News - 2002

The bulletins were written and distributed by Yehavi Bourvine.

News bulletin #187
15-December-2002

• SPAM filters - clarifications
  A few days ago we’ve announced that spam filters will be activated as from 22/12/2002. In the meantime we've enabled the spam filters in a "warning mode" which passes on the spam with a notification. This is in order to tune this system (and a few corrections has already been made, like handling of Hebrew messages). The spam classification is handled according to several rules, which check various aspects of the message, like common words, extra bolding, colors, etc. If the message fails the spam check, then it is marked as a spam.
  If you receive a legitimate message marked as spam please forward the entire message (including full headers and message's contents) to juli@cc.huji.ac.il for further tuning of the filters.
  
  
• Microshop pricing policy changes
  Due to the university's regulations, we have to charge 5% service fee to the Supply department. This will apply to all microsoft Office family and Windows Operating Systems software licenses which are bought via the computation center’s "microshop". The new prices are valid as of December 1st, 2002.

News bulletin #186
12-December-2002

• Changes in e-mail handling
  
  Starting Sunday, 22/12/2002, the following changes will take place in the university's e-mail systems:
  
  
  • Direct outgoing SMTP to servers out of the university will be blocked
    Mail clients on personal computers are incapable of routing themselves outgoing mail. Hence, an SMTP server is defined, to which outgoing mail is sent to. Currently you can use any SMTP server in the world that is willing to grant this service. As from 22/12 you'll have to set your SMTP server to one of the university's mail servers. Most users’ mail clients are already set up correctly, and only a few users, who use external mail servers, will have to adjust their settings.
    
    
  • We recommend using our central SMTP server: outmail.huji.ac.il for outgoing mail. This server performs virus scanning, thus protects you from sending viruses to your colleges. This change is introduced as a preparation for setting a unified central handling (like virus scanning and spam removal) of all messages sent/received at the university. (SMTP = Simple Mail Transfer Protocol).
    
    
  • SPAM filters:
    As you've noticed the amount of incoming spam messages is increasing. As from 22/12 we'll start filtering the spam messages and discard them before they reach the users. This is in an effort to help our users do productive work.
    
    
  • - For any question you can call our helpdesk at 02-6585555 or 02-5883450

News bulletin #185
10-December-2002

• Crucial security patches for Microsoft's Internet Explorer & Outlook Express
  
  Microsoft has released recently two security patches for the above products. We urge our users to install them. The combined patches are available at HUJI's security site at the following URLs:
  • Patches for Internet Explorer version 5.5:
    • English: http://secinfo.huji.ac.il/patches/ie5.5/q324929.exe
    • Hebrew: http://secinfo.huji.ac.il/patches/ie5.5/he/q324929.exe
  • Patches for Microsoft Internet Explorer 6 sp1:
    • English: http://secinfo.huji.ac.il/patches/ie6/sp1/q324929.exe
    • Hebrew: http://secinfo.huji.ac.il/patches/ie6/he/sp1/q324929.exe
  • Following are links to Microsoft's references for those who would like to know more about these patches:
    • Microsoft Security Bulletin MS02-067
      E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)
      Affected Software: Microsoft Outlook 2002
      End user bulletin: http://www.microsoft.com/security/security_bulletins/ms02-067.asp
      
    • Microsoft Security Bulletin MS02-068
      Cumulative Patch for Internet Explorer (324929)
      Affected Software: Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0
      End user bulletin: http://www.microsoft.com/security/security_bulletins/ms02-068.asp
    • Microsoft Security Bulletin MS02-067
      Download patch: http://office.microsoft.com/downloads/2002/olk1005.aspx
      
      
      
      
• Reminder: Excessive use of network resources
  
  Excessive use of the network by a single computer is very costly and unjustified in occasions. It overloads the network and interferes with the intended use of the network. Such users are requested to state whether their excessive use is limited to academic work.
  The university pays for incoming and outgoing traffic, and excessive use of resources increases the payment. Recently, we noticed an abrupt increase in traffic, some of which is attributed to peer-to-peer applications (for example - Kazaa), which also pose legal problems such as sharing of copyrighted material. We would like to emphasize that the usage of the network in the University is limited to academic purposes and legal activities only. We aspire to an efficient use of the network and consider charging users for excessive use of these resources.
  Regarding the proper use of the university's network, please read the university's policy guidelines at http://ca.huji.ac.il/policy.shtml
  
  
  
  
• Use of OTP (One Time Password) cards
  
  Some members (student and staff) of the School of Computer Science and Engineering hold (or will have soon) cards that supply a one time password. These cards will be supplied to other administrative staff from other departments and campuses as well. The password generated by this card replaces the 4-digits secret code associated with your ID number. We are now in the process of adjusting our systems to use the code that is generated by the OTP cards. Therefore, if your login to one of the university’s servers using your 4 digits personal code fails and you own such a card, you should use the “one time password” generated by the card instead of your 4 digits code.
  Please note: Since we are in the process of implementing the OTP to our systems, some services might still work with the old password while other services require the card's password.
  For support please contact our support teams on 6585555 or 5883450

News bulletin #184
20-September-2002

• Excessive use of network resources
  
  Excessive use of the network by a single computer is very costly and unjustified in occasions. It overloads the network and interferes with the intended use of the network. Such users are requested to state whether their excessive use is limited to academic work.
  The university pays for incoming and outgoing traffic, and excessive use of resources increases the payment. Recently, we noticed an abrupt increase in traffic, some of which is attributed to peer-to-peer applications (for example - Kazaa), which also pose legal problems such as sharing of copyrighted material. We would like to emphasize that the usage of the network in the University is limited to academic purposes and legal activities only. We aspire to an efficient use of the network and consider charging users for excessive use of these resources.
  Regarding the proper use of the university's network, please read the university's policy guidelines at http://ca.huji.ac.il/policy.shtml
  

News bulletin #183
9-September-2002

• Windows XP home edition warning
  The MicroShop team would like to advise users NOT to buy the windows XP Home edition. This version doesn't suit the university's environment and also cannot be upgraded to another version. Since this version is incompatible with our environment we cannot support it. For more information please call Naama at 84069.

• Virus hoax
  There are a lot of false virus warnnings sent to various people by some ill meant persons who want to frighten the Internet users. Symantec has a list of the most common ones in the following web site:
  http://www.symantec.com/avcenter/hoax.html

• Cost saving by using computers power management
  Inside the university there is a large amount of equipment (computers and others) which is left constantly on, even when not needed. This has three major implications:

  • The computers are wasting excessive mains power, in addition to unneeded air-conditioning used to cool them down. In a big institute like the university the sum of all these "small" consumptions is quite big (in the range of a few hundreds of thousands NIS per year).
  • The excessive power consumption amounts to some of the environmental pollution.
  • Leaving equipment working unattended is hazardous and might lead to fires caused by hardware malfunctions.
    
    Hence, we suggest the following:
    
    
  • Use power management for the monitor, which attributes at least half of the power consumption (and heat dissipation) of the computer.
  • Enable a screen saver to turn-off the monitor automatically after some idle period.
  • If you must leave the computer on, then turn off the screen at the end of the day, or at least enable a screen saver as stated above.
  • Whenever possible, turn off all equipment at the end of a working day, like printers, etc. In the past it was common to think turnning off electronic equipment may damage it. Recent researches show that no damage is caused to equipment which is turned off daily.

News bulletin #182
28-August-2002

• Matlab new version
  Matlab new version: We received Matlab version 13, and a new set of books of the toolbox. Current users of Matlab wishing to obtain an upgrade can contact Tamar at tamara@vms.huji.ac.il or 84217

• Microsoft security patches
  Microsoft has released three new security patches to overcome a few security problems with their products. Enclosed bellow you'll find the introduction from Microsoft's site regarding these problems. For more information and a pointer to Microsoft's original message connect to our site - http://secinfo.huji.ac.il/sec_bulletins.htm
  For each advisory please notice the exact software and version it affects.
  NOTE: Those who do not wish to update the patches manually or learn how to download them, can use the Window's built-in update mechanism (Start->Windows update) and ask for a scan of critical updates. Following are more details regarding each update:
  -------------------------------------------------------------------
  MS02-044 Unsafe Functions in Office Web Components (Q328130)
  Affected Software: Microsoft Office 2000 , Microsoft Office XP
  The Office Web Components (OWC) contain several ActiveX controls that
  give users limited functionality of Microsoft Office in a web browser without requiring that the user install the full Microsoft Office application. This allows users to utilize Microsoft Office
  applications in situations where installation of the full application is unfeasible or undesirable...
  Download patch
  Microsoft Office 2000 , Microsoft Office XP
  http://secinfo.huji.ac.il/patches/office/owcupd.exe
  -------------------------------------------------------------
  MS02-045 Unchecked Buffer in Network Share Provider Can Lead to Denial of Service (Q326830)
  Affected Software: Windows NT4 Workstation/ Server , Windows 2000 Pro/Server , Windows XP SMB (Server Message Block) is the protocol Microsoft uses to share files, printers, serial ports, and also to communicate between computers using named pipes and mail slots. In a networked environment, servers make file systems and resources available to clients. Clients make SMB requests for resources and servers make SMB responses in what described as a client server, request-response protocol. By sending a specially crafted packet request, an attacker can mount a denial of service attack on the target server machine and
  crash the system. The attacker could use both a user account and anonymous access to accomplish this. Though not confirmed, it may be possible to execute arbitrary code ...
  Download patch
  Windows NT4 English - http://secinfo.huji.ac.il/patches/nt4/Q326830i.exe
  Windows NT4 Hebrew - http://secinfo.huji.ac.il/patches/nt4/HEBQ326830i.EXE
  Windows 2000 - http://secinfo.huji.ac.il/patches/winn2000sp4/Q326830_W2K_SP4_X86_EN.exe
  Windows XP - http://secinfo.huji.ac.il/patches/Win-xp/Q326830_WXP_SP1_x86_ENU.exe
  -----------------------------------------------------------------
  MS02-047 Cumulative Patch for Internet Explorer (Q323759)
  Affected Software:
  Internet explorer 5.01 ,5.5 , 6
  This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and 6.0. In addition, it eliminates the following six newly discovered vulnerabilities ...
  Download patch
  Internet explorer 5.01 English - http://secinfo.huji.ac.il/patches/ie5.01/q323759.exe
  Internet explorer 5.01 Hebrew - http://secinfo.huji.ac.il/patches/ie5.01/he/q323759.exe
  Internet explorer 5.5 English - http://secinfo.huji.ac.il/patches/ie5.5/q323759.exe
  Internet explorer 5.5 Hebrew - http://secinfo.huji.ac.il/patches/ie5.5/he/q323759.exe
  Internet explorer 6 English - http://secinfo.huji.ac.il/patches/ie6/q323759.exe
  Internet explorer 6 Hebrew - http://secinfo.huji.ac.il/patches/ie6/he/q323759.exe
  

News bulletin #181
12-Aug-2002

• Intermitent servers and communication outage during 3-5/9/02.
  
  Intermitent servers and communication outage during 3-5/9/02: During that period there will be massive electrical works in Taylor building. Although the critical equipment should be fed from a generator during these works, human mistakes might happen and may take all our equipment down without prior notice (and without estimate of time to repair...).
  
  On 5/9/02 we plan 2-3 hours of downtime while rewiring the UPS to the new mains system. If our systems go down then the entire communications in Edmond J. Safra Campus will be down, and so will be all our external connections (modems, ADSL, Internet, etc.).

News bulletin #180
16-July-2002

• IMSL removal
  
  IMSL removal: because of budget cuts we are forced to withdraw the usage of the IMSL mathematical package starting from 1/8/2002.

  
  

News bulletin #179
7-July-2002

• Security bulletin - Microsoft media player
  
  There are a few vulnerabilities in Microsoft's Media player which is installed by default with all Windows installations. This vulnerability allows WEB servers to send you code to be run on your computer (this code is hidden inside movies and music). We suggest that you install the patch that fixes it by downloading the files bellow and execute them to install the patch. There are few versions of the media player, and you need different patches for the different versions. In order to find your installed version please follow the menus:
  
  START-> Programs-> Accessories-> Entertainment-> Windows Media Player
  and then on the Toolbar of Media player click: Help -> About Windows Media Player
  
  The patches are available at:
  
  Microsoft Windows Media Player 6.4:
  http://secinfo.huji.ac.il/patches/other/wm320920_64.exe
  
  Microsoft Windows Media Player 7.1:
  http://secinfo.huji.ac.il/patches/other/wm320920_71.exe
  
  Microsoft Windows Media Player for Windows XP:
  http://secinfo.huji.ac.il/patches/other/wm320920_8.exe

News bulletin #178
24-June-2002

• IMSL users
  
  The license of IMSL has expired and is being renewed.
  Since there are only 30 users who use this application, each user will
  have to contribute the amount of $100 per year. Please write to Tamar
  (tamara@vms.huji.ac.il) or Marian (marian@vms.huji.ac.il) regarding
  the payment procedures.

• Adobe Acrobat
  
  Adobe Acrobat writer is available at our microshop. For details please call 84217 or 84069.

News bulletin #177
29-May-2002

• Help desk
  
  Please direct all your questions/problems to our helpdesk at 02-6585555 (Edmond J. Safra Campus) or 02-5883450 (Mt. Scopus). Directing all requests to the helpdesk rather than specific person is more efficient and usually will give you faster and better response.
  
  

• ADSL connection instructions
  
  To remind you, the instructions available at the following URL: http://ca.huji.ac.il/services/internet/connect/connect.shtml#adsl

• ADSL routers
  
  The modem that Bezeq supplies supports only one PC per line. Users who have a local network at home cannot connect it directly to the modem, but need one of the following:
  • Modifying the modem's software; this is illegal and causes some problems, so we recommend to stay away from it.
  • Connecting a PC with two ethernet cards, running a gateway program which connects the other stations to the world. This works, but you need some knowledge how to operate such software.
    
  • ADSL router: This equipment is a "black box" which does the previous thing but in a commercial solution. Such boxes cost around
    $200-$300 and should be trivial to install.
    
    
• SAS users
  
  if you are a SAS user, please write to Marian at marian@vms.huji.ac.il, and specify the platform(s) (Operating System(s)) of the SAS program(s) you use, and, if you have a SAS copy on your PC, what the last version of SAS is. Thank you!
  
  
• IMSL users
  
  With the renewal of IMSL license for year 2002/2003 we'll charge every IMSL user $100 per year. We would like to know whether you are willing to pay it or not, so please answer either to marian@vms.huji.ac.il or tamara@vms.huji.ac.il
  
  
• SeqWeb - Web Interface to sequence analysis GCG program
  
  SeqWeb - the user-friendly web version of the GCG package is now available. We are aware of the fact that this web version has some problems, but there are still some advantages for the users, especially when graphics is involved. If you have an e-mail address on any Hebrew University machine, you are entitled to open an account for SeqWeb. Otherwise please call Michal at 87044 to find if there is any way for you to open an account. If you are interested in opening such an account, please fill the form at http://bioinfo.md.huji.ac.il/seqweb/login.shtml and submit. As soon as an account is open, you will get an e-mail, to the HU e-mail address you specify below. In case you don't get a response within a week, please call Michal at 87044.

News bulletin #176
11-March-2002

• ADSL special deal
  
  Bezeq is offering a special deal to users of large organizations: If there are enough users to order ADSL lines by 16/5/02 then each user gets a small present (Optical mouse, wireless keyboard or loudspeakers (the actual present depends on the total number of orders).
  Please note:

  • To order call 1-800-800-800 and specify "kod mivza 1420". Without this you are not entitled for the present.
  • The prices are the same as for other ADSL orders. The only benefit is the present.
  • The actual present depends on the number of lines ordered.
  • On the other hand please note that the cables are going to enter the Internet market also. They are expected to offer service only in 3 months from now; we are negotiating with them to become one of the ISPs there, but there is no outcome yet.
    
    

• Public access ports

  There are access points to the network at various public places at the university (classrooms, corridors, etc.). In order to prevent unauthorized use of them, some of these ports are opened on demand in order to avoid security issues. We are now implementing a new policy over these ports and over others (like dorms). In the new policy these ports are active and connected to a private network which is disconnected from the world. Only after being authenticated you can access the network from these ports. For details about configuring your computer and authenticating please see http://ca.huji.ac.il/services/internet/connect/vpn/vpn.shtml In order to authenticate you can use the same username as you use in the modems. Those who do not have mode access can authenticate with the ID number (8 digits only) in the format: id%pub (for example: 12345678%pub). These ports are marked with a red tape labeled "Public port" or in Hebrew "Reshet Mizdamnim".
  
  
  

.
Last update,15.12.02

The Authority for Computation, Communication & Information
Copyright ©, The Hebrew University of Jerusalem. All Rights Reserved

Sitemap

Webmaster