ISG News has posted a new item, 'Maintenance Downtime of D-PHYS Mail Server on
9-Jan-2014'
On Thursday, the 9th of January 2014, starting in the late afternoon, we will
run multiple software updates on the D-PHYS mail server. We do expect multiple
downtimes throughout the evening, partially of single mail services, partially
of the whole mail server.
This will likely also delay the delivery of incoming mails up to several hours.
You may view the latest post at
https://nic.phys.ethz.ch/news/2014/01/06/maintenance-downtime-of-d-phys-mai…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Axel Beckert
beckert(a)phys.ethz.ch
ISG News has posted a new item, 'Computer support during christmas holidays'
The ETH Zurich will be officially closed between Tuesday, 24th of December 2013
and Friday, 3rd of January 2014. During this time, we can only provide limited
support. Please follow these rules to save us from superfluous work:
Switch off printers
Switch off your personal workstation and notebook except for the following:
Do not switch off our managed Linux workstations.
We will try to follow our e-mail, but you may also have luck and meet some of us
in our IRC channel.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/12/23/computer-support-during-christmas-…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Schmid Patrick
schmid(a)phys.ethz.ch
ISG News has posted a new item, '2013 in Review'
This post is meant to give you a short overview of what has been accomplished in
D-PHYS IT by ISG this year. We've been hard at work to further improve and
extend our services for you, our customers. Some highlights of 2013:
New apprentice: As of August 14, Anastassios has started his apprenticeship with
us and is already deeply involved in a complex PHP/Ajax/PostgreSQL project. Keep
it up!
Mailserver: This year saw a massive increase in spam and especially phishing
attacks. They're getting more and more sophisticated and now include valid logos
and even personal names. We were forced to tighten email policies and further
fortify our mail server in order to battle those waves.
Backup: For the data on our file servers we provide one month of nightly
backups. Now our powerful backup system based on COW BTRFS snapshots allows us
to extend this period to up to one year in exponential intervals for most file
systems. Note that anything beyond 30 days is best-effort only and we might have
to cut back again in single cases. A new web frontend shows the status of all
backup runs.
Windows server: Several Windows server installations have been moved to a new
powerful virtualization server and the Active Directory setup has been
improved.
Printer portal: All information regarding our printers can now be found on one
website. You might want to check there if you have issues with a particular
printer or just to get an idea about printing volume.
Portal for managed workstations: Our new Chic! frontend shows the software
status of our managed Windows and Mac workstations and allows you to request
additional software packages. This service will be officially announced in
January 2014.
GitLab: We run a GitLab instance to facilitate collaborative programming
projects and sharing of code. Get in touch if you'd like to use it.
System upgrades: 2013 brought another round of OS upgrades, also for our
servers. We updated most servers silently and combined all critical systems into
one migration on September 11 in order to minimize downtime for our users.
Windows XP exile: As reported previously, Windows XP will be end-of-life in
April 2014. Since there's still a substantial number of XP machines out there
(most of which cannot be upgraded due to soft- or hardware constraints), we'll
provide a locked-down exile network that will allow a limited and
well-controlled survival of those machines under certain conditions. We'll post
an announcement when the system is ready.
IPv6: This year we laid the groundwork for the slow migration towards IPv6
connectivity in our networks. In particular, we got our monitoring system
IPv6-ready and prepared a NFSv4 rollout. We'll keep you posted about our IPv6
progress.
Apart from these highlights, of course there have been numerous small projects
and improvements to our setup, making both your and our life easier.
I would like to take this opportunity to thank my whole team for their hard and
dedicated work all year long.
Happy Holidays and see you in 2014!
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/12/18/2013-in-review/
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Christian Herzog
daduke(a)phys.ethz.ch
ISG News has posted a new item, 'Software Upgrades on the D-PHYS Webserver on
18th Dec. 2013'
Starting on Wednesday, the 18th of December 2013 in the late afternoon, we will
start upgrading the operating system as well as many web applications on the
primary D-PHYS webserver. While we'll try to keep the downtimes as short as
possible, some temporary service interruptions can't be avoided and are hence
expected.
Potential issues with specific websites hosted on the D-PHYS webserver will be
tackled in the days after the upgrade.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/12/12/software-upgrades-on-the-d-phys-we…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Axel Beckert
beckert(a)phys.ethz.ch
ISG News has posted a new item, 'Tightening access control for sending e-mail'
In the past we allowed sending e-mails over the D-PHYS mailserver from
everywhere inside ETH to allow D-PHYS users to send e-mail via VPN or WiFi
without the need to enter a password.
However the amount of misuse of this rule in the form of sending out spam from
compromised machines inside ETH but outside D-PHYS raised significantly in the
last few weeks.
Due to this development, we are forced to restrict password-less sending of
e-mail via the D-PHYS mail server to a few D-PHYS networks and in the future we
might tighten this even more.
For now this means that you will need to authenticate yourself with your D-PHYS
account, when sending e-mail via the D-PHYS mail server from outside D-PHYS.
This includes sending e-mail via the ETH WiFi networks and connections via ETH
VPN. This change is effective immediately.
Please see our documentation about how to send e-mails from outside D-PHYS if
you need help reconfiguring your e-mail client.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/11/04/tightening-access-control-for-send…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Axel Beckert
beckert(a)phys.ethz.ch
ISG News has posted a new item, 'General IT services downtime on Wed Sep 11
17:00'
In order to upgrade the operating system on several core infrastructure servers
of the Department, we schedule a general maintenance downtime on
Wednesday September 11, starting at 17:00, lasting for several hours.
Most services will be affected and unavailable during that time, as they require
an authentication with your D-PHYS account (email, file server, print server,
managed workstations). Note that, even though you will not be able to check your
emails or send new ones, all incoming mails will be received and safely
delivered to your inbox afterwards.
Please make sure to save all open documents before 17:00 on that day.
Since we will also change the way file server mounts are authenticated, users
who haven't updated their passwords in a very long time might not be able to
mount their home directories or group shares after the migration. If you run
into this problem on Thursday morning, please first change your password. If the
issue persists, contact us.
We will post an update when things are back to normal.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/09/03/general-it-services-downtime-on-we…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Christian Herzog
daduke(a)phys.ethz.ch
ISG News has posted a new item, 'Glitch in Virus Filter Delayed some Mails'
Yesterday (August 21), between about 13:42 and 21:25, the virus filter on our
mail server flagged some legitimate mails as containing a virus. The reason was
a bad signature in the virus database that came in via the automatic updates.
This signature was automatically removed by a subsequent update.
Like all viruses these false positives were quarantined. Once we understood the
problem we could reinject them back into the regular processing of mails. If you
were affected by this, you should receive the mails shortly.
We apologize for the inconvenience.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/08/22/glitch-in-virus-filter-delayed-som…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Elmar Heeb
heeb(a)phys.ethz.ch
ISG News has posted a new item, 'End of Life: Windows XP'
Microsoft will end the extended support cycle for Windows XP on April 8, 2014.
This means that after this date no more security patches or maintenance updates
will be released by Microsoft. For all practical purposes, Windows XP will be
dead after this date.
We at the Physics Department are going to face some problems when XP reaches its
end of life:
Our client computer network is directly exposed to the Internet, thus we depend
on a continuous availability of operating system patches. Furthermore we are
bound to ETH's Acceptable Use Policy for Telematics Resources (BOT), which
orders every system owner to install OS upgrades to avoid security issues. Since
for Windows XP no more security patches will be available after April 9, 2014,
from then on it is not possible to fulfill the BOT requirements and to ensure
overall system security. Running Windows XP connected to the ETH network will
become a security issue after the April 8, 2014 and will not be tolerated by
ETH's network security.
A network scan unveiled several dozen Windows XP machines still connected to our
client computer network. One reason may be that measurement instrument
controller software still depends on that version of Windows. Also old hardware
might be in use which does not run well with a newer operating system.
Regarding these facts, we would like to ask you to start analyzing your Windows
XP machines and the dependencies and reasons of the existence of this operating
system. The following points provide some steps and hints about the process to
eliminate or upgrade current Windows XP machines.
Check whether there are Windows XP machines still in use in your computer
ecosystem and analyze whether a software or hardware component really depends on
this version of Windows.
In case your Windows XP installation is needed to control specific lab equipment
and you are locked to this OS version, please check with the manufacturer of the
equipment whether new software or drivers are available or a hardware upgrade
allows to migrate this Windows XP computer to a newer version of Windows.
If an upgrade to a newer Windows release generates extra cost, now would be a
good time to spend this money to keep your systems and equipment up to date and
to have a stable environment without running into IT security concerns in the
near future.
Please draw up any possible cost to the 2014 budget so new hardware/software can
be ordered prior to the end of life date of Windows XP and the system can be
upgraded in advance.
If you face a situation in which it is not possible to upgrade to a higher
version of Windows for technical or financial reasons, please contact us. We can
help you analyze your specific situation and can try to find particular
solutions to isolate your Windows XP installation from the network or maybe find
a way to upgrade to a higher OS release.
You are welcome to contact us in any case of questions or concerns relating the
Windows XP end of life topic. We can provide help to migrate away from Windows
XP as swift as possible so you can keep your systems secure and stable.
Please note that after April 8, 2014, Windows XP will not be tolerated on the
ETH network and we will be required to enforce this rule.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/07/16/end-of-life-windows-xp/
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Thomas Berchtold
thomber(a)phys.ethz.ch
ISG News has posted a new item, 'New cloud storage service'
In the wake of Prism and Tempora I guess this comes exactly at the right time:
In collaboration with our colleagues at Informatikdienste we are proud to open
the beta test to a new ETH-wide cloud storage service: polybox.
If you've ever used dropbox et al., you've probably come to appreciate the
convenience of seamlessly sharing data from one computer or even mobile device
to another via a cloud storage service. Effortless though this might be, you
always have to keep in mind that your data will live ''somewhere out there'' in
the cloud, and as we've learned the hard way in the last few weeks, the audience
looking at your data is often larger than we think.
With polybox, this is fundamentally different: your data never leaves ETH's
servers unless you carry it away yourself. In contrast to basically all other
cloud storage services out there, polybox is therefore suited for storing data
you don't want everybody and their cousin to read.
The service is now open to beta testers and provides 5 GB of cloud storage to
every ETH student and employee. You can access your data via web frontend or
install the handy sync clients that come with it. Please note that the
documentation still lists some open issues (last two links in German) in the
beta version, so please be prepared to provide feedback if you encounter any
errors.
Please also note that polybox uses your n.ethz account and not your physics
account and hence has no relation to your data at D-PHYS.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/06/28/new-cloud-storage-service/
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Christian Herzog
daduke(a)phys.ethz.ch
ISG News has posted a new item, 'HIT Building: Electric Power Interruption on
Monday, 15th of July'
Due to a test relating the electric power supply of the HIT building there will
be a planed interruption from 6:30am to 9:30am on Monday the 15th of July.
Please note that the whole HIT building will be without electric power during
this time (The server room HIT D 13 is excluded from this interruption).
Shutdown your computer and switch off (use main switch if available or unplug)
your electrical devices in advance to avoid local data loss and help prevent
start-up peaks when electric power is switched back on.
You may view the latest post at
https://nic.phys.ethz.ch/news/2013/06/24/hit-building-electric-power-interr…
You received this e-mail because you asked to be notified when new updates are
posted.
Best regards,
Thomas Berchtold
thomber(a)phys.ethz.ch