This is a reminder that no member of the Georgia Tech community should ever consider sending his or her GTAccount password to anyone via email, or even telling it to anyone on the telephone. OIT will never ask you for your password over email, the telephone, or anywhere else! You’re the only person who should ever know your password – other users certainly shouldn’t have it, and OIT system administrators don’t need it.

Some of you may be receiving emails with the subject line, “Update YOUR Gatech email NOW” containing poor grammar and a request for your personal and account information. These are fraud attempts which could compromise the security of Georgia Tech systems if they are answered. Please don’t reply to these emails – they appear to be an attempt to take over user email accounts, probably for spam purposes, and may not have been aimed at GT in specific, but any account compromise puts all of us at risk.

If you have mistaken this message for a legitimate one and accidentally given away your account information, you need to act immediately:

1) Go to passport.gatech.edu and change your password ASAP!

2) Contact OIT and let them know that this has happened, so that they can monitor your email account for signs of tampering.
Use the web form at: http://www.remedy.gatech.edu/cgi-bin/Service-Request/OIThome.pl
Or, call 4-7173

Please contact the LCC Support office if you have any questions or concerns!

thanks!

LCC Support

Many of the world’s recent technological developments were envisioned in fiction long before they became physically realized. This news blog chronicles science news in context of the Science Fiction that inspired new discoveries. Take a look at http://www.technovelgy.com/ to find out who thought of it first!

The GT Library is hosting a student Flash animation competition, supported by the Library’s Multimedia Studio! The Multimedia Studio is a wealth of resources that benefit students in developing media and incorporating rich media into their coursework and projects.

Competition details, including deadlines and prizes can be found at:

http://flashinthepan2007.blogspot.com

The GT Library is hosting a student Flash animation competition, supported by the Library’s Multimedia Studio! The Multimedia Studio is a wealth of resources that benefit students in developing media and incorporating rich media into their coursework and projects.

Competition details, including deadlines and prizes can be found at:

http://www.cetl.gatech.edu/tsquare/reg.php

CETL is running several classes on T-Square, including basic classes as well as sessions focused on more specific topics. If you’re wondering what the extent of T-Squares capabilities are, they can answer your questions and provide a place to suggest improvements.

T-Square is Georgia Tech’s implementation of the open-source project, Sakai, which we develop here on campus. We expect to be able to change and develop its feature set over time to better suit your needs as Faculty members. So if you have suggestions, questions, or ideas for how you’d like T-Square to function, the training classes are a great place to become more familiar with the current features and make suggestions for future ones.

There’s also the T-Square Remedy request form under the Support link at
https://t-square.gatech.edu/portal

The ticket form can be used to report a problem, request help with a course setup, or make feature requests.

Are you seeing spam emails giving you account login information for MP3 and game websites? We’ve just gotten word that a few of these are making their way through the GT email system. As usual, they contain a link that will send you to a webpage which tries to download a virus to your computer.

The virus in question is currently a “zero-day” threat, meaning that antivirus corporations like McAfee haven’t created an antidote or prevention definition yet. So please be careful not to click on links in unexpected emails, both at Georgia Tech and at home!

The virus-bearing greeting card spam is still a prominent threat; we’ve been seeing messages about this on the GT computer support staff mailing lists, and the problem is getting media coverage as well:

http://blog.washingtonpost.com/securityfix/2007/07/notsofriendly_greeting_cards_1.html

Virus greeting cards can appear to have been sent by real people, perhaps even someone you know. For the moment, the best way to handle any electronic greeting cards you may receive is to delete them without opening them.

The virus payload is delivered when a user clicks on one of the links in the greeting card, so if you have accidentally opened a suspicious card, it’s still safe to delete it, as long as you have not followed its links.

If you suspect you may have accidentally clicked through a suspicious link, please contact LCC Support immediately – this virus carries a payload that’s a serious threat to the security of your computer and the network.

Some of our department’s faculty have started seeing a ramp-up in E-Card spam messages. These have been around for a while, but the latest batch of Fourth-of-July-themed messages may have prompted more Internet users to click on the bogus cards and infect themselves with viruses, causing an increase in virus traffic.

Georgia Tech does run virus scans on all @lcc.gatech.edu emails, removing viral attachments before they get to your desk. However, some virus spam, like the E-Cards trick, tries to get you to click on links in the email (rather than get you to open attachments), which take you to websites that automatically try to use Internet Explorer security flaws to run code on your computer. It’s the website at the other end of the link that is the dangerous component in this attack.

LCC Support recommends using Firefox, which currently has fewer unpatched security flaws than Internet Explorer.

As always, please be careful not to click on links in emails that you are unsure about. Be doubly cautious when checking mail from providers other than Georgia Tech, including Gmail, Hotmail, Yahoo Mail, and your home ISP. If you start noticing an increase in spam and virus emails, send a request in to the support system. We can help you minimize the spam and ensure that viruses don’t hit your PC.

http://news.bbc.co.uk/2/hi/technology/6065534.stm

Are lawmakers really trying to tax in-world transactions? Or do they simply want to level-up their orcs? We may never know.

According to various sources across the web, the vulnerability in Firefox announced by a pair of presenters at the ToorCon hacker convention is not very threatening. The presenters claimed to have code that would exploit the security flaw and install rootkits on the host machine. As it turns out, they were simply bragging.

Washington Post’s Security Blog

ZD Net article

All emails sent to @lcc.gatech.edu and @mail.gatech.edu addresses are marked with a spam “rating” or score. To learn how to set up filters based on these ratings, please see the LCC Computer Support Anti-SPAM Guide.

Sick of spam filling up your inbox? Help is here! All emails sent to @lcc.gatech.edu and @mail.gatech.edu addresses are now marked with a spam “rating” or score. To learn how to set up filters based on these ratings, please visit our new Anti-SPAM Guide.

LCC Computer Support Anti-SPAM Guide

The process for requesting undergrad web server accounts on the Iron web server has changed. Faculty no longer need to gather names and email addresses for each student needing a web account. Please view the following FAQ entry for further detail:

Faculty: How Do I Request Web Server Accounts for My Undergrad Students?

We encourage you to submit all account requests for the Fall semester by September 23, 2005.

Updated software lists for each LCC computer lab are now available on the Labs page.

Steel/Silver is running PHP 4.3.2.

Via the Command Line:
1. log into Steel using an SSH client (Secure CRT, SSH Secure Shell Client, etc.)
2. issue the following command:

echo "myemail@mail.gatech.edu" >> .forward
(replace “myemail@mail.gatech.edu” with the address where you would like to receive expiration notices)

Via Secure FTP:

Continue Reading »

Passwords for Steel/Silver expire 160 days after the last date that you changed it. You may issue the command “chage -l” to check the age of your password.

You may use traditional (non-secure) FTP clients (Fetch, WS-FTP, Dreamweaver’s built in FTP client) or Secure technologies (SSH, SCP or SFTP) from your office in Skiles.

You may point your FTP, SSH, SCP or SFTP client to “silver.skiles.gatech.edu” or “www.lcc.gatech.edu”.

You will need to come by Skiles 356 to have it reset. You may email lcc-support@iac.gatech.edu to schedule an appointment, or just drop by. Please bring your Buzz Card.

Use an SSH client to log into the server, then enter the “passwd” command at the command prompt:

[bsmith@silver bsmith]$ passwd

Press return. You will be prompted for your current password once, then twice for your new password.

Passwords should be at least 8 characters in length, should contain letters and/or numbers and symbols, and should not be based on a dictionary word.

You will use your GT Account user ID and password to access Iron. This is the same username/password that you use to access Spectrum email, lab computers and other OIT systems.

Because Iron uses your GT username and password for authentication, you will need to contact OIT to have your password reset. Please see password.gatech.edu for more information on managing your GT account password.

Files need to have 755 or “World Readable & Executable” permissions in order to be served to the web. If a file does not have these minimum permissions, you will get a “403″ error in your web browser.

The most efficient way to fix a permission problem in your web directory is via the command line. SSH into the server and issue the following command:

chmod -R 755 www/* [press return]

If you wanted to fix files in a subdirectory of your www folder, you can specify just that folder:

chmod -R 755 www/images/* [press return]

If you try to view a directory in your web space that does not have an index.html, index.htm or index.php file, you will get a 403 Error. This is because directory listings on the web server are turned off by default. To turn them on, create a file called “.htaccess” that contains the line “Options +Indexes” and place it in your www directory (i.e. /…/yourusername/www/). Make sure that the file is world-readable via the software that you a using or the chmod command on the command prompt. Click here for more info on permissions.

To connect to one of the LCC servers you will need to use one of three Secure technologies: SSH, SCP or SFTP. These three Secure technologies provide strong authentication and secure communications over insecure channels. This is the preferred method to connect to our servers, since it allows you access from any computer, on or off campus.

SSH, or Secure Shell, will allow you to access your shell account. SCP and SFTP provide graphical interfaces that will enable you to upload and download files from your local computer to the server.

Once you have chosen a method to connect, point the client to xxx.lcc.gatech.edu on port 22, where the xxx is the server name (i.e. ‘iron’, ’steel’, or ’silver’.)

You may also use AppleShare and FTP to connect to Silver/Steel, but only from within the Skiles building. To connect via Apple Share, use the Chooser to select AppleShare, then the git-lcc zone, then click on the desired server name. If you do not see the server name in the list of AppleShare servers, click “IP Address” and enter “steel.lcc.gatech.edu”.

Dreamweaver MX’sbuilt in FTP client is not compatible with the LCC servers, even when used with the SSH encrypted secure login option.

Dreamweaver MX 2004’s built in FTP client is compatible with LCC servers. Follow these steps:

1. Create a new site in Dreamweaver
2. Select “Edit local copies on my machine and then upload to server when ready”
3. Select a location to store the files, click “Next”
4. When asked how to connect to your remote server, enter the following:

• How do you connect to your remote server? FTP
• What is the hostname..? [the server name].lcc.gatech.edu
• What folder … do you want to store your files in? www
• What is your FTP login? [your account username] (your GT-number for iron, or your steel/silver username)
• What is your FTP password? [your account password] (your GT/prism account password for iron or your steel/silver password)
• Check Use Secure FTP (SFTP)

5. Click “Test connection” to confirm that your settings are correct.

SFTP (Secure FTP) is a utility identical in function to traditional FTP that copies files over a SSH connection. SFTP is also almost identical in function to SCP, and is the most user-friendly of the secure methods of uploading files to Silver.

Example SFTP clients: SSH.com?s sFTP client for Windows, MacSFTP for MacOS, Fugu for MacOS X.

SCP (Secure CoPy) is a utility used to copy files over an SSH connection. A SCP client will provide a user-friendly graphical interface to help you copy files back and forth between your computer and the server.

Example SCP clients: WinSCP for Windows, Nifty Telnet SSH for MacOS.

SSH (Secure Shell) is a utility used to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. If you are comfortable using a Unix command-line environment, SSH is for you.

Example SSH Clients: SecureCRT for Windows, PuTTy for Windows, Nifty Telnet SSH for MacOS, Mac OS X’s built-in Terminal application.

The following is a list of user-friendly clients that LCC Computer Support recommends for home or personal computers:

Windows:
+ SFTP: SSH.com’s sFTP client – available at ftp://ftp.ssh.com/pub/ssh/ (download “SSHSecureShellClient.exe”)
+ SCP: WinSCP – free from OIT: http://www.oit.gatech.edu/software/
+ SSH: SecureCRT – free from OIT: http://www.oit.gatech.edu/software/

Macintosh:
+ SFTP: FUGU (OS X) – http://rsug.itd.umich.edu/software/fugu/
+ SFTP: MacSFTP (OS 9) – http://pro.wanadoo.fr/chombier/
+ SSH/SCP: Nifty Telnet SSH (OS 9) – http://www.lysator.liu.se/~jonasw/freeware/niftyssh/

For a current list of Win and Mac clients, please see http://www.openssh.org/windows.html or http://www.openssh.org/macos.html

Faculty who prefer to use a Secure client to traditional FTP from their office computers may contact lcc-support to request installation.