Dispatches From The Geeks

News and Announcements from the MCS Systems Group

Notice: Apple Server Bronze Reboot Saturday, 2/21

This work has been completed without incident.

Thanks

Written by Craig Stacey

February 21, 2015 at 12:24 pm

Posted in Uncategorized

Notice: Apple Server Bronze Reboot Saturday, 2/21

On Saturday, February 21 at around 12 Noon we will be rebooting the Macintosh file server named “bronze” in order to apply some important software updates.

We anticipate a very short downtime window, but in order to give us some room to take care of any unanticipated issues that might arise I am setting the downtime window to be from 12 Noon until 1 PM. If you see any of the fileshares reappear during this time you should not expect them to remain stable.

On Friday we will send reminders to anyone logged in to the server. It’s a good idea to make sure that any open work is saved and that you are logged out of the server at close of business on Friday.

When the work is done an all-clear will be sent and posted at the Systems blog: https://mcssys.wordpress.com

If this poses an unacceptable disruption for you please send a note to help@cels.anl.gov

Thanks

Written by Craig Stacey

February 18, 2015 at 3:22 pm

Posted in Uncategorized

Be alert for phishing attempts

The ANL Cyber office reports increased phishing activity, some of it pretty well executed. They’re taking advantage of the fact that it’s tax season to try to get you to open documents. Please be mindful of this when opening any documents.

Some good practices for you to engage in:

1) Do your best to keep your personal activity in your personal mailbox, rather than your ANL mailbox. This way, you’ll notice a red flag if see e-mail claiming to be from your bank e-mails but coming to your work address. Free personal e-mail accounts can be trivially obtained from Google, Yahoo, and Microsoft. Also, your internet provider usually provides an e-mail account you can use.

2) Look at the mail headers of any message you receive that purports to be from a trusted source. It might claim to be from somewhere you trust, but it really isn’t. And, trust me, I recognize the irony that Argonne broadcasts like Argonne Today don’t come from anl.gov servers. That being said, they also don’t come from some Italian ISP, so if you see that in the headers, it’s a sign.

3) And, the mantra we’ve always touted forever and ever, don’t open any attachments that you weren’t expecting or don’t know what they are. If in doubt, ask the sender via a trusted method. Or ask us. We’re here to help.

If you like goofy mnemonics or catch phrases, Cyber is touting "SEAR the phish". Where SEAR means Stop, Examine, Ask, Report.

Stop: Don’t panic and don’t be too quick to click on email links even if the message looks urgent and threatening. This is NOT a contest where being 1st to click wins.

Examine: Look at the email closely. Does the message look suspicious, does the link look unusual, does the request make sense?

Ask: Question the sender (if you know him/her personally). Check with the Cyber Office (cyber@anl.gov) to determine if the email is legitimate or not.

Report: Notify Cyber if you receive any phishing emails by forwarding it to cyber@anl.gov

Stay vigilant, folks! Thanks!

Written by Craig Stacey

February 18, 2015 at 1:25 pm

Posted in Uncategorized

Networking issues from yesterday resolved

It looks like the networking issues from yesterday have been resolved.

All told, there were three outages in total. The first was at Sunday 4AM, the second yesterday early afternoon, and another one that followed shortly after. The current theory is the failures were caused by an intermittent failure in a network interface card on one of the lab’s firewall servers. The firewall functions were forced to move to the redundant server across campus, which seems to have stabilized the situation, and will allow the failing one to be repaired.

Thanks for your patience!

Written by Craig Stacey

February 10, 2015 at 8:59 am

Posted in Uncategorized

Networking issue affecting all users. Updates will come as we get them.

Written by Craig Stacey

February 9, 2015 at 2:37 pm

Posted in Uncategorized

Upcoming changes for trouble tickets/help requests for CELS Systems

Due to the amount of crossover we have with the Argonne Service Desk in terms of the types of issues we handle, as well as the increased functionality their issue tracking system uses, CELS Systems is planning to migrate to Argonne’s service ticket system (known as Service Now). Sharing the same system allows us easily to hand tickets back and forth with CIS, something that’s been happening with greater frequency since the switch to Exchange/Outlook for mail.

What does this mean for you? Maybe nothing, really, but I wanted to make sure you were aware of the change and how some things will at least look different. For example, the e-mails you get when you submit a ticket will look different. And you’ll gain the ability to check on the status of your open issues the same way you can now with the Argonne service desk at http://help.anl.gov.

Later this month, we’re going to change the behavior of "systems@mcs.anl.gov" to point to the new ticketing system. Those of you who’ve been paying close attention may have noticed another address (help@cels.anl.gov) in some recent signage and communications. That already points to Service Now, so if you want to get a sneak peek of how things will look going forward, you can use that address the next time you need help.

On February 16th, mail to systems@mcs.anl.gov will behave in the same way as sending to help@cels.anl.gov works now. The Systems address will always work, but we’re going to be advertising the help@cels.anl.gov address as the primary contact method to better reflect the group’s mission these days.

Also, because we’ll be on the same system, you can also submit tickets via the web portal at http://help.anl.gov by using your Argonne credentials. Please note, this is a convenience option for those that prefer it – you’ll always be able to use a simple mail to help@cels.anl.gov (or systems@mcs.anl.gov) from any address to get help without having to log in on anything.

This is the first step in migrating to the Service Now platform. Over the next few months, we’ll also be migrating our user-facing documentation to this, as well as integrating it into our requests for common services (WordPress blogs, mailing lists, etc.) that are currently found at http://virtualhelpdesk.mcs.anl.gov.

If you have any concerns or questions, please let me know. Also, I look forward to your feedback on how the process is working once you’ve had a chance to experience it.

Thanks!

Written by Craig Stacey

February 5, 2015 at 4:18 pm

Posted in Uncategorized

Brief rolling outages/reboots for security patching starting today (1/30/15)

Due to a serious security vulnerability, we’ve had to patch our Unix-based machines over the past few days. To complete the patching process, we need to reboot these machines. We’re going to a schedule of rolling reboots to ensure any issues that occur during reboots don’t take out too many services at once. We also believe we’ve mitigated the issue that caused the long outage for www.mcs.anl.gov earlier this week, and the current reboots should take much less time.

The schedule is as follows, with the machines being rebooted in a staggered fashion within the 30 minutes following the start time.

TODAY:
12:30PM: squall (Drupal server), typhoon (JLSE Atlassian Server), blizzard (collab – MCS Confluence Server), cyclone (xcollab, xjira – CELS external Confluence and Jira servers), login1 and login4 (SSH login servers)

2:00PM: login2 and login3 (SSH login servers), cvs.globus.org, variant (MCS SVN/Trac server), caveat (trac.mpich.org), repo.anl-external.org (External SVN repos)

More reboots will be announced as machines are identified and patched. Please let us know if this poses a particular problem for you.

Thanks!

Written by Craig Stacey

January 30, 2015 at 11:04 am

Posted in Uncategorized

MCS Webserver Outage

The web server is back online and serving traffic as of about 10:00. Again, sorry for the inconvenience. Please let us know if there are any issues you have after this update.

From: <Leggett>, Ti Leggett <leggett>
Date: Wednesday, January 28, 2015 at 8:55 AM
To: "cels-systems-announce" <cels-systems-announce>
Subject: MCS Webserver Outage

A very serious security vulnerability was disclosed yesterday and patches made available. In order to patch the web server that hosts the main MCS web site as well and personal web homes a reboot was required. Unfortunately the reboot is taking longer than anticipated, but the server should be up between 9:30 and 9:45. We’re sorry for any inconvenience this causes.

Written by Craig Stacey

January 28, 2015 at 10:50 am

Posted in Uncategorized

MCS Webserver Outage

A very serious security vulnerability was disclosed yesterday and patches made available. In order to patch the web server that hosts the main MCS web site as well and personal web homes a reboot was required. Unfortunately the reboot is taking longer than anticipated, but the server should be up between 9:30 and 9:45. We’re sorry for any inconvenience this causes.

Written by Craig Stacey

January 28, 2015 at 8:55 am

Posted in Uncategorized

CIS offering Web Application Developer Training, Jan 13.

Please see the below announcement from CIS. I encourage anyone who’s doing web application development to attend, or at least one person from each group engaged in that sort of activity.

As the systems administrators, we get notified whenever a web app on a system we’re responsible for has a detected vulnerability, and based on what we’ve encountered, I think there’d be some real benefit to picking up on some good coding practices (especially sanitizing input).

All,

WHAT ARE WE DOING?

The CSPO is sponsoring web application developer training for anyone interested. The training will go over threats to web applications and best coding practices to mitigate attacks.

WHEN WILL THIS OCCUR?

January 13th , 2015, 10:00am-2:00 p.m. Building 240 Rm. 1416

WHAT DO YOU NEED TO DO?

Forward this message to any developer that codes web applications and/or web service admins. Attend the training!

WHAT IS THE EFFECT ON YOU?

Hopefully you come out of the training with some action items to check the health of your web applications that are running in your inter/intra nets.

FOR MORE INFORMATION

Please contact the cyber office for any more details. More information will be sent specifically to the CSPRs who requested their web applications to be tested.

Written by Craig Stacey

January 7, 2015 at 11:05 am

Posted in Uncategorized

Follow

Get every new post delivered to your Inbox.

Join 48 other followers