C O M P U T I N G N E W S U n i v e r s i t y o f O r e g o n WINTER 1999 Student Account Information 2 Modem Updates 3 Trojan Horse on Campus 3 Computing Center Who's Who 4 Acrobat 3 on DARKWING, GLADSTONE 4 Winter Workshop Schedule 6 Web Search Tips 8 UO?s PVM Cluster 8 ccMail?s Life Expectancy 9 Financial Research Data Service 9 Dreamweaver Review 10 IP/TV Broadcast Opportunity 12 Web Proxy Server Update 13 SP4 for Windows NT 4.0 13 ?Required by Law? (new Law School computing column) 14 Web Virtual Hosting 14 What to Do When Your System?s Hacked/Cracked 16 UO Connects to Internet 2 18 NSRC, Computing Center in Angola 23 IN THIS ISSUE? 2 computing news winter 1999 COMPUTING NEWS VOL. 14 #2 Computing News is published quarterly by the Academic User Services staff of the Office of University Computing, 1212 University of Oregon, Eugene, OR 97403-1212. You may reprint articles from Computing News, provided you credit the source. Newsletter Editor: Joyce Winslow (jwins@oregon.uoregon.edu) Telephone: (541) 346-1724 Assistant Director, Academic User Services: Joe St Sauver (joe@oregon.uoregon.edu) Web site: http://cc.uoregon.edu/cnews Subscription requests: jwins@oregon.uoregon.edu Cover photo: Jack Liu UNIVERSITY OF OREGON COMPUTING CENTER The Ins and Outs of Student Accounts: Answers to Some Common Questions By Rick Milhollin rickm@oregon.uoregon.edu At the beginning of each term, new students frequently have questions about their usernames and pass- words. To help answer some of these questions before they arise, we?re publishing a brief refresher course on UO account policies, along with some updated information. How Do I Get an Account? If you?re currently enrolled as a UO student, you should already have one. Incoming students are assigned ?pre- generated? usernames and passwords. Before you can use your account for the first time, however, you?ll need to ac- cess your account information. You may do this in one of two ways: 1. Via DuckWeb. Using Netscape or Internet Explorer, access the DuckWeb site at http://duckweb.uoregon.edu You must know your student ID number and your personal access code (PAC). Log in to DuckWeb and at the main menu, select the option ?View UO Computing Accounts Information? or? 2.Come to the Computing Center Help Desk. Bring your photo ID to the Help Desk in the Computing Center?s south entry lobby, and a Help Desk consultant will give you your personalized Student Account Information sheet. What if I Don?t Have a Pregenerated Account? If for some reason you don?t have a pregenerated account, you can still use the AUTHORIZE program to get one. Here?s how: Telnet to AUTHORIZE and type ?au- thorize? at the ?Username:? prompt. Then follow the instructions as they appear on your screen. (If you don?t know how to telnet, get a copy of the handout ?How to Telnet? from the Computing Center Documents Room upstairs in Room 205.) Note: If you?re not registered for the current term but are registered for the next term, you may create your account 45 days after the current term began. How Long Will My Account Stay Active? Your UO computing account remains active as long as you?re registered, and during the term immediately following your last active registration. For example, if you were registered in spring term, your account would remain active through the summer. After the last day to add classes in each term, accounts are disabled for students who didn?t register for either the current term or the previous term. To help maintain modem accessibility to UOnet, modem activity at the UO is automatically monitored. Because we don't have enough mo- dems to let everyone have a dedicated personal modem connection, we ask for your cooperation in limiting your connect time to no more than an aver- age of two hours a day (or 14 hours per week). Those who exceed 14 hours of connect time per week will be con- tacted by a Computing Center staff member and encouraged to subscribe to a commercial network service pro- vider. A list of local providers is avail- able at http://darkwing.uoregon.edu/ ~llynch/eug-access.html We recognize that occasionally a press- ing project or other special circum- stance may require you to exceed the 14 hours-a-week target, and that is something we can accommodate?on the rare occasions when special cir- cumstances develop. What concerns us is a consistent and unsustainable pattern far in excess of the target us- age threshold. Remember, too, that sharing your modem account with others is strictly prohibited (see "Acceptable Use of Computing Resources," http:// cc.uoregon.edu/acceptableuse.html) Please cooperate in helping us make the most of the limited resources we have available! Please Be a Considerate Modem User By Lucy Lynch llynch@darkwing.uoregon.edu 3computing news winter 1999 A new trojan horse called ?Back Ori- fice? appears to be making the rounds ofblank Windows 95/98-based machines on campus. Unlike ablank computer virus, a trojan horse cannot be transmitted without human intervention. Like theblank original steed of Greek fame, Back Orifice is most often cleverly dis- guised. It frequently appears asblank some- thing you?d be least likely to suspect, including applications found onblank the Internet or received as attachments to email messages. To further confuse Trojan Horse Making the Rounds on Campus n Protect Your Windows 95/98 Machines! By Joel Jaeggli joelja@darkwing.uoregon.edu you, applications which contain or in- stall Back Orifice may stillblank work or ap- pear to work correctly, meanwhile in- stalling the trojan program invisibly in theblank background. Applications that have contained Backblank Orifice among others, an application thatblank purports to detect Back Orifice and a pornographic tetris game.blank Realis- tically, the treacherous program could be part of any application coming from ablank questionable source.blank blank If installed, Back Orifice can allow hackers on the Internet to view theblank contents of your machine, edit files, capture keystrokes, and carry outblank attacks against other Internet hosts using your machine as a proxy forblank their own ac these actions have potentially seriousblank security and privacy implica- tions which make it in the interest of users toblank en How to Detect Back Orifice:blank The best way to check for Back Orificeblank is to in- stall the latest version of Norton Antivirus for Windows, either by ftp from public.uoregon.edu or from theblank Duckware CD. The Norton utility willblank automatically detect and remove Back Orifice as well as several hundredblank other viruses and trojans. Or, you could use a single-purposeblank utility like ?BoDetect? to detect its presence. You'll find ?BoDetect? at http://www.spiritone.com/~cbenson/ current_projects/backorifice/backorifice.htm At the beginning of fall term, users dial- ing the UO modem pool via 346-6520 didn't get a normal busy signal when all lines were in use. Instead, they heard a prerecorded ?all circuits busy? message. After extensive testing and debug- ging, staff from Network Services, Telecomm Services and US West deter- mined that this unusual response was the result of several factors, including recent upgrades to both the telephone switch serving the City of Eugene and Getting ?All circuits busy? Modem Message? the PBX serving the UO, as well as the way the modem pool was configured. To correct the problem, Network Ser- vices and Telecomm Services plan to reengineer the modem pool configura- tion. Corrective procedures should be- gin during the winter break and could extend into the first weeks of the winter quarter. We apologize in advance for any inconvenience this may cause. Forthcoming Changes The addition of newer faster modems and the change in configuration of the dialin lines should greatly improve the quality of service to the UO dialin By Jos? Dom?nguez and John Kemp jad@network-services.uoregon.edu kemp@network-services.uoregon.edu community.The new configuration (shown in the table below) differs from the old one in two important ways: 1. The 346-3565 number will convert to a V.90-capable modem pool, and expand to include an additional 64 high-speed modems. These additional and faster modems should consider- ably ease the burden that has been seen on the 346-6520 number. 2. The 346-1586 number goes away. These older, slower modems have be- come less useful over time. Users previ- ously operating at 14,400 and using the 346-1586 number might want to con- sider upgrading to the V.90 standard. New Modem Pool Configuration Modem Pool Number of Modems Modem Protocols Maximum Speed Services 346-6520 192 V.90, X2 57600 bps PPP w/ PAP, IP, IPX, AppleTalk V.34+, V.34, V.32bis ARA2, ARA3 V.42, V.42bis, MNP SLIP Terminal Emulation 346-3565 96 V.90, 56KFlex 57600 bps PPP w/ PAP, IP, IPX, AppleTalk V.34+, V.34, V.32bis ARA2, ARA3 V.42, V.42bis, MNP SLIP Terminal Emulation 346-5975 64 V.34+, V.34, V.32bis 33100 bps PPP w/ PAP, IP, IPX, AppleTalk V.42, V.42bis, MNP ARA2, ARA3 SLIP Terminal Emulation 4 computing news winter 1999 Who's Who at the Meet four more Computing Center staff members n By Vickie Nelson vmn@oregon.uoregon.edu This is the second in a continuing se- ries of profiles on Computing Center employees, introducing you to some of the people who work behind the scenes to facilitate your computing ex- perience on campus. Our winter issue focuses on some faces you may find familiar, as well as one that?s relatively new. You?ll probably recognize Lara Miyahira as the friendly face at the downstairs reception desk, and you may also have glimpsed both Dale Smith and Steve VanDevender, as they have been working here in various capacities since their student days. Noreen Hogan is a more recent addition to our staff, having joined the Center just a little over a year ago. Lara Miyahira Receptionist Business Services A familiar face with a new name, Lara started working at the Computing Center in 1995 as Lara Moore, and became Lara Miyahira last summer when she married her husband, Ryan. After growing up in Westford, Massachusetts, and beginning her college education at Johnson State College in Vermont, Lara followed the American tradition of moving west by transferring to the University of Oregon. Upon receiving her degree in Sociology at the UO, she decided to stay in Eugene. Lara first heard of the Computing Center from a colleague at Women- space, where she was working as a volunteer. Shortly thereafter, she applied for, and got, a job at the Center's downstairs reception desk. Now she handles general reception duties for the Computing Center: answering phones, directing people to the resources they need, and checking in tapes and equipment for repair. She also orders supplies, handles shipping and receiving, and creates BANNER account passwords. Jewelry-making, sewing, singing, hiking, and biking are among Lara?s major interests. She also continues to work at Womenspace, providing child care one evening a week. Adobe Acrobat 3.0 Available on DARKWING, GLADSTONE Create PDF Files for your Web Page By Hans Kuhn hak@oregon.uoregon.edu Now that Adobe Acrobat 3.0 has been installed on DARKWING and GLADSTONE, you?ll be able to easily translate your documents into Portable Document Format (PDF) for web publication. PDF is useful for distributing documents and forms with heavy formatting and graphics because the document will look the same on all computer platforms, provided the viewer has installed the Acrobat Reader client. Acrobat Reader is n available free from Adobe?s web site at http://www.adobe.com/ Acrobat?s main components are Acrobat Distiller (distill) and Exchange (acroexch). Distiller converts Postscript files to PDF, while Exchange allows you to add hypertext links, rearrange pages, and perform other editorial changes to PDF documents. How to Use Acrobat 3.0 Converting a Postscript file to PDF format is simple. For example, to con- vert a Postscript file named ?inputfile.ps? to PDF, you?d type % distill inputfile.ps at the % prompt. Acrobat then automati- cally performs the conversion for you. The first time you distill a document, you?ll be asked whether you want to use the new features available in Acrobat 3.0. Your answer is saved in a preference file so you won?t have to answer this question every time you use Distiller. However, if you wish, you can always override this setting by using command line options. To see a summary of individual com- mand options, type the command fol- lowed by the phrase ?-help-all,? e.g., % distill -help all Need More Information? Complete documentation on PDF file conversion is available on the web in PDF format at http://www.uoregon.edu/acrobat/ If you have questions about Acrobat, feel free to contact Hans Kuhn (hak@oregon.uoregon.edu, 346-1714). 5computing news winter 1999 Noreen Hogan Systems Analyst Auxiliary Services Born on the outskirts of London, Noreen arrived in the U.S. with her family when she was three. She received a degree in General Science from the UO, worked for several years for Alpha Health Care, a medical and dental software company, and then took a year off to complete her Computer Programming degree at Lane Community College. Since coming to the Computing Center in July 1997, Noreen has been heavily involved with the BANNER Graphical User Interface (GUI). She provides NT administration and support for people who currently use BANNER GUI, and has created a web page providing the program and instructions for installing it. (The old character-mode access to BANNER will be phased out by September 1999.) Noreen also provides programming and support for the Financial Information System (FIS) and Human Resources Information System (HRIS) data warehouses. When she's not working here or on her home network, Noreen can often be found hiking or out on the river flyfishing with her husband in their driftboat. Dale Smith Assistant Director for Network Services Dale Smith's career at the Computing Center stretches all the way back to December 1977 and his days as a student system programmer on the PDP 10. By theblank time Dale graduated in 1980, he was taking care of the entire campus timesharingblank system. It was ?either hire me or turn it off,? he says with a laugh. Theblank Center hired him as a full-time systems programmer, a position he held for several years. In the late 80s Daleblank moved into Network Services, where he?s been ever since. Today, as head of Network Services, Dale says his prime responsibility is toblank make it possible for his staff to keep the campus network upblank and running. Dale also does high-level facilities design and works onblank special projects, such as the UO's impressive new scoreboard in Autzen stadium. Dale grew up in Seneca, a town of 200 in Eastern Oregon, so it's noblank surprise to hear he enjoys outdoor activities? including fishing, hiking,blank and camping?with his wife Leah and kids McKenzie, Samantha,blank Connie, and Chris. Computing Center Steve VanDevender Academic UNIX Systems Manager Computing Facilities Steve grew up in Junction City, Oregon, and earned a degree in Computer and Information Science from the UO. He began working at the Computing Center in 1985 as a student assistant and was one of the first employees of the old Microcomputer Purchase Program, which sold computer hardware and software at academic discount. After graduating from the UO, Steve worked as a programmer for Dynamix and as a system administrator for Eugene Free Net (EFN) and others. Steve started his current position at the Computing Center in June 1996. As an Academic UNIX Systems Manager, his primary responsibility is helping to keep DARKWING and GLADSTONE running, particularly in the areas of mail system management, security, and software installation. Steve says he enjoys the variety and challenge of working on such large systems. Swimming and skiing are among Steve?s favorite athletic pursuits. He continues to volunteer for EFN, teaches sit-skiing for Eugene?s Alpine Adventures adapted ski program, and serves on the City of Eugene?s Accessibility Committee. 6 computing news winter 1999 WINTER WORKSHOPS What is The IT Curriculum? ?IT? stands for Information Technology, and the Library and Computing Center are committed to making sure you have opportunities to build your technology skills. Want to learn how to publish a web page? How about find what you need on the ?net? Or just how to use that darned computer? We provide a full range of computer and Internet training, from novice to advanced skill levels. These workshops are free and open to currently enrolled students, as well as staff and faculty. No advance registration is necessary; just show up a few minutes before the scheduled start. All seating is available on a first-come, first-served basis. We do ask, however, that you meet the workshop prerequisites as stated in the description; otherwise, you may be asked to relinquish your place. If fewer than five people are present ten minutes after the scheduled start, the workshop may be canceled or rescheduled at the discretion of the instructor. This publication will be made available in accessible formats upon request to the Office of Library Instruction, 346-1817. Requests for accommodations related to disability should be made to Jon Cawthorne (346-1897) at least one week in advance of the workshop. Workshop Day/Date Time Location Presenter This schedule is subject to change.See http://libweb.uoregon.edu/it/ for course outlines/materials and the most current information. Computer Operating Systems Basic UNIX (http://www.uoregon.edu/~hak/unix-ws.html) - 4 Prerequisites 8 Mon Jan 18 11 - 11:50am EC Jaeggli Computer Software Applications Endnote/Procite: What Are These, and Why Should I Use Them? Mon Feb 15 3:30 - 4:50pm RSR Brownmiller, Lenn Tues Feb 16 3:30 - 4:50pm RSR Brownmiller, Lenn Using the Internet 1: Introduction to the World Wide Web Tue Jan 12 1 - 2:20pm EC Stark Wed Jan 20 10 - 11:20am EC Bennett Mon Jan 25 3 - 4:20pm EC Felsing 2: Beyond Just Surfing - 4 Prerequisites Thu Jan 21 1 - 2:20pm EC Darling, Frantz Wed Jan 27 3 - 4:20pm ITC Heinzkill Mon Feb 1 10 - 11:20am EC Ward 3: Power Web Searching - 4 Prerequisites Thu Jan 28 1 - 2:20pm EC Jenkins Wed Feb 3 3 - 4:20pm ITC Paynter Mon Feb 8 10 - 11:20am EC Paynter Electronic Communication Managing a Majordomo List (http://darkwing.uoregon.edu/~llynch/majordomo) Tue Jan 19 3 - 3:50pm EC Lynch Using MHonArc to Create a Web Archive for a Majordomo List (http://darkwing.uoregon.edu/~consult/deptcomp/) Tue Jan 26 3 - 3:50pm EC Lynch Procmail: Filtering Your Email - 4 Prerequisites 8 Tue Jan 26 2 - 2:50pm EC Kuhn Mon Feb 1 2 - 2:50pm ITC Kuhn * WORKSHOP LOCATION CODES * EC: Electronic Classroom (Windows) 144 Knight Library ITC: Macintosh Classroom 267B Knight Library RSR: Reed Seminar Room (Windows) 235 Knight Library 8 Requires an active account on DARKWING or GLADSTONE 7computing news winter 1999 WINTER WORKSHOPS Electronic Research Resources Database Concepts: Search Like a Pro! Thu Jan 14 1 - 2:20pm EC Frantz Janus: Access to the World Online Fri Jan 29 10 - 11:20am EC Chadwell Thu Feb 4 1 - 2:20pm EC Klos Tue Feb 9 3 - 4:20pm EC Esau Net a Job: Use the Web (Call the Career Center at 346-3235 to register for this workshop) Tue Feb 2 3 - 4:20pm EC Songer Wed Mar 3 3 - 4:20pm EC Songer PsycINFO Mon Jan 25 7 - 7:50pm EC Benedicto Tue Feb 9 7 - 7:50pm EC Benedicto Thu Feb 25 7 - 7:50pm EC Benedicto Publishing on the Web Introduction to Web Publishing (http://libweb.uoregon.edu/govdocs/webpub/) - 4 Prerequisites 8 Mon Jan 25 10 -11:50am EC Bell Thu Feb 11 1 - 2:50pm EC TD Smith, Sotak Intermediate Workshops in Web Publishing 1: More HTML (http://darkwing.uoregon.edu/~jqj/inter-pub/morehtml/) Wed Jan 27 2 - 3:50pm RSR Johnson 2: Images on Web Pages (http://darkwing.uoregon.edu/~jqj/inter-pub/images/) Wed Feb 3 2 - 3:50pm RSR Holman 3: Imagemaps & Access Counters (http://darkwing.uoregon.edu/~jqj/inter-pub/maps/) Wed Feb 10 2 - 3:50pm RSR Holman 4: Designing for the Web (http://darkwing.uoregon.edu/~cbell/design/) Wed Feb 17 2 - 3:50pm RSR Bell 5: HTML Tools and Tricks (http://darkwing.uoregon.edu/~jqj/inter-pub/debugging/) Wed Feb 24 2 - 3:50pm RSR Johnson 6: Organizing Your Web Site (http://libweb.uoregon.edu/govdocs/webpub/orgindex.html) Wed Mar 3 2 - 3:50pm RSR TD Smith Miscellaneous Workshops in Web Publishing Designing Web Access for Users w/Disabilities Mon Mar 1 3 - 4:50pm EC Bailey Workshop Day/Date Time Location Presenter Workshops Available on Video Looking for an alternative to the workshop format? The Computing Center Documents Room and Media Services in Knight Library have a growing collection of videos on using computers and computer software. You can use your UO picture ID to check out these videos, or schedule a viewing room in Media Services. For a list of available titles and descriptions, visit http://micro.uoregon.edu/workshops/ Call 346-4406 or 346-3091 for more information. * WORKSHOP LOCATION CODES * EC: Electronic Classroom (Windows) 144 Knight Library RSR: Reed Seminar Room (Windows) 235 Knight Library 8 Requires an active account on DARKWING or GLADSTONE 8 computing news winter 1999 Solve Complex Computations with UO's Beowulf Cluster By Hans Kuhn hak@oregon.uoregon.edu As the amount of material stored on web servers grows, the ability to per- form efficient and timely searches be- comes increasingly important. Most users are already familiar with the major web search engines like Alta Vista, Excite, and HotBot and general indexes like Yahoo. Some have even learned to use the arcane boolean syn- tax that most search engines employ. But few people have explored some of the more specialized features of stan- dard services like Alta Vista or the more exotic ?niche? services. Almost every service recognizes basic boolean search criteria like AND, OR, and NOT and many allow the use of " " (for a specific phrase), + (must include), and - (exclude). Each service has its own special features, so be sure to read the online help or explore the advanced search options. Alta Vista users (http://www.altavista.com) can significantly improve the quality of their web queries by spending a little time reading through the online help ( www.altavista.com/av/content/help.htm) and by learning to use special keywords to limit searches by host, URL, or even content type (applets, images, etc.). For explicit examples of limited searches, see the table on the facing page. Tips for More Effective Web Searches Even when using a highly refined query, the major search engines will often return far more information than the average user is willing to sort through. This is when you may want to turn to the niche market services. How to Find a Special Search Service: If you're looking for niche market ser- vice, a good starting point might be the All-in-One Search Page (http:// www.albany.net/allinone/), which pro- vides a sort of index of indexes. You'll also want to try Martindale?s ?The Reference Desk? (http://www- sci.lib.uci.edu/~martindale/Ref.html), which includes links to special tools like calculators and dictionaries. A few examples of niche services: ? FindLaw http://www.findlaw.com/ This site combines both a topical index and a range of targeted search services which allow the user to narrow a search to legal sites, mailing lists, or govern- ment documents. ? Northern Light http://www.northernlight.com/ This service is a hybrid, combining a classic web search with a for-pay search of over 4500 periodicals. One of the more interesting features is the use of ?custom folders,? which presort all of the links found into rough categories. ? Fast FTP Search http://ftpsearch.lycos.com/ One of the under-utilized capabilities of the web is the ability to transfer program files from remote locations. This service helps you locate files and provides the links to download files to your desktop. ? The Awesome Library http://www.awesomelibrary.org/ This site is a particularly good example of a growing trend: search engines that have been configured for use by children. Most searches will return a short list of links, but you can be con- fident that the content will be ?kid- safe.? The site also includes an index of other kid-safe search engines: http://www.awesomelibrary.org/ searchek.html ? Deja News http://www.dejanews.com/ If you?ve ever needed to use USENET news for a quick answer to a subject- specific question, you?ll love Deja News. A simple query here will search through several years' worth of mes- sages and you may find that someone else has already asked your question. ? Google http://www.google.com/ This service, originally developed at Stanford, tries to take the work out of formatting queries by making some as- sumptions about your key words. Google will give preference to a series of words found as a phrase, and assumes that every word is required. Note that Google orders hits hierarchically by the number of sites that link to each hit. ? The MetaCrawler http://www.metacrawler.com/ One of several meta search services, all of which query several popular ser- vices on your behalf and return a list extracted from the top 10 links from each service. This one is quick and dirty?you?ll get a short list of good matches, but you?ll miss the depth of material available. By Lucy Lynch llynch@darkwing.uoregon.edu n How to find what you're looking for quicker and more efficiently If you have a large, complex computa- tional problem to solve, you might be interested in the University of Oregon's Beowulf cluster. This parallel virtual supercomputer uses the network protocol PVM to pass instructions to a group of slave PCs. Currently, the Beowulf cluster has 18 Pentium Pro PCs, making it more powerful than DARKWING, GLADSTONE, and OREGON combined. The main difficulty in using a parallel supercomputer is the need to port source code to solve computations in parallel. Fortunately, advances in soft- ware (such as Paralogic's Bert77 pack- age) make this process much easier. To learn more about the UO's Beowulf computer, contact Hans Kuhn (hak@oregon.uoregon.edu) or visit http://limestone.uoregon.edu/beowulf/ 9computing news winter 1999 anchor:text Finds pages that contain the specified word or phrase in the text of a hyperlink. anchor:"Click here to visit AltaVista" would find pages with ?Click here to visit AltaVista? as a link. domain:domainname Finds pages within the specified domain. Use domain:de to find pages from Ger- many, or use domain:org to find pages from organizations. host:name Finds pages on a specific computer. The search host:altavista.digital.com would find pages on the AltaVista computer, and host:dilbert.unitedmedia.com would find pages on the computer called dilbert at unitedmedia.com. image:filename Finds pages with images having a specific filename. Use image:elvis to find pages with images called elvis. link:URLtext Finds pages with a link to a page with the specified URL text. Use link:altavista.digital.com to find all pages linking to AltaVista. text:text Finds pages that contain the specified text in any part of the page other than an image tag, link, or URL. The search text:cow9 would find all pages with the term cow9 in them. title:text Finds pages that contain the specified word or phrase in the page title (which appears in the title bar of most browsers). The search title:Elvis would find pages with Elvis in the title. url:text Finds pages with a specific word or phrase in the URL. Use url:altavista to find all pages on all servers that have the word altavista in the host name, path, or filename? the complete URL, in other words. Examples of Limited Searches in AltaVista By Don Gathers dgathers@network-services.uoregon.edu Recently, many campus administrators have been asking how much longer the ccMail system will continue to run. The plan is as follows: As of July 1, 1999, the ccMail routers will be shut down perma- nently. By that time, all UO departments should have a new system in place for sending and receiving electronic mail. No mail will be delivered to the indivi- dual post offices starting July 1. The main post office running on Zeus and the ccMail gateway will continue to run until they die a slow death on January 1, 2000. This means that for the period from July 1 to December 31, 1999, the ccMail system will not be operational but will continue to forward mail for those users who have had an alias created on the hub post office. After December 31, 1999, mail sent to users@ccmail.uoregon.edu will bounce. Many departments have already fin- ished their email migration and oth- ers are near completion. This announce- ment should give those of you who are still working on a solution a time- line so that you can better plan and implement a migration strategy. If you have questions regarding the final days of ccMail, contact network engineer Don Gathers (346-4316; dgathers@network-services.uoregon.edu) What's ccMail's Life Expectancy? The Lundquist College of Business re- cently purchased access to the Wharton Research Data Service, which supplies access to such vital tools for financial and economic research as the Compustat and CRSP datasets. UO faculty, Ph.D. candidates, and in- structors can request access to the WRDS system for research and/or student use via a web page at http://wrdsx.wharton.upenn.edu/ If you have problems accessing WRDS, send email to Mick Westrick: westrick@oregon.uoregon.edu Address questions about database con- tent to John Chalmers: jchalmer@oregon.uoregon.edu Financial Research Data Service Available Keyword Function 10 computing news winter 1999 By Hervey Allen Microcomputer Support Specialist, Computing Center hervey@oregon.uoregon.edu Looking for a Great Stand- After having tested and used several of the current popular WYSIWYG (What You See Is What You Get) HTML editors, Microcomputer Services' staff chose Macromedia's Dreamweaver to create its web site at micro.uoregon.edu. Here are some of the questions we asked ourselves when evaluating a WYSIWYG HTML editor: ? is it available on both the Mac and PC? ? is it stable on both platforms? ? does it have robust upload and download features? ? can it display web pages and all images in WYSIWYG format without extra effort? ? does it leave previously created HTML alone? Of all the products described in this article, Dreamweaver emerged the clear winner when measured against these criteria. Below we review a few of the relative merits and peculiarities of Dreamweaver and some of the more popular products available today? GoLive Cyberstudio 3.1, NetObjects Fusion 3.0, FrontPage Express, Claris Home Page 3.0, and Netscape Com- poser. Keep in mind that all these prod- ucts undergo constant revision, so by the time you read this, newer versions may already be available Macromedia Dreamweaver 2.0 Availability. Dreamweaver 2.0 is avail- able for both the Mac and PC. Only Netscape and NetObjects Fusion can say the same of equivalent versions of their products. If you'd like to try Dreamweaver, a demo of version 1.2 is available on the 1998 Duckware CD-ROM. Stability. Dreamweaver is more stable than GoLive CyberStudio on the Mac. (Dreamweaver 1.2 doesn't crash on the PC, but it definitely had a memory leak. We have not determined if this has been resolved in version 2.0.) The program slowed down with very large documents. Still, for almost all our documents this is not a problem. FTP. The FTP client included with Dreamweaver is great. The one included on the Mac version is the only FTP client we've seen that can download large directory structures from UNIX machines to the Mac. Anarchie (older versions) and Fetch (all versions) often fail if you attempt to download many directories and hundreds of files, which is what we needed to do with the micro.uoregon.edu site. Dreamweaver handles this with no problems. Another nice feature of Dreamweaver's FTP client is its interface. To upload or download a file, you simply drag your file(s)?or an entire directory struc- ture?between two windows. (A quick aside: Dreamweaver, including version 2, will not connect with VMS machines (e.g., OREGON and DONALD) as it doesn't support FTP service with the VMS op- erating system.) Display. We particularly wanted an editor that would let us replicate the directory structure on the web server on our local hard drives, tell the editor the location of the ?root? directory of our site, and then display files and all associated graphics without any com- plicated code changes. Dreamweaver does this by default and it does it very well. This makes Dreamweaver incred- ibly useful if you already have a web site that you want to update quickly. Dreamweaver does ?fix? your code if it finds errors, but it appears to do a very good job of this. Dreamweaver will only adjust improperly nested, closed, or extra tags, and you have the option of displaying each change it's going to make. You also have the option of turning off code "fixing," if you prefer. While all HTML editors generate er- roneous code from time to time, the code generated by Dreamweaver is quite clean and only rarely includes errors. If it does have errors, they're not com- mon code sequences and you can readily correct them via quick access to the HTML code. Some Dreamweaver Hints Dreamweaver will close all ?

? (para- graph) HTML statements with a ?

? (end paragraph) statement. While this is structurally correct, it can be annoy- ing because you'll always have an ex- tra line at the end of each paragraph and at the bottom of your files. (How- ever, most other WYSIWYG HTML editors do the same thing.) You can adjust this by editing the code directly. Line endings on DARKWING and GLAD- STONE. If you're using Dreamweaver with DARKWING or GLADSTONE, note that these machines run UNIX for their operating system. By default, Dream- weaver 1.2 will upload your HTML files using either Mac or PC end-of- line conventions. While your pages will still load correctly, the actual HTML code does not have the correct line endings if you look at your files on DARKWING or GLADSTONE. To get around this, tell Dreamweaver to always use the UNIX "end-of-line" for- mat. Open Dreamweaver's Edit menu, choose Preferences, and then select Source Format. In the pop-up menu, set the ?end-of-line? option to ?UNIX (LF).? Do this before you upload any files to a UNIX-based Web server. GoLive CyberStudio 3.1 This product ran a close second to Dreamweaver, but it had a few limita- tions that kept us from using it: ? It's only available for the Mac. For our group this was a critical short- coming. But if you use a Mac, this may be an excellent choice for you. If you'd like to try out the product, a 20-day demo is available on the 1998 CD-ROM. Try Macromedia's 11computing news winter 1999 alone HTML Editor? Dreamweaver ? The included FTP client is good, but not as stable as Dreamweaver's ? It adjusts your HTML code a little too much for our taste. While this doesn't cause too many problems, if you've already written a web page, GoLive will update your code as it sees fit. This includes indenting text, adding META tags, and making ?corrections? to some code. ? The interface to this product was somewhat confusing. It's not easy to set up a mirror of a web site on your hard drive and then open a page and see that page, including all downloaded, associated images. (This is what Dreamweaver excels at.) ? GoLive crashed more often than Dreamweaver, our number one choice. NetObjects Fusion 3.0 NetObjects is a product aimed at the business user who wants to create a web site from the ground up. If you've already created a web site, we don't recommend using this product. (Note that NetObjects version 3.0 is available for both Mac and Windows.) Some of the specifics that kept us from using this product included: ? If you download your preexist- ing site for use with NetObjects, the entire site is saved in a propri- etary database format that you can't edit directly. ? When we downloaded our preex- isting micro.uoregon.edu site and opened it using NetObjects Fusion we saw extensive changes to our code. Still, if you're starting from scratch and want a site created ?out of the box,? this product may work well for you. ? Some users have complained that sites created with NetObjects Fusion have a certain ?look? to them that's particular to the prod- uct. While this look is quite profes- sional, it may not be as original as you'd like. This can, of course, be changed by adding your own im- ages, icons, and layouts. FrontPage Express Actually, FrontPage comes in three fla- vors: FrontPage 98, FrontPage 1.0 for the Macintosh (both commercial prod- ucts), and FrontPage Express, which is included free with Internet Explorer version 4 for Windows 95/98 and Win- dows NT 4.0. (Note that FrontPage Ex- press is not available for the Mac, Win- dows 3.1, or Windows NT 3.51.) FrontPage 2000 is currently in development. This product has some excellent fea- tures?not the least of which is that it's free?but it also has some serious flaws. One thing to watch out for: if you use the product to update a web site from two places (say, work and home) you can lose data if you allow FrontPage to ?update site? instead of updating the individual file you're working on. For example, suppose you updated one file at work and later updated a differ- ent version of the same file at home. If you then opted to have FrontPage up- date your entire web site, the editor would replace your updated file from work with an older version of the file at home. Confusing? Yes, and that's why this should never be a default feature in a product like FrontPage. Unfortunately, Microcomputer Services has seen a number of Microsoft Products that have excellent feature sets but include default settings that cause no end of problems for the user. This is true of the Microsoft Outlook Express products as well. We sincerely hope that Microsoft will listen to user feedback and update these products accordingly. If you use FrontPage at the UO you'll need to upload and download files using the FTP protocol. If you use DARKWING or GLADSTONE, FrontPage should correctly detect this when you start to upload your first file. By de- fault, Microsoft wants system admin- istrators to run FrontPage extensions on their operating systems (i.e., addi- tions to large systems like DARKWING and GLADSTONE) to allow the FrontPage prod- uct to work to its full ability. Unfortu- nately, Microsoft doesn't publish the source code for these extensions. This means that if they cause problems or compromise security there's no way for a system administrator to update them. In addition to these issues, there were a few more that kept us from choosing FrontPage for the micro.uoregon.edu web site. Still, if you use the product and are aware of its limitations, it can work well for you. To summarize, we didn't choose FrontPage for the following reasons: ? Default settings can cause pos- sible data loss. With a large site like micro.uoregon.edu this was not ac- ceptable. ? The product is not uniformly available on both the Mac and PC (i.e., versions differ). ? FrontPage edits your code in ways we did not like. ? To utilize the full features of FrontPage you must run proprietary Microsoft FrontPage extensions on your web server. For large systems like GLADSTONE and DARKWING this is not an option, as Microsoft doesn't make the source code available for these extensions. (To give you an ex- ample of why this is so important: GLADSTONE has over 15,000 user ac- counts. If a single product, such as FrontPage, were to bring down a ma- chine serving this large a community, it could create havoc.) Claris Home Page 3.0 There is a group of HTML WYSIWYG editors that are less expensive and in- clude free-trial versions that you can use. One of the most popular of these is Claris Home Page 3.0, which is available for both the Mac and PC. (You can get Claris Home Page from the 1998 Duckware CD-ROM.) 12 computing news winter 1999 This product can work if you're a be- ginning web publisher and you haven't already created web pages. In fact, this product is probably the most intuitive and easiest to use of all those cited here. This is directly attributable to the fact that Claris Home Page 3.0 has less features than the other products, mak- ing it less confusing to use. One caveat: if you've already created a page and are planning to open it using Home Page, be absolutely certain that you have a backup copy of your file. In some cases we have seen Claris Home Page actually remove large sections of HTML code from previously created files. This is equivalent to losing a big chunk of your work if you save the changed file. Remember, for new web publishers, this product can work well. For ad- vanced users or for those who already have a site, like micro.uoregon.edu, it's not recommended for the follow- ing reasons: ? Pages that include nested tables don't open correctly. In numerous cases, Claris Home Page removed much of the file's original HTML code. ? Claris Home Page will ?update? your code while you open a file. Of- ten the code it generates is usable but very messy. ? Some web browsers had problems reading Claris-generated code (espe- cially nested or precisely formatted tables). ? Home Page lacked features that we found useful. Netscape Composer This is the web editor included with Netscape Communicator. We tested the version of Composer included with Netscape Communicator 4.06. Communi- cator 4.5 is currently available for Power Macintosh, Windows 95/98, and Win- dows NT 4.0. Version 4.07 of Commun- icator is available for 68K Macintosh and Windows 3.1 users. Overall, Netscape Composer works rea- sonably well for basic web pages. The code it generates has improved greatly and is generally acceptable. But for advanced web publishing or editing existing web pages, we don't recom- mend this product. One of the major problems we encoun- tered with Composer is publishing pages on the web. Once you've finished cre- ating your page you must publish it on the server where it will reside. Most products will allow you do this using either FTP or HTTP Push (the latter is not supported at the UO for security reasons). While Composer allows this, its inter- face is very counter-intuitive. In fact, version 4.0x required that you enter the absolute directory path to your files on DARKWING or GLADSTONE to publish a page. In nontechnical terms, this meant that you had to log in on DARKWING or GLADSTONE, type the command ?pwd? to see where your files resided on these machines, and then type this exact di- rectory path in Composer's ?Publish? dialogue to upload your files. Because user accounts move to differ- ent locations from time to time, Composer's publishing requirement could paralyze your uploads until you logged back in, used "pwd" again, and updated your directory path in Composer. These are all details that should be hidden from the end user? and can be if the product works cor- rectly. In short, Composer works well for ba- sic files, but isn't sufficiently robust to use with larger web sites. Composer also makes it very difficult to publish your web pages once they're com- pleted. Conclusion As noted, most of the WYSIWYG HTML products listed here may work well for your particular situation. Still, after having used and tested these products, we prefer Dreamweaver over the others for its rich feature set, ease of use, and good behavior when open- ing previously created files and pub- lishing HTML files. For the beginner, Dreamweaver may seem a bit confusing at first. Still, once the basic concepts are understood this product is very powerful and can in- crease productivity dramatically. We have found that we can implement new web pages much faster than we did previously when we used prod- ucts such as straight FTP, BBEdit on the Mac (still this author's favorite text editor), emacs with UNIX, etc. Dreamweaver's newest version, 2.0, has a considerable list of improvements, including some new site management features that appear very promising. To learn more, see http://www.macromedia.com/software/ dreamweaver/productinfo/newfeatures/ HTML Editors, continued? Do you have video content you'd like to share with the campus community? Perhaps you have student-produced videos, tape from an overseas sabbati- cal, or videotaped lectures you'd like to be able to rebroadcast for class mem- bers to watch. IP/TV Broadcast Opportunity for UO Faculty If so, the Computing Center would be glad to broadcast those videos for you on UOnet via IP/TV. Just leave your VHS cassette with Vickie Nelson in the Computing Center Documents Room (Room 205), and we?ll do the rest. (Note that we cannot rebroadcast copywritten tapes without written permission from the copyright holder, and we reserve the right to schedule, limit, or decline any submission.) 13computing news winter 1999 1900-A West 7th Avenue Eugene, OR 97402 541-343-0303 QUALITY Have you tried a remanufactured car- tridge lately? Over the past few years, the science of rebuilding cartridges for laser printers, fax machines and small copiers has improved dramatically. In fact, independent studies now show that many remanufactured cartridges are higher quality than new ones. At Office Imaging, we pride ourselves on having the best cartridges in the industry. Every component of every cartridge is tested, inspected, and re- placed as needed with higher quality parts than the originals. The result is a cartridge that produces top quality text and graphics that's as good, or better, than originally-manufactured car- tridges! Before you Buy Your Next Toner Cartridge, Take a Look at the Benefits of Ours Call today and Office Imaging will provide one of our premium toner car- tridges for a free 30-day trial! When you are satisfied, you pay only 1/2 price for the trial cartridge or return it and owe nothing. Limit 1 per customer RELIABILITY Many people believe that buying a recycled toner cartridge is a gamble. In the past that may have been true be- cause many components were not available to replace wearable parts, making it difficult to produce a reli- able cartridge. That's not the case any longer. Office Imaging can replace every wearable part to make our pre- mium remanufactured products as trouble-free as the originals. When you put a cartridge in your ma- chine, you expect great results for the life of the cartridge. With our toner cartridges, that's just what you'll get - cartridges that work the first time, ev- ery time, Guaranteed! Try one today! CALL FOR A NO-RISK 30-DAY TRIAL TODAY With the arrival of a new disk that brings the proxy cache up to 6GB, the UOblank campus web proxy server, proxy.uoregon.edu, is better able than ever to serve an increased number of users. Proxy serversblank speed up access to web-based resources by locally storing copies ofblank frequently- accessed web sites. After a web page is first viewed, users don?t have to wait for it to load from a very remote or slow web server. Instead, the web page is served from the local proxy cache to all users who request that page, resulting in much faster page views.blank blank For more information on proxy server enhancements, see http://proxy.uoregon.edu Web Proxy Server Update A new disk gives yet another performance boost to the campus web proxy server By Joel Jaeggli joelja@darkwing.uoregon.edu n SP4 Released for Windows NT 4.0 Microsoft has released Service Pack 4 (SP4) for Windows NT 4.0, incorporat- ing all post-SP3 hotfixes plus patches for numerous bugs, including fixes for a number of security vulnerabilities. You can obtain and install SP4 from http://www.microsoft.com/support/ winnt/default.htm As always, before installing the new service pack, be sure you have a clean backup in case you run into unexpected difficulties. Note also that an excellent summary of post-SP4 hotfixes is available at http://www.conitech.com/windows/ nt4sp4.html 14 computing news winter 1999 ?a new column designed to share the lessons learned from the UO School of Law computer requirement and the use of technology in enhancing an academic curriculum research. Our students have a wealth of technological skills. The real challenge we now face at the School of Law is how to use current and emerging technologies to enhance the legal education of our students. We also need to identify the obstacles we must overcome before we can offer a substantive technology-rich education. Faculty and staff need access to tech- nology and need to be trained to ap- ply that technology to their courses. Classrooms need adequate infrastruc- ture, including power, networking, and multimedia equipment. And com- puter support staff need to be avail- able to make it all work. Ultimately, it must be the faculty and staff who drive the computer require- ment for the School of Law. Encour- aging students to purchase notebook computers is just one aspect of the computer requirement. An even more important aspect is encouraging faculty to enrich their teaching with technology. What does this mean? The answer de- pends upon the faculty member, the material, and the students. Active dis- cussions over email, extensive web sites filled with lecture materials, sup- plemental information, online exer- cises and assignments, the use of Power- Point and other presentation software to deliver class materials, and collabo- ration with other faculty using web- based tools are just a few possibilities. Our next task is to build on the efforts of the faculty and staff currently utilizing technology as a learning tool and develop a technologically en- hanced academic curriculum for the entire school. This is the challenge of the School of Law computer require- ment: to go beyond the basics of using technology as simply an alternative to notepad and pen and foster an environment where innovation in teaching and learning is a reality. Required by Law? n By Matthew Latterell Assistant Dean, Educational and Information Technology UO School of Law Law students are trained to argue, debate and question assumptions. Since its inception, the notebook computer requirement at the School of Law has generated an often very heated conversation among our students. If there were suddenly no injustice in the world against which to fight, Law students would still be able to complain about their computers. And not without good reason. Strong- ly encouraging incoming students to purchase a notebook computer package with the promise that a notebook computer is vital to a legal education at the UO is one thing? living up to that promise is another. The UO School of Law aspires to provide students with both a technological education as well as an education enhanced through the use of technology. The former includes providing training on current tools and technologies, such as learning good word processing, database, web browsing and email skills. This requires a commitment of staff, equip- ment, repair services, and facilities. Students at the Law School are already incredibly active computer users. Email is a primary means of communication, computers are used regularly in class to take notes (and, recently, to take exams), and online legal resources are used daily for academic and post-graduate Many campus departments have web pages stored onblank DARKWING. It?s now possible to add a virtual web host pointing at those pages, a tactic which can make site addresses easier to remember. For example, if the URL for your de- partment?s web page is current- lyblank something http://darkwing.uoregon.edu/~german you can request that Computing Center Systems staff create a virtual host for this page with a less cumbersome address, such as http://german.uoregon.edu Who May Create a Virtual Host? Keep in mind that this serviceblank is available only to colleges and departments and campus institutes and centers, not toblank individuals. The virtual host would be pointed at your current documentblank root (i.e., the public_html directory in the home directory of your organization account). Virtual host names may not already be otherwise registered, and they must be descriptive. Quota restrictions still apply. Note: Web virtual hosts are not available on GLADSTONE at this time, and virtual hosts may only be used for World Wide Web URLs, not for email addresses or other purposes. Need More Information? For more informationblank on creating a virtual host for a DARKWING account, email consult@darkwing.uoregon.edu Campus Departments May Benefit from Web Virtual Host By Joel Jaeggli joelja@darkwing.uoregon.edu Editor?s Note: Formerly a consultant with the Computing Center?s Micro- computer Services, Matthew Latterell joined the staff of the Law School last fall. 15computing news winter 1999 16 computing news winter 1999 In recent months, UNIX system administrators at the university have seen an upsurge in hacker/crackers targeting UO systems for break-ins and abuse. If a system you manage gets violated, here are some basic steps you?ll want to take: I. Report the Incident The first thing to do is report the violation. There are several organiza- tions you may need to contact, such as ? Network Services (Computing Center) ? law enforcement authorities ? Computer Emergency Response Team (CERT) ? other system administrators and users who may have been affected Suggestions for action and referrals to other information sources are given below. 1. Network Services Assuming the computer crime occurred on a system connected to UOnet, report the incident to Network Services at abuse@uoregon.edu or call 346-4395. Be careful NOT to send mail to the usual Network Services address (nethelp@ns.uoregon.edu), as that alias is widely distributed and is also the gateway to USENET News. This means hackers may routinely monitor that traffic. Do not report the incident using email from the system you believe was compromised, since email on that system may be monitored or interfered with by the intruder. If you forward mail to the compromised system from another system (such as DARKWING), you should also turn off forwarding until the compromised system has been fixed. 2. Law Enforcement Computer crimes, like any other crime, should be reported to appropriate law enforcement authorities. However, you should be aware that once you do, you will become a de facto agent of law enforcement and will be less free to gather information from users? ac- counts because of legal privacy issues. It?s best to gather as much evidence as possible before contacting law enforce- ment agencies. That said, the primary reason for con- tacting law enforcement early on is to determine what, if any, evidence they?d like to collect from your system, and whether they?d be interested in using your system in an effort to catch an intruder in the act. Federal authorities: If the crime was perpetrated from a system outside Oregon, federal authorities will have jurisdiction over the incident, given the definition of ?Federal interest com- puters? appearing at 18 USC 1030 (e) (2). See http://www.law.cornell.edu/ uscode/18/1030.shtml as well as other applicable statutes. Practically speaking, it is unlikely Fed- eral law enforcement officials will be interested in minor security incidents, but all major computing incidents (es- pecially all incidents involving a Fed- eral interest computer and significant out-of-pocket financial losses) should be reported. Local authorities: If a computer incident is not of interest to federal law enforcement authorities, it?s possible that the Oregon State Police, the Eugene Police Department, or UO Campus Security may want to pursue the matter. 3. CERT All computer crimes meeting at least the minimum definition of computer incidents should also be reported to CERT, the Computer Emergency Re- sponse Team. For more information on reporting to CERT, see http://www.cert.org/tech_tips/ incident_reporting.html 4. Others Who May be Affected The final reporting step is to contact other systems administrators and users who may be affected by the host compromise. For example, if you discover logs from network-monitoring software that include usernames and passwords for other hosts, the administrators of those hosts need to be notified. Likewise, if your logs include an indication of where an attack originated, you?ll need to contact the administrators of that host, as they may also have a security breach. Preserve the Evidence If authorities do want to gather evi- dence from your system, be prepared for any one of the following scenarios: ? they may ask you to remove one or more system disks for further investigation or for use as evidence (which means you?ll need to replace them with new units) ? they may ask you to do a complete backup of the system to tape ? they may ask you to save/print copies of relevant log files II. Take Steps to Recover After you?ve reported the break-in to the proper authorities, take the follow- ing steps to recover: 1. Remove the system from the net- work. If law enforcement is not in- terested in using your system in an effort toblank catch an intruder in the act, the next step is to remove the compromisedblank system from the net- work so it cannot be used as a base from which to attackblank other systems. 2. Do a full backup for your own use. With the system removed from the network, do a full backup to local me- diablank for your own use. 3. Reinstall the operating system from original media.blank You should install the latest stable release of your operating systemblank from original media, i.e., from original CD-ROM. Until you do this, you blank cannot be sure that the operating System Administrators: What to Do n 17computing news winter 1999 system running on the com- promisedblank system hasn't been modi- fied to defeat system security features or to blank provide the hackers/crackers with a ?back door? to that host. 4. Apply all recommended operating system patches. blank You should also apply all vendor-recommended operating system patchesblank applicable to the release you've just reinstalled. If you fail to do this, the intruder may be able to exploit a known vulnerabilityblank to recrack your system as soon as it comes back up on the network. 5. Change the passwords on all accounts. You need to assume that all accounts on your system have also beenblank compromised, and you must assign and securely distribute new passwordsblank for all those accounts. Yes, this is a pain. Yes, users will be un- happy,blank at least until you explain why it is necessary. Be sure to check that no ?extra?/unauthorized accounts have been created, and that all accountsblank which may be created by default during the installation process are secured by passwords or removed if unneeded. blank 6. Check for setuid files or other con- figuration problems. You should also use the Cops program to check for setuid files (files installed soblank that they can be run with special permissions/ special access) and blank other system con- figuration vulnerabilities. Cops is avail- able from ftp://ftp.cert.org/pub/tools/cops/ The presence of executable files in unexpected places should also beblank investigated and resolved. blank III. Harden the System Next, you?ll need to take some steps to ?harden the system? against further break-ins: 1. Disable all unneeded services. Dis- able all unneeded Internet services running on your system. For example,blank if you aren't using NFS to share files, don't run NFS by default. If you blank aren't actively using/encourag- ing the use of finger, don't enable it by default (and give strong consideration to disabling Telnet in favor of ssh blankif possible?see below.) 2. Install TCP Wrappers. Installation of TCP Wrappers will improve log- ging and your ability to blockblank attempts to hack/crack your system. TCP Wrap- pers are available from ftp://ftp.cert.org/pub/tools/tcp_wrappers/ blank 3. Install sshd and disable telnetd, pop, and ftpd. Because transmission of unencrypted passwords over the network is suchblank a significant vulner- ability, give strong consideration to installingblank sshd and disabling telnetd and ftpd so passwords won't be trans- mittedblank in plain text when you log in or transfer files. sshd is available fromblankhttp://www.ssh.org/ A free ssh client for PCs running Win- dows 95/NT is included on this year's Duckware CD-ROM;blank pointers to com- mercial ssh clients for the PC and the Mac are available blank from the ssh.org site mentioned above. 4. Install tripwire so that you will know if crucial files have been changed. Installation of tripwire will let you know if crucial system files have beenblank modified without authori- zation. Tripwire is available fromblank blank ftp://ftp.cert.org/pub/tools/tripwire/blank 5. Install anti-relay/anti-spam sendmail rulesets. To prevent your system from being abused by spammers, modify your sendmailblank installation to use anti- relay and anti-spam sendmail rulesets. See:blank blank http://www.sendmail.org/tips/relaying htmlblank http://maps.vix.com/ blank 6. Reinstall all application software from original media. Just as your op- erating system was rendered untrust- worthy when your systemblank was com- promised, all of your applications also immediately became suspect. You need to reinstall them from scratch unless youblank are able to verify their in- tegrity (? la tripwire checksums). blank 7. Request installation of a switched network port. Multiuser systems and network servers should also be run from a switchedblank network port, rather than from a normal shared network port, to further blank reduce or eliminate packet sniff- ing opportunities. In many buildings, switched 100 Mbps (fast ethernet) ser- vice is available from Network Servicesblank for a one-time charge of $250/ port. This is a particularly good idea in labs, where public access (including the ability to potentially installblank a sniffer on a lab machine) is a given. Finally, take preventative measures to assure you?ll be less vulnerable in future: 1. CERT Mailing List If you are responsible for the adminis- tration of a system, subscribe to the CERT Advisory Mailing List. Seeblank http://www.cert.org/contact_cert/ certmaillist.htmlblank 2. Bugtraq Another excellent mailing list for sys- tem administrators is Bugtraq. See http://www.cert.org/other_sources/ usenet.htmlblank blank 3. Vendor Mailing Lists/Security Web Sites. You should also investigate whether your operating system vendorblank offers a security mailing list or has a security web site, or if there isblank a USENET News group discussing se- curity or system administration issuesblank for your operating system.blank 4. Watch your system?s logs and load.blank The final and most important step is to check your system?s logs regularly and monitor its load. (Automating system log checks via a semi-intelligent log parser would in- crease chances of detecting unauth- orized activities on the system.) Know what?s normal for your system and investigate unusual behavior, particularlyblank unusual behavior occur- ring at odd times or from odd places. Be proactive if you notice any unex- pected jobs running. if Your System is Hacked/Cracked IV. Increase Your Awareness 18 computing news winter 1999 The University of Oregon is in the process of connecting to Abilene/ Internet 2 via two new packet over SONET (POS) OC3c (155Mbps) circuits, one going to Sacramento, California, and the other to Denver, Colorado. These new high-performance connec- tions were made possible by a $350,000 National Science Foundation award made this October to Provost John Mosely, Computing Center Director Joanne Hugi, Professor Greg Bothun of Physics, and Dave Meyer of the Com- puting Center's Advanced Network Technology Center, along with gener- ous financial support from the Oregon University System and networking equipment vendor Cisco Systems, Inc. The two new circuits , each running at a hundred times the speed of an ISP's typical T1 connection (1.55 Mbps), will enable UO scientists to collaborate with colleagues across the country on here- tofore-impossible high-performance computing projects, while also en- abling general university-wide access to Internet 2 (I2), the new high speed/ restricted-access research and edu- cation network backbone. High-Performance Computing Projects Some of the specific high-perfor- mance computing projects enabled by I2 connections will include: ? Experimental high-energy physics focusing on the electroweak interac- tion and the weak decays of heavy quarks and experiments aimed at fully understanding the Z0 particle in conjunction with collaborators at SLAC, Yale, MIT, Washington, Co- lumbia, Fermilab, Rutherford Lab, CERN and others ? Gravitational radiation/laser inter- ferometer gravitational wave observa- tory (LIGO) in conjunction with the California Institute of Technology, MIT, Florida, Stanford and others. ? The formation and evolution of low surface brightness galaxies in the new connections will still be im- portant to you. Over 135 schools are currently I2 participants, including virtually all major Carnegie Research I institutions. As soon as I2 connectiv- ity is established at each of these sites, traffic between any of those sites and the UO will take place via I2's fast and uncongested connections. (A list of I2 institutions, by region, is shown at the bottom of page 19): How Can You Take Advantage of Internet 2? Routing of traffic between the UO and other I2 sites will automatically occur as I2 sites come up; you do not need to ex- plicitly request that your traffic be routed via I2?it will automatically hap- pen wherever feasible. On the other hand, if you want your application to take full advantage of the fast connec- tions between I2 sites, there are some things you may want to consider: ? Contact Your Colleagues at Other I2 Schools: To take advantage of I2's capabilities, you?ll naturally need to be working with peers at other I2- connected schools. If you?re not talking with them and working to identify projects where high band- width connections can be exploited, you?ll only see incidental benefit from the University's I2 connections. ? Learn About Optimizing Your Oper- ating System: The default configuration of your operating system will typically not be tailored to take full advantage of high-performance networks such as I2. To obtain sustained high throughput, you may need to tweak various OS ker- nel parameters. An excellent starting point for understanding this process is the document ?Enabling High Per- formance Data Transfers? (http:// www.psc.edu/networking/perf_tune.html ) ? Buy a switched hundred megabit connection to UOnet: If you?re plan- ning to use I2 extensively, it may be worthwhile to consider paying for switched hundred megabit service for the UO system(s) you'll be using. To understand why, consider that most campus connections are conventional ten megabit shared ethernet connec- By Joe St Sauver joe@oregon.uoregon.edu Even if you aren't doing cutting-edge scientific or computational research, the new connections will still be important to you collaboration with Arizona, Wash- ington, Groningen, and Cardiff ? Remote scientific instrument opera- tion, including remote observation at the Pine Mountain Observatory ? Tomographic imaging for ridge re- search and analysis with the Pacific Northwest Geodetic Array and Woods Hole ? Numerical modeling for geological and environmental sciences in col- laboration with UC Berkeley ? Crystallization, vesiculation and eruption of magmas ? Parallel computing tool develop- ment, parallel performance environ- ments, and parallel performance eval- uation and modeling (Para Ducks) ? Electronic courseware develop- ment and Java-based experiments ? Scalable multicast routing, includ- ing work on GUM (Grand Unified Multicast) ? IPv6 multicast routing, including implementation and deployment of PIM-DM for IPv6 with prune refresh ? Scalable differentiated service, in- cluding work on RSVP, wRED and ATM QoS ? Quality of service dynamic valida- tion qualifiers (The DARPA-funded Quorum ASSERT project) What Internet 2 Means for the Campus as a Whole Even if you aren't doing cutting-edge scientific or computational research, UO Connects to Internet 2 19computing news winter 1999 tions, which will limit your through- put (even under the best of possible circumstances) to no more than a 6 or 7 Mbps. A switched hundred connec- tion, on the other hand, will let you use more than 10 Mbps (though net- work traffic characteristics will prob- ably not result in throughput at the full nominal capacity of that circuit to remote destinations). Fast ethernet con- nections can be ordered from Network Services, where available, for a one-time charge of $250/each. West California Institute of Technology, Pasadena California State University System Oregon State University, Corvallis Stanford University, Palo Alto, CA Univ. of Alaska, Fairbanks Univ. of California, Berkeley Univ. of California, Davis Univ. of California, Irvine Univ. of California, Los Angeles Univ. of California Office of the President Univ. of California, San Diego Univ. of Hawaii, Manoa Univ. of Oregon, Eugene Univ. of Southern California, Los Angeles Univ. of Washington, Seattle Washington State University, Pullman Intermountain West Brigham Young Univ., Salt Lake City, UT Colorado State University, Fort Collins Montana State University, Bozeman Univ. of Colorado, Boulder Univ. of Colorado, Denver Univ. of Idaho, Moscow Univ. of Utah, Salt Lake City Univ. of Wyoming, Laramie Utah State University, Logan Southwest Arizona State University, Tempe New Mexico State University, Las Cruces Rice University, Houston, TX Southern Methodist Univ., Dallas, TX Texas A & M Univ., College Station Texas Tech University, Lubbock Univ. of Arizona, Tucson Univ. of Houston, TX Univ. of Nevada, Las Vegas Univ. of Nevada, Reno Univ. of New Mexico, Albuquerque Univ. of Texas, Austin Great Lakes Case Western Reserve Univ., Cleveland, OH Indiana University, Bloomington Kent State University, Kent, OH Michigan State University, East Lansing Northwestern University, Evanston, IL Ohio State University, Columbus Ohio University, Athens, OH Purdue University, West Lafayette, IN Univ. of Akron, OH Univ. of Chicago, IL Univ. of Cincinnati, Ohio Univ. of Illinois, Chicago Univ. of Illinois, Urbana-Champaign Univ. of Michigan, Ann Arbor Univ. of Minnesota, Twin Cities Univ. of Notre Dame, Notre Dame, IN Univ. of Wisconsin, Madison Univ. of Wisconsin, Milwaukee Great Plains Iowa State University, Ames Kansas State University, Manhattan North Dakota State University, Fargo Oklahoma State University, Stillwater Univ. of Iowa, Iowa City Univ. of Kansas, Lawrence Univ. of Nebraska, Lincoln Univ. of North Dakota, Grand Forks Univ. of Oklahoma, Norman Northeast Boston University, MA Brown University, Providence, RI Carnegie Mellon Univ., Pittsburgh, PA Columbia University, NY Cornell University, Ithaca, NY Dartmouth College, Hanover, NH Harvard University, Cambridge, MA Johns Hopkins University, Baltimore, MD Lehigh University, Bethlehem, PA MIT, Cambridge, MA New York University, NY Northeastern University, Boston, MA Pennsylvania State Univ., University Park Princeton University, Princeton, NJ RPI, Troy, NY Rutgers University, New Brunswick, NJ State Univ. of New York, Buffalo Syracuse University, Syracuse, NY Univ. of Connecticut, Storrs Univ. of Maine, Orono Univ. of Massachusetts, Amherst Univ. of New Hampshire, Durham Univ. of Pennsylvania, Philadelphia Univ. of Pittsburgh, PA Univ. of Rochester, Rochester, NY Univ. of Vermont, Burlington Internet 2 Institutions Worcester Polytechnic Inst., Worcester, MA Yale University, New Haven, CN Mid-Atlantic Duke Univ., Durham, NC Gallaudet Univ., Washington, DC George Mason University, Fairfax, VA George Washington Univ., Washington, DC Georgetown Univ., Washington, DC North Carolina State Univ., Raleigh, NC Old Dominion University, Norfolk, VA Univ. of Delaware, Newark Univ. of Maryland, Baltimore County Univ. of Maryland, College Park Univ. of North Carolina, Chapel Hill Univ. of Virginia, Charlottesville VA Commonwealth University, Richmond Virginia Polytechnic Univ., Blacksburg Wake Forest Univ., Winston-Salem, NC West Virginia University, Morgantown Midsouth Univ. of Kentucky, Lexington Univ. of Missouri, Columbia Univ. of Tennessee, Knoxville Vanderbilt University, Nashville, TN Washington University, Saint Louis, MO Southeast Auburn University, Alabama Clemson University, Clemson, SC Emory University, Atlanta, GA Florida A & M University, Tallahassee Florida Atlantic University, Boca Raton Florida International Univ., University Park (Miami-Dade) Florida State University, Tallahassee Georgia Inst. of Technology, Atlanta Georgia State University, Atlanta Louisiana State University, Baton Rouge Mississippi State Univ., Mississippi Tulane University, New Orleans, LA Univ. of Alabama, Birmingham Univ. of Alabama, Tuscaloosa Univ. of Arkansas, Fayetteville Univ. of Central Florida, Orlando Univ. of Florida, Gainesville Univ. of Georgia, Athens Univ. of Miami, Florida Univ. of Puerto Rico Univ. of South Carolina, Columbia Univ. of South Florida, Tampa ? Review Hardware Bottlenecks: In many cases, the biggest inhibitor of high-performance networking may be your disk I/O subsystem. If you plan to sustain high throughput transfers, multiple drives acting as a striped RAID-0 array (preferably serviced by a hardware RAID controller or mul- tiple wide or ultrawide SCSI control- lers) will probably be required. On most UNIX operating systems, iostat and sar will help you begin to identify I/O hardware bottlenecks. ? Learn More About High-Perfor- mance Networking: Some excellent information is available on the fol- lowing web pages: Internet 2: http://www.internet2.edu Abilene: http://www.ucaid.edu/abilene/ The vBNS: http://www.vbns.net/ NLANR: http://www.nlanr.net/ STAR TAP: http://www.startap.net/ CANARIE: High-Performance Network http://www.canarie.ca/frames/ startnetworks_e.html 20 computing news winter 1999 ? Internet 2 (I2) (http://www.internet2.edu): A new high-speed academic and re- search network connecting 135 lead- ing higher education institutions di- rectly or via a Gigapop. Gigapops and directly-connected I2 schools in- terconnect with each other via the vBNS or Abilene. ? vBNS (http://www.vbns.net): The Fed- eral Very High Speed Backbone Net- work Service, operated by MCI for the NSF/ANIR. A high-speed aca- demic and research network that predates Abilene. Most connections to it were at DS3 or OC3 speeds. ? Abilene (http://www.ucaid.edu/abilene): Another very high-speed academic and research network backbone, op- erated by Qwest in conjunction with Cisco and Nortel for UCAID. Con- nections to Abilene will be at OC3 or OC12 speeds. The UO will connect to it via two OC3 circuits. See http://boardwatch.internet.com/mag/98/jun/ bwm61.html ? NSF/ANIR (http://www.cise.nsf.gov/ ncri/index.html): The National Science Foundation?s Advanced Networking Infrastructure and Research Divi- sion, which approves institutions for connections to the vBNS and related federally authorized high-perfor- mance academic and research net- works like Abilene. ? UCAID (http://www.ucaid.edu/): Univer- sity Corporation for Advanced Internet Development, formed by I2 largely to facilitate deployment of Abilene. ? MCI (http://www.governmentmci.com/ mcigm/98/index.cfm): MCI Worldcom is a leading international telecommuni- cation provider, formed via the merger of Worldcom and MCI in September 1998. Cable and Wireless (CWIX: http://www.cw-usa.net/) pur- chased most of MCI?s Internet busi- ness in July 1998, excluding its vBNS and a few other governmental net- working programs. ? Qwest (http://www.qwest.com/): Tele- communication company that oper- ates the Abilene network. See http:// ? NGI (http://www.ngi.gov/): Next Gen- eration Internet. Umbrella name for all Federal high-speed networking initiatives. ? NCO (http://www.ccic.gov/): Nat?l Co- ordination Office for Computing, Infor- mation and Communications. Coordi- nates Federal high-performance com- puting and networking initiatives. ? DARPA ITO (http://www.darpa.mil/ito/ ResearchAreas.html): Defense Advanced Research Projects Agency Information Technology Office. Sponsors Supernet and many other high-performance networking and computing projects. ? Federal Mission Networks: Special- ized, limited-access, high-speed net- works deployed by individual Federal agencies in support of specific research programs or as a testbed for advanced technologies. Examples include - DREN (http://www.hpcm.dren.net/Htdocs/ DREN/): Defense Research & Engineering Network - ESNet (http://www.es.net/): Department of Energy?s Energy Sciences Net - NI (http://nic.nasa.gov/ni/): NASA Internet - NREN (http://www.nren.nasa.gov/): NASA Research & Engineering Network - Supernet (http://ale.east.isi.edu/NGI-S/): DARPA?s Next Generation Internet ? Supercomputer Centers: Federally- funded centers that initially provided impetus for deploying many high- speed networking initiatives: - NCAR (http://www.ncar.ucar.edu/): National Center for Atmospheric Research - NCSA (http://www.ncsa.uiuc.edu/): National Computational Science Alliance - PSC (http://www.psc.edu/): Pittsburgh Supercomputer Center - SDSC (http://www.sdsc.edu/): San Diego Supercomputer Center. See also the National Partnership for Advanced Computational Infrastructure (http://www.npaci.edu/) ? NSF specialized networking support centers: - CAIDA (http://www.caida.org/): Coopera- tive Association for Internet Data Analysis - NLANR (http://www.nlanr.net/): Nat?l Laboratory for Applied Network Research. Charged with providing technical, engineer- ing, and traffic analysis support of NSF High Performance Connections sites and HPNSP (high-performance network service providers) such as vBNS. NLANR projects include the development of Squid (http://squid.nlanr.net/), the leading web cache software product. - NSRC (http://www.nsrc.org/): Network Startup Resource Center, based at the UO. For the past decade, the NSRC has been involved in the deployment and integration of appro- priate networking technology in various projects throughout the world. - StarTap (http://www.startap.net/): Science, Technology and Research Transit Access Point, located in Chicago, where approved foreign high-performance research networks connect to their American counterparts, such as the vBNS. Participating foreign networks currently include Canarie (Canada), SingAREN (Singapore), Transpac (APAN/Ja- pan), MirNET (Russia), and TANet (Taiwan). ? ISOC (http://www.isoc.org/): A profes- sional membership society with over 100 organizational and 6,000 indi- vidual members in 100+ countries. A leader in addressing issues confront- ing the future of the Internet and a home to the groups responsible for Internet infrastructure standards, in- cluding the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB). ?IETF (http://www.ietf.org/: A large in- ternational community of network de- signers, operators, vendors, and re- searchers concerned with the evolu- tion and smooth operation of the Internet. Open to any individual. ? NANOG (http://www.nanog.org): North American Network Operators Group. An association of network service pro- viders and others interested in opera- tional details of national networks. To clarify the often cryptic acronyms and specialized terms associated with high-performance Networks/Organizations INTERNET 2 LINKS topic=connectivity&topic_set=newtechnology www.wired.com/wired/archive/6.05/qwest.html? 21computing news winter 1999 ? Wide area circuit speeds - DS0: 64 kilobits a second (about the speed of a fast dialup modem) - T1: 1.544 megabits a second (typical speed of a small/mid-sized ISP?s connection to the net) - DS3: 45 megabits a second (the speed of OSU?s vBNS connection) - OC3: 155 megabits a second (the UO will be connected to Abilene via two OC3 circuits) - OC12: 622 megabits a second (the speed of the highest speed national commodity net- work backbones) - OC48: 2.4 gigabits a second (the Abilene backbone speed at startup) - OC192: 9.6 gigabits a second (eventual speed of the Abilene backbone) - ethernet: 10 megabits/second (the speed of most UOnet connections) - fast ethernet: 100 megabits/second (the speed at which many campus servers connect to UOnet. Where available, individual users can purchase fast ethernet connects for $250 each) - gigabit ethernet: 1000 megabits/second (current speed of UOnet backbone) ? Shared/switched ethernet: - shared ethernet: traditionally, ethernet has been a shared media, with all users on a subnet sharing the bandwidth available on that circuit. Cost-effective, but a poor choice for high-performance connections. - switched ethernet: Connections that dedi- cate the full capacity of a connection to a par- ticular workstation or server, and limit the traffic sent to a particular host to traffic that is destined for, or coming from, that host. Switched ethernet is normally how high-per- formance systems will connect to UOnet. ? Half duplex/full duplex: - half duplex: on a half duplex connection, a connection talks or listens, but doesn?t do both at the same time. - full duplex: on a full duplex connection, a workstation or server can simultaneously transmit and receive data. ? FDDI: an older 100 megabit-per- second competitor to fast ethernet. See a comparison of FDDI and Fast Ethernet at http://www.cisco.com/warp/ public/729/c5000/swfet_wp.htm ? ATM: Asynchronous Transfer Mode. Circuit-switched (rather than packet- switched) network technology that chops data into 53 byte cells. Often used for wide-area high-performance connec- tivity. For an excellent ATM tutorial, see http://www.scan-technologies.com/tutorials/ ATM%20Tutorial.htm ? SONET (and Packet Over SONET): The alternative to ATM for wide-area, high-performance connectivity via Abi- lene, and the option the UO will be using. Quoting Cisco?s Packet Over SONET whitepaper: ?For expensive WAN links, Packet over SONET can provide as much as 25- to 30-percent higher throughput than Asynchronous Transfer Mode (ATM)-based networks. By transporting frames directly into the SONET/SDH payload, the overhead required in ATM cell header, IP over ATM encapsulation, and segmentation and reassembly (SAR) functionality is eliminated.? For the complete dis- cussion, see http://www.cisco.com/warp/ public/733/12000/gspos_an.htm A general SONET tutorial is avail- able at http://www.webproforum.com/ tektronix/index.html ? WDM/DWDM: Wave Division Multiplexing/Dense Wave Division Multiplexing. The underlying technol- ogy allowing carriers with existing fi- ber to obtain huge amounts of incre- mental bandwidth without having to pull additional fiber. Allows a single strand of fiber to simultaneously carry multiple parallel transmissions on dif- ferent light wavelengths (?lambdas?). A good WDM tutorial is available at http://www.webproforum.com/lucent3/ ? GSR: Cisco?s 12000-series Gigabit Switch Router, the special high-perfor- mance router that many sites, including the UO, are using to connect to Abilene. See http://www.cisco.com/warp/public/733/ 12000/ networking, here?s a brief glossary with some links to web resources? Networking Technology ? Gigapop: Gigabit point-of-pres- ence. As originally envisioned, I2 sites would connect to the I2 back- bone via a regional ?Gigapop.? Gigapops would combine the traffic from directly connected I2 member sites and exchange it with other Gigapops via I2 backbone links. By aggregating individual I2 sites be- hind Gigapops, the size of the I2 routing matrices can be kept small and efficient, and network problems could be resolved via contact be- tween Gigapop NOCs. The Oregon Gigapop is located in Eugene and operated by the UO. Network Architecture and Operations ? POP (Point-of-Presence): Location at which an internet service provider connects to the Internet and offers lo- cal connections to customers, whether via leased circuits or dialup connec- tions. A small ISP might have only one POP, while a national ISP might have a POP in virtually every major metro area. ? Exchange point (also, ?meet point?): A location where network service providers can peer and exchange network traffic with each other. The UO operates the Oregon Internet Exchange in Eugene (see http:// antc.uoregon.edu/OREGON-EXCHANGE/ ) ? Peering/Transit: When two net- works peer, they agree to coopera- tively exchange their network custom- ers? traffic?and only their customers? traffic?typically at no charge. These traffic exchanges take place at an ex- change point. Contrast peering with buying transit bandwidth from a net- work service provider: when you buy transit bandwidth, the network ser- vice provider agrees to accept and transfer traffic on your behalf to any other destination on the Internet, whether it?s for another customer of the NSP?s or for a customer of some other network service provider. - continued on page 22 AND GLOSSARY ? Ethernet/fast/gigabit ethernet 22 computing news winter 1999 ? Meritorious/Commodity Traffic: Meritorious traffic meets the Accept- able Use Policy (AUP) adopted by a particular network. For example, I2?s AUP limits use of I2 to traffic destined for other I2 sites or comparable/ap- proved research and education net- works. Other traffic, such as a mail message to an AOL user or a web page from CNN?s web site, would be con- sidered ?commodity traffic? and would not be eligible to travel over I2. ? NOC: Network Operation Center. A NOC is a facility, typically staffed 24 hours a day/7 days a week, by NOC technicians who can monitor, detect and arrange for a response to network problems. There?s usually one NOC per network. ? Colocation: While most networked companies or schools want to have machines in their facilities connected to the Internet, some companies don?t really care where their servers are physically located. For example, a company?s main web server might just as easily live in a locked rack at an ex- change point as in a company office. Servers located at network service pro- vider facilities rather than at corporate or campus locations are said to be ?colocated? and are typically able to buy bandwidth for less than the cost of a traditional Internet connection due to the elimination of local loop charges and reduced equipment requirements for the network service provider. Colocation also typically offers the server owner access to conditioned/ uninterruptable power, improved physical security, geographical flex- ibility in siting servers, etc. ? Local Loop: A synonym for ?local access circuits? or the physical wire or fiber optic cable that connects a site to their Network Service Provider?s POP. Local loops are typi- cally purchased from the local phone company or from a competitive local exchange carrier. For example, the UO buys its local loops from USWest and Electric Lightwave (ELI). Local loop charges are in addition to a network service provider?s port charges. ? Port Charge: The payment made to a network service provider so they will accept and transfer your transit traffic. Port charges are normally sized according to the maximum ca- pacity of the circuit to the network service provider. ? Backhaul: If a network service pro- vider doesn?t have sufficient capacity (or required services) at a local POP, they may need to ?backhaul? a circuit you?ve ordered to another better- equipped location, which adds to the cost of obtaining that service (unless backhaul charges are waived). Network Architecture and Operations, continued? INTERNET 2 LINKS AND GLOSSARY ? IPv4/IPv6: IP (also, ?IPv4?) is the Internet Protocol that underlies virtu- ally all Internet traffic today. A new version of the IP protocol, IPv6, is on experimental use on the so-called 6Bone (see http://www.6bone.net/). IPv6 access is an example of the sort of ad- vanced services that Internet 2 will likely support. See the tutorial at http:// www.6bone.net/case-for-ipv6.txt or see http://playground.sun.com/pub/ipng/html/ INET-IPng-Paper.html ? IP multicast video: With IP multicast, a single network video stream services all viewers on a given network segment, rather than requir- ing separate streams for each viewer. IP multicast scales well to virtually unlimited-sized global audiences. Cisco?s excellent IP multicast training materials are available online at ftp:// ftpeng.cisco.com/ipmulticast/ multicast_training.html An easy way to Advanced Services begin using IP multicast is to install Cisco/Precept?s IP/TV from the UO Duckware CD-ROM, or see http:// darkwing.uoregon.edu/~joelja/project/ mbone.html ? QoS (Quality of Service): There has been a lot of interest among I2 participants in Quality of Service-re- lated issues, or efforts to provide better than ?best-efforts? access to Internet resources. For example, some Internet applications (such as tele-surgery or remote management of a scientific instrument) require bounds on latency and jitter, or a re- served amount of bandwidth from end-to-end. An excellent series of papers are available at http:// www.internet2.edu/qos/may98Workshop/ html/presentations.html ? Bandwidth and Latency: Bandwidth can be considered the effective rate at which bits are delivered from their source to their destination?or the ?size of the pipe? between two sites. Latency is the delay a packet experiences while being transmitted from its origin to its destination. This is a crucial issue in high-performance networking because there is a close relationship between packet latency and the maximum effec- tive bandwidth which a connection can sustain. See http://engr.ans.net/slides.html#nanog-feb- 1997-tcp-congested ? Jitter: The variance in the time it takes for a packet to be transmitted from its origin to its destination. Jit- ter is a problem in advanced applica- tions such as IP multicast video be- cause even small deviations in deliv- ery pacing can translate into notice- able interruptions in otherwise smooth video delivery, unless buff- ering or other similar techniques are employed. Students: Interested in Networking Opportunities? If you?re a UO student interested in the computer networking field, here?s an opportunity to gain experience and skills while contributing to the enhance- ment of the global Interent infrastruc- ture: The Network Startup Resource Center (see article on page 23) is cur- rently seeking students with initiative to assist with applied research, educa- tion, and service projects. For more information, contact Steve Huter (sghuter@nsrc.org) 23computing news winter 1999 By Steve Huter and Hervey Allen sghuter@nsrc.org hervey@oregon.uoregon.edu How did the UO Computing Center become involved with network sup- port services in Luanda? The project began last July, when two Angolan students at a TCP/IP work- shop in Geneva, Switzerland, asked the Network Resource Center (NSRC) for ideas about how to improve their user support services. The NSRC, which helped organize the Geneva workshop, has been dedicated to mak- ing affordable networking technology available around the globe for the past decade, and is now based at the UO Computing Center. The NSRC had worked with the Angolans in the early 1990s using FidoNet technology, and provided some technical advice to them when they transitioned to a TCP/IP network, dubbed EBOnet, at the end of 1996.The EBONet engineers explained that their network user base had expanded dra- matically since then, outpacing their current ability to meet the demand for support. As EBONet is the primary resource in Angola for full Internet access, its con- stituency had quickly grown from a handful of former FidoNet users to nearly a thousand users, including not only Angolan individuals and compa- nies, but also researchers and employ- ees of the US Embassy, the US Informa- tion Agency (USIA), the United Na- tions, and various international non- governmental organizations. While EBONet staff had already begun devel- oping a Help Desk service, they wanted to learn more about how to support their growing user population. The NSRC turned to Hervey Allen, of the Computing Center's Help Desk and microcomputer consulting ser- vices, to help EBONet staff design some systems and procedures. After extensive email and telephone communications to plan the work agenda and make decisions about what software and hardware to bring along, Hervey flew to Luanda on November 11. ?The spirit of team- work and collabora- tion between EBONet, the NSRC, and the Computing Center was great to see and be a part of.? In keeping with the philosophy of the NSRC, Hervey worked in cooperation with EBONet staff?suggesting some changes, answering questions, and demonstrating how to use various tools and resources?but always stressing that the real work must be done by the EBONet staff itself. Using Spanish and some English to communicate with the primarily Por- tuguese-speaking Angolans, Hervey ? observed traffic flow at the Help Desk and suggested improvements ? initiated a set of Help Desk web pages disseminating user support in- formation ? introduced the staff to other NSRC resources for assistance in network man- agement and system administration ? gave a public presentation on cus- tomer service and the role of the Internet Occasionally, questions arose that re- quired more help, and Hervey was able to call freely on the expertise of half a dozen other Computing Center NSRC, Computing Center Staff Assist Network Support Services in Angola staff via email. Everyone pitched in willingly to give EBONet support ser- vices a boost. Before leaving Angola, Hervey drew up a final report with specific recom- mendations for improving EBONet's existing services and adding new re- sources as needed. Barely two weeks after Hervey?s re- turn to the states, EBONet staff re- ported that a number of his recom- mendations had already been imple- mented. Haymee Perez Cogle wrote recently, ?We thank the NSRC and Hervey a lot for the assistance and hope that our collaboration will con- tinue. Your visit was very useful, Hervey, and our staff is now very mo- tivated. We're working on the installer, reorganizing our schedules and pro- cedures, finishing the FAQ for our web site, and improving the technical as- sistance services of our Help Desk.? As for Hervey, he discovered that many of the same issues confronting the UO are also faced by the EBONet staff in Angola: busy modem lines, modem and password problems, and struggles with connectivity. Hervey also noted some interesting differences, such as the total absence of Macintosh computers, the over- whelming number of Toshiba por- tables in use (by those who had por- tables), and the surprising fact that almost no old machines (486 class) are employed by EBONet's users?the hardware is quite modern. Hervey affirms that the Angolan train- ing sessions were mutually beneficial. ?The chance to apply what I do every day at the University of Oregon to help a group of people who are getting an entire country started with the Internet was a truly gratifying experi- ence,? he says. ?The spirit of teamwork and collaboration between EBONet, the NSRC, and the Computing Center was great to see and be a part of.?