Information Technology News Archive

1996 - 2017

You are here: Home / Archives for Windows

Windows

OIT Responds to Security Incident

by

Windows security

Between Saturday, February 26th and Sunday, February 27th an unauthorized user was able to gain access to a Microsoft Windows server operated by the Office of Information Technology. The user was able to access files which may have allowed her/him to compromise a large number of passwords.

The OIT Security team identified the abnormal network behavior on Sunday, February 27th and was able to stop the attackers from gaining additional access. The quick response was instrumental in preventing a more serious incident.

At this time, OIT does not believe the user accessed any other data. OIT has engaged an outside forensics company to validate the incident investigation and to add additional expertise to the response team.

In response to the unauthorized access, OIT undertook the complex process of having users change passwords which may have been affected.  In addition, significant time was dedicated to a detailed review of systems and access logs for evidence of inappropriate access and use of stolen user ids and passwords.

OIT is reviewing its processes and procedures to ensure security remains a high focus and priority.

If you notice any unusual activity related to your computer account, such as your account logged in by someone other than you or problems logging in, please notify the OIT Security team, or call the OIT help desk.

Microsoft Vista and Office 2007 Migration

by

Windows Vista Logo

Windows Vista Logo

Microsoft has released new editions of its Windows operating system, Vista, as well as its productivity suites Office 2007 and Office 2008 for Macintosh.  Here is some information NACS has collected to help users and departments adapt to and make optimal use of these new tools.

In the summer of 2007, NACS coordinated a series of workshops, partly funded by a grant from Microsoft.  We are currently planning the next series of workshops.

NACS works with its counterparts at other UC campuses to be sure UCI faculty and staff have access to advantageous licensing programs, including UC-MCCA (the Microsoft Consolidated Campus Agreement).

We have introduced Vista and Office 2007 in the AIRB training lab, and will expand their availability as demand grows.

NACS and departmental computing support staff can assist faculty and staff deciding when (or whether) to migrate to Vista and Office 2007. Vista requires a higher-performance system to run effectively, and Office 2007 and 2008 introduce new file formats that are incompatible with earlier versions.  Office 2007 and 2008 offer the option to save files in a backward-compatible format, and users of earlier versions of Office can download the free Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007.

Windows Vista runs most software well, but some specialized research or administrative tools won’t run under Vista. NACS recommends purchasers of Vista systems plan to test their most important applications in advance of purchase.

Today, all new PC purchases running Windows come with Vista licenses.  If running Windows XP is important to you, choose a business-class system from a reseller like Dell or HP, and select a Windows XP configuration.  The University’s strategic sourcing reseller, KST Data, offers a variety of systems preconfigured with Windows XP Professional.  Be aware that obtaining the correct XP drivers for hardware designed for Vista may be problematic.

Microsoft last released a service pack (a collection of software updates) for Windows XP in May, and therefore by Microsoft policy, XP will be supported until at least May 2009.  However, Microsoft has not committed to supporting or retiring XP beyond that date.  Interested users can follow Microsoft’s evolving plans for XP at the Windows Service Pack Road Map web site.

DCS Offers SunRay™ Support

by

If you own and use a single Unix or Windows workstation, the effort required for system administration (maintenance, security, software licensing, and user support) is usually not an unreasonable burden. But if you have a group of systems, this can drain precious resources away from your research or other duties.

NACS Distributed Computing Support (DCS) now offers a cost-effective alternative. DCS can help you acquire, set up, configure, and maintain a client/server environment based on SunRay™ workstations instead of individual computers.

SunRay™ workstations are “smart terminals” which boot off the network, and then behave just as if they were independent Unix or Windows workstations. The SunRay™ client machines have jacks for connecting keyboard, mouse, display, and USB devices, as well as local memory, but leave everything else to the server.

The operating system (Windows or Unix), and all the application software your users need are installed on a single server. One copy is much easier and cheaper to keep up to date, and when new applications are needed, installing once is much faster than managing multiple independent workstations. (You still need to be sure you are licensed to run as many copies of the software as you need.)

This service may be of particular interest to people responsible for setting up and maintaining instructional labs, or researchers who oversee a large number of graduate students to whom you supply computers. If you are interested in exploring whether this technology can help you, contact NACS.

Windows Security

by

A recently announced security problem in Windows will not be fixed for users of Windows NT.

Microsoft has issued a security warning for Windows NT 4.0, Windows 2000 and Windows XP systems. Bulletin MS03-010, dated 26 March 2002, states that this vulnerability could be used by “an attacker … [to] cause the target machine to fail.”

Microsoft does not plan to provide a fix for it on Windows NT 4.0, which is still being used by various departments at UCI. Microsoft says that they have, “extensively investigated an engineering solution for NT 4.0 and found that the Windows NT 4.0 architecture will not support a fix to this issue, now or in the future.”

So, what’s an NT user to do? Microsoft itself recommends placing such systems behind a “firewall which is filtering traffic on Port 135.” Fortunately, NACS has been running a port blockade on this port since November 5, 2002 (more information on the port blockades). This blockade restricts all off-campus systems and Residential Housing computers sending traffic to these ports on campus.

While this keeps UCI users of Windows NT safe from outside attempts to exploit this weakness, it is prudent for departments to develop a migration strategy away from NT, as Microsoft no longer supports NT nor promises to develop security patches as vulnerabilities are discovered.

Remote Access to Windows

by

When NACS closed NetBios ports at the border router as a critical security measure, it was no longer possible for campus personnel to use Windows file sharing services between work and home, at least not without working through the campus VPN device. (SeeNACSNews 2002.10)

But there is an alternative for those who need to use a campus Windows computer from home or other remote location which does not depend on NetBios ports.

Windows 2000 Server’s Terminal Services (or “Remote Desktop” for Windows XP) are the recommended means of remotely using and administering Windows systems. It’s free, and secure when configured correctly. Moreover, if you use a Macintosh at home, you can download an ICA client which uses the same technology (based on Citrix Metaframe) to access a Windows system from your Mac.

It is important to note that two recent security flaws were detected in these services for which Microsoft has issued a patch, which resolves the problems. All default installations should be patched prior to use on UCInet. An explanation of the issues and a link to the patch may be found on the Microsoft Web site.

As with all security issues, turning this service on is expected to be safe with the patches installed, but may leave the machine open to manipulation if further vulnerabilities are discovered.