Information Technology - Getting Started


This document provides basic information intended to familiarize new users with Waisman Computing Services (WCS). It is not a complete source of all the information about WCS, but merely an attempt to point you in the right direction.


Policies

  • Use of Waisman network or computing services is governed by policies adopted by both UW-Madison and the Waisman Computer Services User Committee. These policies are presented during the account activation procedure described below in Your First Logon.

Your First Logon

  • In order to keep your account from expiring you must first activate your account using an internet browser. Unless your account is activated using the username and temporary password issued to you within 45 days, it will expire and the temporary password will no longer work.
  • If you activate your account from a location off campus (not on the UW Campus network) you will be prompted to enter your username and temporary password twice.
  • You must have your username and initial password before activating your account. These are usually provided to you by email. They may also have been sent to the person that requested the account for you. You must also use a web browser configured to accept cookies for the activation procedure to work (this is the default for most browsers). If you have your username and temporary password, you can proceed to the account activation procedure at:

  • When you visit the link above, you will be directed through the three easy steps of the activation procedure:
    1. Presentation of the UW and Waisman Appropriate Use Policies. You will be asked if you agree to abide by these. You must agree in order to go on to the next step.
    2. Initial logon with the username and temporary password that was assigned to you. These were supplied to the person that requested your account and may have also been e-mailed to you.
    3. Change your password. Choose a new password that is secure. From this point on, only you will have access to your computer account using your new password. You should never share your password with anyone--not your co-workers, nor even your supervisor.
  • You have 45 days from the time you receive your instructions to activate your account.

Changing Your Password

  • During the last step of the account activation procedure you will be asked to choose a new password.
  • The new password you choose must meet the following requirements per Campus policy:

    Passwords must:
    • Must be between 8 and 14 characters long.
    • Be memorized; if a password is written down it must be kept in a secure location.
    • Must Contain at least one (1) character from three (3) of the following categories:
      • Uppercase letters (A-Z)
      • Lowercase letters (a-z)
      • Digits (0-9)
      • These special characters: ` ~ ! @ # $ % ^ * ( ) + = _ - { } [ ] | \ : ; ' / ? , .
        Please note that space, ampersand (&), double quote (") and angle brackets (<>) are not allowed in passwords.
    Passwords must not:
    • Contain a proper name, login ID, e-mail address, initials, first, middle or last name. In addition your password should not contain a phone number, address, license plate number or a word found in a dictionary (any language). The ideal password would return nothing in a Google search (but don't attempt this since doing so would immediately compromise your new password).
    • Be shared with anyone else
      .
  • You will receive an error message if the new password you choose does not meet the requirements above. We recommend your password contain a mixture of letters (mixed case), numbers and special characters to make it more difficult to guess or crack.
  • Case matters! We recommend the password you choose be a mixture of upper and lower case letters, numbers and special characters. While Windows 95/98 ignores case in passwords during logon, other authentication methods do not (NT, XP, telnet, ftp and the copy machines) so please remember which characters you type in upper case.
  • It's very important to pick a password that's hard for others to guess but easy enough to remember so you don't have to write it down. The password you choose should not contain any word found in a phonebook, dictionary, encyclopedia, literature, arts, and movies or anywhere on the internet - even if its characters are reversed. The password should not contain any personal information about you such as an address, social security number, license plate, mother's maiden name, name of your child or pet, a birth date, etc. If you do a Google search on the password, it should not find anything.
     
  • DO NOT use any combination of words that are each in a dictionary! These can be cracked with minimal effort. An excellent choice for a password would be to use the first letters of words in a phrase. For example, the phrase "I like to have toast at 7 am" would yield: "Ilthta7am" and make a very secure password (but don't use this one!).
  • Never share or write down your password. You do not need to (and never should) give out your password for someone to copy a file from you. Send the file to them using an e-mail attachment or place it in their "pick up" folder (covered in training courses). If you have access to any personal health information (all client data qualifies) you are required by federal law (HIPAA) to take appropriate measures to keep it confidential. If you suspect someone may know your password, change it immediately. Never share your password with anyone, never. If you give your password to someone and they commit a crime using your account, you may end up being prosecuted. Always remember to log off! Remember, you are responsible for any malicious actions caused by others when they are using your account. Your reputation, career and future quality of life can be irreparably damaged by the malicious use of your account by others.
  • It is recommended that you change your network password periodically (or whenever you suspect someone else may know it) to keep your account secure. To change your Waisman password after you've activated your account visit the web page:

     

     


Safe Computing and Virus Protection

  • On Windows computers, you absolutely must have up to date virus protection software to protect not only your computer but all other computers on our network from virus infections. In fact, this is a campus requirement stated in the electronic devices policy. The campus provides Symantec Anti-Virus software at no cost. Many PC's at the Waisman Center already have this installed. If not, and you wish to install it yourself (would require Administrator access for Windows NT or later), it can be downloaded from DoIT.
  • After installing this software it must be configured to check for virus updates (LiveUpdate) every day at a time when the computer will be online. If you would like us to install and configure the Symantec software (takes only 30 minutes or less) please contact one of the computing staff members to install it for you.
  • Please be aware that while anti-virus software lowers the risk of virus exposure it does not eliminate it! When a virus first breaks there is no protection from it until the anti-virus vendors develop a way to detect it! That can be hours to days. As a result you always have a responsibility to engage in "safe computing" practices. Four golden rules of safe computing are:
    1. Never open any e-mail attachments unless you are expecting something from someone. Even if it's from someone you know - if you're not expecting it DON'T OPEN IT! This is the primary infection vector for most viruses - conning you into opening an attachment. Don't fall for this!
    2. The more convincing it sounds to open an attachment or visit a web site the more likely it's a trick. Examples include: situations involving money, stranded family members and lost children. The more your emotions are telling you to open the attachment or visit that site the more alarm bells should go off - Don't fall for it!
    3. If you do open it, never click on the links within. Visiting a "bad" web site just once is all it takes to become infected.
    4. Never install anything on your computer from the internet. This includes the latest cool screen saver, joke program, movie clip or hit song. All of these can be infected with trojan horse software that can lay dormant and then wake up and take over your computer (including files and passwords) at any time.
  • Please keep in mind that cleaning up after a virus infection or other damage from another exploit can result in computers being out of commission for days or even weeks as this task is usually given the lowest priority. Also, the cost of cleanup will be charged to the grant or account that funds your computing activity at the current rate of $90/hour. This will include not just cleaning the computer you use, but every other computer it may have infected as a result! Cleanup of an infected computer is NOT OPTIONAL since University policy does not permit an infected computer to remain connected to the network and they will block it's access.

Email

  • If you already have a DoIT WiscMail account or use the "My UW" web portal (have an e-mail address ending in @wisc.edu) you may continue to use that or you can use an @waisman.wisc.edu account. Forwarding is available in either direction
  • If you use an off campus email provider such as Gmail, your messages will be subject to spam analysis and may be quarantined by campus mail systems. Mail from campus mail systems is given preference in spam analysis on Waisman's mail system. You will also be responsible for meeting Wisconsin's Administrative rule on Electronic Records Mangement with any off campus email provider.
  • All students and staff are eligible to use campus provided services such as e-mail, wireless and calendaring. Use of these services requires a "NetID" (username) and password. To activate your NetID, a UW ID number is required. For more information on Campus provided services please refer to the Guide to computing for faculty and staff or for students. For instructions on setting up various e-mail clients for WiscMail please refer to: configuring your e-mail client for WiscMail. Note that no setup if necessary to use the WiscMail Web client.
  • One major advantage of WiscMail is the web interface. By using the web interface, you don't need any e-mail client such as Thunderbird to be installed on the computer from which you wish to check/send e-mail messages. You can use any computer with a web browser - anywhere. The web interface for WiscMail is available from the MyUW Madison portal or directly at: http://www.wiscmail.wisc.edu.
  • Waisman currently runs it's own e-mail service which will eventually be phased out with the adoption of Office 365 campus wide. However, Waisman email addresses ending in @waisman.wisc.edu will continue to be offered after the rollout for branding, recognition and visibility of the Waisman Center. If you do choose a Waisman email address, settings for Mozilla's Thunderbird e-mail client will be automatically configured to use Waisman e-mail the first time you logon to a Windows system with Mozilla's Thunderbird installed. For home computers, Thunderbird will require manual configuration steps which can be found in our FAQ on Thunderbird E-mail.
  • For Waisman email users, a web based e-mail client is also available called Roundcube. Since it only requires a web browser and no setup it's useful for circumstances while traveling.

 


Anti-Spam Measures

  • There are two levels of anti-spam measures in place for Waisman e-mail addresses. The first one checks incoming mail to see if the sender's mail server is listed in several online databases or 'block-lists' of known spammers, open relays, exploited systems and other potential sources of spam. If the sender is in one of these databases the mail is not accepted (rejected) and an explanation message is returned to the sender. The databases we currently use to filter out e-mail sources are:
  • This anti-spam measure occurs very early and before the message ever gets to the second level of anti-spam filtering (below). As of 10/2006, approximately 72% of the spam is stopped by this method, so it is extremely effective. If you are made aware of mail that is being filtered inappropriately at this level, we can add the sender to an exceptions list so that mail from that source will not be rejected.
  • The second level analyzes mail that has already been accepted (passed the level-one checks above). It is a commercial anti-spam filtering system known as the PreciseMail Anti-Spam Gateway from Process Software. It scores messages for their potential to be spam and quarantines messages with high scores for 3 weeks. Each user can view their own quarantine and release messages they want. It is optional however - you need to Opt-in before it will be in effect. For instructions please refer to:

     


Waisman Email vs. WiscMail

  • Why should you use Waisman e-mail instead of WiscMail? While we don't wish to duplicate existing campus services there are some good reasons to use the Waisman e-mail service:
    • We block dangerous executable attachments viruses use to spread during the critical hours before Anti-virus vendors can update their definitions. For example, during the outbreak of Bagle-AI, WiscMail had 150,000 infected messages during the few hours before the Anti-virus software update was available. We had none because we block executable attachments.
    • You don't want to be limited to 100MB of storage.
    • It's important to have the shortest wait time for messages to be sent and received. However, messages with unusually large attachments (over 15MB in size) can be delayed for up to 8 hours in order provide the fastest delivery time for more typical messages. Attachments larger that 25MB will not be delivered.
    • You wish to promote an association with the Waisman center by having an address ending in waisman.wisc.edu.
  • We no longer configure, support or recommend Eudora since it has proven extremely unstable (prone to crash - especially in POP mode) and is no longer licensed or supported by DoIT. If Mozilla Thunderbird is installed on the Windows XP system you use, it will be automatically configured the first time you logon as a Waisman Domain user. If you would like Mozilla's Thunderbird Client installed on a Windows XP system, please contact one of our staff.
  • Caution: Due to security risks, and past experience we strongly discourage using off campus e-mail providers such as HotMail, Yahoo and AOL. Upcoming security policies may require these services be blocked in the future. This is especially important if you share a computer or use a shared project storage area (see below) since a virus that infects you may be transmitted to all other people who use the computer or hide in any project drives to which you have access. Remember, the cost of cleanup will be billed to the grant that funds your computing activity.

Waisman E-mail from other locations

  • To use the Waisman e-mail service for other computers that you use (at home or another department example) you need change the server or e-mail account settings on your other computers:
    • Use imap.waisman.wisc.edu for the incoming mail server.
    • Use smtp.waisman.wisc.edu for the outgoing mail server.
    • Use your Waisman username for incoming mail.
    • Enable SMTP authentication for sending mail. If this is not done, messages sent to non-Waisman addresses will be returned with the error Relaying not permitted.
  • For details of how to configure Thunderbird for Waisman e-mail please refer to the FAQ on Thunderbird account settings.
  • Most mail clients allow you to create multiple mail accounts or personalities that each have different settings so you can check mail on different servers (Waisman and WiscMail for example) with one operation.
  • If you wish to consolidate your e-mail at one location (Waisman, for example) you can forward mail from other e-mail services (such as DoIT's WiscMail) to your Waisman e-mail address. To do this for a WiscMail e-mail account (@wisc.edu address) see:

  • Another very popular option for reading mail from elsewhere is using Remote Desktop.

Storage

  • File storage is available on your computer's local hard drives (e.g. the "C:" drive) and from a storage service on the network that is part of a Storage Area Network (SAN) made possible in part from a generous gift from Hewlett Packard (HP) in 2003. This highly reliable, state of the art virtualized storage is available from any computer on the network that supports CIFS (Common Internet File System) file services. This means Windows, Macintosh (OS X or later) and unix systems (with a Samba client) can use this network storage provided you have an individual network logon (username and password). We can also provide NFS (Network File System) as an alternative access method for server storage if needed.
  • On Windows systems, making use of network storage typically involves mapping a local drive letter (J-Z) to the network storage location that is of interest, which is known as a folder name (also called a share or directory). Mapping a drive letter to a folder is another way of saying the drive letter points to a particular storage location. For example, drive M might be mapped to the network folder name \\wcs.waisman.wisc.edu\jones, where wcs.waisman.wisc.edu is the server name and jones is the folder (share) name of Ms. Jones' personal home directory. Please note that drive mapping, while convenient, is not required to access a file on the network. Ms. Jones could also specify files on her home directory by using \\wcs.waisman.wisc.edu\jones (or in most cases the short form \\wcs\jones) directly.
  • Mapping a drive to a network folder (or share) can be done manually with the Windows file explorer or happen automatically at logon. For a drive to be mapped automatically at logon, a command to perform the mapping must be present in the file M:\NETLOGON.BAT, which is executed during every logon. Unless you have experience with the syntax of the NET USE command, we don't recommend you modify or change this file; though you may want to look at it. Keep in mind that drive letters are specific to every user. For example, your L: drive may "map" to a completely different location (network folder) than the L: drive of your colleagues.
  • Please note that network storage is intended to store Waisman related work and data - not to store music, pictures or other data that are personal in nature and are not part of the mission of the Waisman Center. Network storage is not to be used as a backup for your local hard drives. If possible, you should save and work with important data and documents from network drives directly and consider that the master copy. If that is not possible, for example you will not be able to "play" high resolution video smoothly from a file stored on the network, DoIT offers a very economical network backup service called Bucky Backup that can backup local hard drives at scheduled times.
  • Since all network storage is automatically backed up on the evenings of each business day, it is intended to store files, documents and data that are the result of the work you do that cannot be easily reproduced. For example, you would not want to store raw data that could be re-digitized from an audio or video tape but you would want to store the results produced by an analysis of it that could not be easily re-done.
  • Local drives on a PC such as the C: drive are not backed up and typically hold only application software installed on the PC or temporary work files that can be replaced. Application software can be re-installed from the original media if the local drive should fail; so the lack of backups for local drive do not present a significant concern, providing only application software and temporary downloadable files are stored on the local drive (C:). You should never store important data (your work product) on local drives since it cannot be recovered should the drive fail. Always store your work on network storage to prevent loss. If you choose not to do this, DoIT offers a backup service called Bucky Backup that is very reasonable and can schedule backups of your hard drive during periods of low network activity.

Classes of Storage

  • There are three different classes or types of storage available. The main difference between them is the resources each require. Understanding this difference will help you choose the most appropriate class of storage to meet your needs without consuming unnecessary shared resources.
    • User Storage: This storage class contains data that pertains to individuals and is not intended to be shared by others. Examples are e-mail, documents, presentations or other work product. Everyone has this class of storage and is referred to as your home directory or M drive for Windows users. It is always referenced by username. This storage has the highest level of redundancy with 100% overhead (files are duplicated in two different areas - known as mirrored or RAID-1 storage) and uses the most resources.
    • Project Storage: This storage class contains data that is shared between several users included in a "permissions list". Each user on this list has full access (read, write and delete) to all files. This storage is referred to by by a project name and can be setup and users easily added or removed from the permission list by contacting the server administrator. This storage has a lower level of redundancy than the user class but is still extremely reliable with 20% overhead (known as RAID-5) and uses less resources than user storage. Large data sets (images for example) that require backup should be on project storage rather than user storage.
    • Scratch Storage: This is just what the name implies - it is not backed up and is intended to hold large data sets that can be recovered from another source (images that are already recorded on CD for example). Unlike user or project storage, scratch storage is referenced by the name of the storage area (scratch0, scratch1, etc.) and directory (folder) name. Each scratch area can contain many directories (folders) but each directory is restricted to only those with permissions. While it has the same level of redundancy as project storage and extremely unlikely to be lost as a result of a hardware failure, it is vulnerable to accidental deletion or physical disaster that would destroy the the hardware (fire, flood, explosion, etc). Like project storage, it can also be shared among users on a permissions list. Since it's not backed up, this type of storage consumes the least resources and can be very convenient when you need to save or share a lot of data that you know can be recovered from other sources if need be.
  • Project storage and Scratch storage are available in two types:

    • Enterprise storage for continuous random access. Designed for high duty cycles with excellent reliability. The user class of storage is only available in this type. For small to medium amounts of storage (50GB or less) this is the preferred type.
    • Near online storage. Designed for 30% duty cycles with good reliability at a much lower cost than enterprise storage. This type of storage is ideal for large media files (video and audio) that are sequentially accessed (played from start to finish). It's also perfect for storing archives or backups files that will only be accessed occasionally. This storage must not be used for heavily accessed files such as databases, documents, spreadsheets, spss data files or any file that is read or written multiple times during a typical use. Doing so may impact the reliability of the storage. This restriction typically means those heavily accessed files that are related to the data will need to be stored on a separate, much smaller project that uses enterprise storage.

Storage limits (disk quotas)

  • All network storage (except scratch storage) is subject to space limitations to prevent a single user from consuming all the available free space on a particular disk volume and prevent or impact others from working. These space limits are called disk quotas.
  • Initially, each new user is provided with a disk quota of 250MB. This is not a 'hard' limit since it is increased automatically as your usage needs grow. You may also request additional storage by sending e-mail to help@waisman.wisc.edu or calling the Waisman helpdesk at 890-1000. Large requests (more than 10 GB) may require additional time for approval. Very large requests (100GB or more) will require approval and may be subject to current capacities on hand or require purchase of additional capacity. Except in rare circumstances, we will not provide an increase in storage limits for the purpose of backing up a local hard drive from your computer since network storage is not intended to be used as a backup for local storage - you should be saving your work directly on network storage which is already backed up not using network storage as a backup for your files.
  • In many cases you will usually not be aware that you're approaching your disk quota limit until an application displays an error. The error may be generic and not indicate that your storage limit has been exceeded. While we periodically monitor low quota conditions it's best to know how to tell how much disk quota remains.
  • While not always accurate, on Windows, you can find out how much disk quota (free space) remains by displaying the properties on the network drive by "right" clicking on it using the file explorer and noting the free space figure. Since that is resource intensive (opens every file on the drive) and often incorrect, it's recommended you visit the following web page instead to check your storage limit for your personal (M: drive) share and any project shares you have access to:

     

     


File backup and restore

  • Please be extremely aware that your computer's hard drives (i.e. the C drive) are not backed up! Therefore, unless you have a reliable backup procedure for your own hard drives that includes off-site storage, work product must only be stored on network drives.
  • All Network drives (such as M) are backed up during the evenings of every business day. Those backups are for the purpose of disaster recovery. That means:
    • If there is an equipment failure that results in loss of data the goal is to recover all data from the backups made during the evening of the previous business day. The storage hardware is designed and qualified (and has proven itself) to sustain the failure of at least a single disk drive without data loss or interruption.
    • If there is a physical event such as a fire, explosion or flood that destroys all equipment and on site backup media, the goal is to recover all data as it existed on the evening of the last business Thursday. This implies up to one week's worth of data could be lost in such an unlikely scenario.
  • The goals of the backup strategy above are not intended to cover accidental deletion or corruption of files. However in most cases the backups we make are sufficient for that purpose provided all of the following conditions are met:
    1. The file must have existed from 6PM until 11PM during a previous business day.
    2. We must have received a request to restore the file within two weeks of it's deletion or damage.
  • If you fail to notify us in within two weeks of deletion the file may not be recoverable!

    Example: you request a file be restored that you think existed only during June and was deleted on July 1. It's extremely unlikely that this file could be restored. If the file existed for a longer period, say at least 4 months, then it's much more likely to be restored from a random point in time during that 4 month period. This is merely an example and we make no guarantees based on any of these numbers. The leads to the following general rule: The longer a file exists, the higher the probability it can be restored
  • Also keep in mind that there will be a charge to your computing account for each restore incident. Please refer to the Computing Rates Table for more information.
  • The ability to restore a file to any point in time is not a feature provided by a backup system. This is a feature provided by an archiving system which we do not have and is extremely unlikely to ever be cost-justified in the current budgetary climate.

Personal Web Pages

  • Anyone with a Waisman username and password may optionally develop their own personal web pages (or entire web sites) by placing web documents in the WWW folder (directory) of their personal storage area. From a PC logged on to the Waisman domain, this folder would be: M:\WWW. For example, if your username happened to be Smith, then the URL:
               http://www.waisman.wisc.edu/~smith/
    would send the file index.html (or index.htm) in Smith's WWW folder from the web server to the client's browser (Firefox or Internet Explorer) and display the contents as a web page.
  • We use the very popular apache web server and support the scripting languages PHP and perl for web development. We host the MySQL database server for which both PHP and perl provide access functions. As such we do not support Microsoft's proprietary FrontPage server extensions but this doesn't prevent using FrontPage for producing web pages - provided you avoid using the extensions. DoIT offers classes on web page development including Dreamweaver, CSS, PHP and MySQL. If you are interested in hosting a PHP or perl application on our webserver, particularly one that may be of benefit to other programs and labs, please contact Carl Karcher. before obtaining, writing or purchasing any software.
  • Also, be sure to visit the Waisman Center home page at:
  • If you would like a link from the Waisman web site to web pages that describe your research or lab please contact webmaster@waisman.wisc.edu.
  • For assistance in developing web pages also contact webmaster@waisman.wisc.edu.
  • For hosting information about the apache environment or other web server issues please contact hostadmin@waisman.wisc.edu.

Wireless Internet Access

  • Wireless access is available throughout the Waisman Center with excellent coverage in nearly every area. If your laptop or notebook is equipped with a wireless card, the first time you open a web browser a login page should appear requesting your Campus NetID and password. This will be the only site you can get to until you enter a valid NetID and password.
  • If you don't have a wireless card but would like to purchase one for a UW owned laptop please contact Douglas Swiggum or (263-3467). To purchase a wireless card or a wireless USB adapter for a personally owned laptop visit the DoIT Tech Store.
  • Wireless Internet Map There are official Wireless Internet access points also found in other areas of the campus so the same connection details and restrictions apply. These wireless areas use 802.11g (54mbs) technology and are intended for convenient and secure connection of mobile devices such as laptops. They provide access to basic network services such as web, e-mail and calendaring. Other Waisman services such as file and print (drive mapping) are not available from wireless connections.
  • If you are interested in installing wireless access for your lab or areas that don't already have coverage (there shouldn't be any!) please contact Carl Karcher.

Remote Access

  • The following topics are of interest to those wishing to use Waisman network services from outside the Waisman center. Since the Waisman Center's building network is connected to the Campus Network through a firewall, not all Waisman network services are available from outside the center and the internet. The following sections describe some common types of remote access.
    • On campus access:
      • Access to most Waisman network services from outside the Waisman Center is available from any point on the Campus Network. Access to Waisman e-mail is available from anywhere on the internet. Use of other services such as file and print may require permissions to be setup prior to use. Contact Carl Karcher to discuss any needed arrangements.
    • Remote Desktop
      • If you have Windows XP there is a very useful feature for called Remote Desktop that makes the desktop view of your Windows XP computer available from anywhere on the internet. You see the same icons and programs as you would while sitting at your office PC. Remote Desktop requires the WiscVPN software described below. You also must be a member of the "Remote Desktop Users" group on the PC you want to Remote Desktop to. If the PC was originally setup for you, then you probably already are a member of this group. You also need to know the name (host name) of your office computer, e.g. toto.waisman.wisc.edu. Of course, your office computer also needs to be turned on with no one else logged in.
      • The PC you are using remote desktop from needs to have the "Remote Desktop Client" software installed. A Remote Desktop Client is built in on Windows XP though it can be a bit difficult to locate. To find it: click Start, All programs, Accessories then Communications. It can be downloaded from Microsoft and installed on Windows 98 and later systems. A Remote Desktop Client is also available for Macintosh computers. For step by step information on Windows, please refer to FAQ on Remote Desktop.
    • VPN access
      • The campus also provides a Virtual Private Network (VPN) service that allows access to restricted campus services from anywhere on the internet. To use the VPN service (called WiscVPN or Cisco Systems VPN Client) you need to provide your campus NetID and password to authorize yourself. Once logged on to the WiscVPN software, all network traffic between your PC and the campus is encrypted, you appear as though your computer is attached to the campus network (the virtual part of VPN) and can use services that are otherwise not available from the internet. The WiscVPN service is required to map network drives and use Remote Desktop. Mapping network drives from the VPN may also require adding a 'hostmap' for your account. Contact Carl Karcher to request this if you cannot map network drives from the VPN.

        Using WiscVPN requires installing a software client on the remote computer. For more information and instructions on how to download the client software visit: https://www.cio.wisc.edu/security/security-tools-software/security-software/

FTP

  • The Waisman Center maintains an FTP server for transferring files via the internet. The address for FTP is: ftp.waisman.wisc.edu
  • Anonymous FTP is supported for reading files but not writing. A username and password is required to write files in any directory you would normally have access to.
  • FTP access is restricted to on-campus locations. For off-campus locations, a permissions list is used to determine access for each user. Contact Carl Karcher to request off-campus locations be added to this list prior to using FTP from them.
  • Please note that the FTP server will not work well with GUI FTP clients (WinFTP, SecureFX, etc.) when using extended file names (that contain punctuation characters such as spaces). It's recommended you avoid using extended file and directory names if you plan to also access files via a GUI FTP client. A command line FTP client (such as the one provided with Windows) can be used with extended file names without issues.

Telnet

  • The Telnet address for the Waisman Center is: telnet.waisman.wisc.edu
  • This is a fast character oriented command line interface (or "shell) intended for those without access to (or desire to use) PC's to perform basic tasks such as MAIL and file manipulation or perform specialized tasks. A graphical interface (X-windows) is also available (commands are: SET DISPLAY and CREATE/TERMINAL/DETACHED).
  • Telnet access is restricted to on-campus locations only and will require explicit permissions to use from other campus locations other than Waisman. Since telnet has no encryption, it's possible for your password to be viewed by others and is therefore strongly discouraged. Use SSH (below) instead.

SSH

  • SSH stands for "Secure SHell" and is basically telnet with strong encryption. The SSH address for the Waisman Center is: ssh.waisman.wisc.edu
  • Only SSH version 2 is supported. The big advantage of SSH over telnet is the entire session (including your username and password) between you (the client) and the server is hidden from any potential evesdroppers.
  • One very useful feature of SSH is that nearly every kind of network connection (including drive mapping and remote desktop) can be 'tunneled' over an ssh connection effectively encrypting all traffic. This is done with a feature called "port forwarding" which requires some knowledge of networking and is not intended for beginners. Similar to a VPN (virtual Private Network) but requires no software other than an SSH client.
  • Currently the recommended SSH clients are: Van Dyke's SecureCRT. This client is site licensed for the UW Madison and is currently part of the WiscWorld suite. It can be downloaded from DoIT at: http://shelf.doit.wisc.edu/securecrt/
  • One thing of note is that due to software inconsistencies, the password used for SSH logins may need to be in all uppercase. We expect this restriction to be lifted at a future date.

Administrator Accounts

  • To maintain security we strongly discourage the use of administrator level accounts on local computers. All of the software typically installed by WCS does not require administrator access to use. Installing additional software (including viruses and spyware!) does require administrator access, typically during installation only. Using an administrator account for normal use defeats many security features added to PC software in the last few years. I.e. you might as well be using Windows 98 or Mac OS 8.

    For more information, see the FAQ on Administrator accounts.

Laptops

  • If you bring a laptop and want to connect it directly to our network we require you to have it inspected for the latest security patches and virus definitions. A single infected laptop puts all other computers on our network at risk and effectively bypasses most security measures by being walked past our firewall. For this reason we recommend you obtain a wireless card for your laptop and use one of the many wireless access points within the building (see below for locations). Should a computer you bring in infect or compromise other computers, the grant that funds your computing activity will be liable for the clean up costs of all computers infected. Also note that any personally owned computers are not HIPAA compliant.

How to get Help and Staff Directory

  • For e-mail support send e-mail to: help@waisman.wisc.edu.
  • It is a good idea to include a subject that indicates the problem area. E-mail to help@waisman.wisc.edu will create a "ticket" in a request tracking system and the appropriate person will contact you as soon as possible. It will also provide documentation of the solution for future occurrences of the same problem. If there's an error message, that's always helpful, particularly if you can quote the first line. Don't forget to include your phone and room number.
  • A WCS Staff Directory is also available.

© 2015 Waisman Computing Services   |   Contact us   |   October 07, 2014