia

HTTP

99.000000%

99.718%

(plus)

 

 

HTTPS

99.000000%

99.213%

(plus)

Faculty Web Service

facultyweb

FTP

99.000000%

100.0%

(plus)

 

 

HTTP

99.000000%

100.0%

(plus)

 

 

HTTPS

99.000000%

100.0%

(plus)

SJIRA01

sjira01

HTTP

99.000000%

99.991%

(plus)

 

 

HTTPS

99.000000%

99.991%

(plus)

 

 

SSH

99.000000%

99.991%

(plus)

Alumni Email Server Service

helena

HTTP

99.000000%

100.0%

(plus)

 

 

POP3

99.000000%

100.0%

(plus)

 

 

IMAP

99.000000%

100.0%

(plus)

 

 

SMTP

99.000000%

100.0%

(plus)

Additional Services Information

The following Server Hosting Services are measured as a convenience for the Service Customer to ease service maintenance.
IRC-IT is not responsible for ensuring quality and achieving KPIs of these services.

SLA

Host

Service

Measured

CampusNet Server Service

scnweb01

SNMP

99.998%

 

scnapp01

SNMP

99.985%

 

scnsql01

SNMP

97.83%

WebServer Service

swebsrv01

HTTP

99.805%

 

 

HTTPS

99.832%

 

 

SSH

99.996%

 

swebdev01

HTTP

91.594%

 

 

HTTPS

(not measured)

 

 

SSH

91.784%

 

swebsvn01

HTTP

(not measured)

 

 

HTTPS

(not measured)

 

 

SSH

(not measured)

Schomäcker Server Service

sschomkr01

SNMP

99.846%

 

 

MSSQL

99.844%

GiroWeb Server Service

sgiroweb01

SNMP

99.999%

 

 

HTTP

99.985%

 

 

MSSQL

99.991%

Alumni Application Server Service

alumniweb

HTTP

100.0%

 

 

HTTPS

(not measured)

Career Service Center Server Service

csc

HTTP

100.0%

 

 

SSH

100.0%

SLA Counseling Center

scouncil

HTTP

(not measured)

 

 

SSH

(not measured)

ALEA Server Service

alea

HTTP

99.996%

IRC-IR Institutional Repository DSPACE

sdspace

HTTP

99.983%

 

 

HTTPS

(not measured)

 

 

SSH

99.985%

SLA Torrent Seeder Geoscience SOPENDTECT

sopendtect

SSH

94.479%

Graduate Student Association Server SLA

sgsa

HTTP

84.991%

 

 

SSH

84.995%