Dispatches From The Geeks

News and Announcements from the MCS Systems Group

Revised Laptop Support Policy for CELS

We’ve revised and updated the laptop support policy for CELS in order to address some holes in our process from a cybersecurity standpoint, and to offer those who may not want a fully managed machine some avenue to receive support and notification for patching and other security issues.

You can find the updated policy here: http://www.mcs.anl.gov/faq/Laptops

You can see the history tab on the wiki for changes, but the main change is defining the categories of laptops and what each entails. We’ve added a category of machines targeted at scientific users who would like to share the administrative burden of their machines with us. In that case, we’ll notify you of important software updates and can apply them for you as desired. We will also handle software license compliance and reporting for those machines.

As new laptops are ordered, we’re going to be offering any researcher the choice of jointly managed or unmanaged configurations.

If you have any questions or concerns, please let me know. Thanks!

Written by Craig Stacey

March 19, 2015 at 9:56 am

Posted in Uncategorized

Notice: Apple Server Bronze Reboot Saturday, 2/21

This work has been completed without incident.

Thanks

Written by Craig Stacey

February 21, 2015 at 12:24 pm

Posted in Uncategorized

Notice: Apple Server Bronze Reboot Saturday, 2/21

On Saturday, February 21 at around 12 Noon we will be rebooting the Macintosh file server named “bronze” in order to apply some important software updates.

We anticipate a very short downtime window, but in order to give us some room to take care of any unanticipated issues that might arise I am setting the downtime window to be from 12 Noon until 1 PM. If you see any of the fileshares reappear during this time you should not expect them to remain stable.

On Friday we will send reminders to anyone logged in to the server. It’s a good idea to make sure that any open work is saved and that you are logged out of the server at close of business on Friday.

When the work is done an all-clear will be sent and posted at the Systems blog: https://mcssys.wordpress.com

If this poses an unacceptable disruption for you please send a note to help@cels.anl.gov

Thanks

Written by Craig Stacey

February 18, 2015 at 3:22 pm

Posted in Uncategorized

Be alert for phishing attempts

The ANL Cyber office reports increased phishing activity, some of it pretty well executed. They’re taking advantage of the fact that it’s tax season to try to get you to open documents. Please be mindful of this when opening any documents.

Some good practices for you to engage in:

1) Do your best to keep your personal activity in your personal mailbox, rather than your ANL mailbox. This way, you’ll notice a red flag if see e-mail claiming to be from your bank e-mails but coming to your work address. Free personal e-mail accounts can be trivially obtained from Google, Yahoo, and Microsoft. Also, your internet provider usually provides an e-mail account you can use.

2) Look at the mail headers of any message you receive that purports to be from a trusted source. It might claim to be from somewhere you trust, but it really isn’t. And, trust me, I recognize the irony that Argonne broadcasts like Argonne Today don’t come from anl.gov servers. That being said, they also don’t come from some Italian ISP, so if you see that in the headers, it’s a sign.

3) And, the mantra we’ve always touted forever and ever, don’t open any attachments that you weren’t expecting or don’t know what they are. If in doubt, ask the sender via a trusted method. Or ask us. We’re here to help.

If you like goofy mnemonics or catch phrases, Cyber is touting "SEAR the phish". Where SEAR means Stop, Examine, Ask, Report.

Stop: Don’t panic and don’t be too quick to click on email links even if the message looks urgent and threatening. This is NOT a contest where being 1st to click wins.

Examine: Look at the email closely. Does the message look suspicious, does the link look unusual, does the request make sense?

Ask: Question the sender (if you know him/her personally). Check with the Cyber Office (cyber@anl.gov) to determine if the email is legitimate or not.

Report: Notify Cyber if you receive any phishing emails by forwarding it to cyber@anl.gov

Stay vigilant, folks! Thanks!

Written by Craig Stacey

February 18, 2015 at 1:25 pm

Posted in Uncategorized

Networking issues from yesterday resolved

It looks like the networking issues from yesterday have been resolved.

All told, there were three outages in total. The first was at Sunday 4AM, the second yesterday early afternoon, and another one that followed shortly after. The current theory is the failures were caused by an intermittent failure in a network interface card on one of the lab’s firewall servers. The firewall functions were forced to move to the redundant server across campus, which seems to have stabilized the situation, and will allow the failing one to be repaired.

Thanks for your patience!

Written by Craig Stacey

February 10, 2015 at 8:59 am

Posted in Uncategorized

Networking issue affecting all users. Updates will come as we get them.

Written by Craig Stacey

February 9, 2015 at 2:37 pm

Posted in Uncategorized

Upcoming changes for trouble tickets/help requests for CELS Systems

Due to the amount of crossover we have with the Argonne Service Desk in terms of the types of issues we handle, as well as the increased functionality their issue tracking system uses, CELS Systems is planning to migrate to Argonne’s service ticket system (known as Service Now). Sharing the same system allows us easily to hand tickets back and forth with CIS, something that’s been happening with greater frequency since the switch to Exchange/Outlook for mail.

What does this mean for you? Maybe nothing, really, but I wanted to make sure you were aware of the change and how some things will at least look different. For example, the e-mails you get when you submit a ticket will look different. And you’ll gain the ability to check on the status of your open issues the same way you can now with the Argonne service desk at http://help.anl.gov.

Later this month, we’re going to change the behavior of "systems@mcs.anl.gov" to point to the new ticketing system. Those of you who’ve been paying close attention may have noticed another address (help@cels.anl.gov) in some recent signage and communications. That already points to Service Now, so if you want to get a sneak peek of how things will look going forward, you can use that address the next time you need help.

On February 16th, mail to systems@mcs.anl.gov will behave in the same way as sending to help@cels.anl.gov works now. The Systems address will always work, but we’re going to be advertising the help@cels.anl.gov address as the primary contact method to better reflect the group’s mission these days.

Also, because we’ll be on the same system, you can also submit tickets via the web portal at http://help.anl.gov by using your Argonne credentials. Please note, this is a convenience option for those that prefer it – you’ll always be able to use a simple mail to help@cels.anl.gov (or systems@mcs.anl.gov) from any address to get help without having to log in on anything.

This is the first step in migrating to the Service Now platform. Over the next few months, we’ll also be migrating our user-facing documentation to this, as well as integrating it into our requests for common services (WordPress blogs, mailing lists, etc.) that are currently found at http://virtualhelpdesk.mcs.anl.gov.

If you have any concerns or questions, please let me know. Also, I look forward to your feedback on how the process is working once you’ve had a chance to experience it.

Thanks!

Written by Craig Stacey

February 5, 2015 at 4:18 pm

Posted in Uncategorized

Brief rolling outages/reboots for security patching starting today (1/30/15)

Due to a serious security vulnerability, we’ve had to patch our Unix-based machines over the past few days. To complete the patching process, we need to reboot these machines. We’re going to a schedule of rolling reboots to ensure any issues that occur during reboots don’t take out too many services at once. We also believe we’ve mitigated the issue that caused the long outage for www.mcs.anl.gov earlier this week, and the current reboots should take much less time.

The schedule is as follows, with the machines being rebooted in a staggered fashion within the 30 minutes following the start time.

TODAY:
12:30PM: squall (Drupal server), typhoon (JLSE Atlassian Server), blizzard (collab – MCS Confluence Server), cyclone (xcollab, xjira – CELS external Confluence and Jira servers), login1 and login4 (SSH login servers)

2:00PM: login2 and login3 (SSH login servers), cvs.globus.org, variant (MCS SVN/Trac server), caveat (trac.mpich.org), repo.anl-external.org (External SVN repos)

More reboots will be announced as machines are identified and patched. Please let us know if this poses a particular problem for you.

Thanks!

Written by Craig Stacey

January 30, 2015 at 11:04 am

Posted in Uncategorized

MCS Webserver Outage

The web server is back online and serving traffic as of about 10:00. Again, sorry for the inconvenience. Please let us know if there are any issues you have after this update.

From: <Leggett>, Ti Leggett <leggett>
Date: Wednesday, January 28, 2015 at 8:55 AM
To: "cels-systems-announce" <cels-systems-announce>
Subject: MCS Webserver Outage

A very serious security vulnerability was disclosed yesterday and patches made available. In order to patch the web server that hosts the main MCS web site as well and personal web homes a reboot was required. Unfortunately the reboot is taking longer than anticipated, but the server should be up between 9:30 and 9:45. We’re sorry for any inconvenience this causes.

Written by Craig Stacey

January 28, 2015 at 10:50 am

Posted in Uncategorized

MCS Webserver Outage

A very serious security vulnerability was disclosed yesterday and patches made available. In order to patch the web server that hosts the main MCS web site as well and personal web homes a reboot was required. Unfortunately the reboot is taking longer than anticipated, but the server should be up between 9:30 and 9:45. We’re sorry for any inconvenience this causes.

Written by Craig Stacey

January 28, 2015 at 8:55 am

Posted in Uncategorized

Follow

Get every new post delivered to your Inbox.

Join 48 other followers