Update: Campus power has been restored.

Original Post:

The following buildings have generators and have network up and connected:

A serious security defect was found in the software that is the foundation of security for a large percentage of Internet web sites. Organizations around the world have been frantically updating the affected software.

What is the Heartbleed bug?

The software that logs you in securely to a web site (the https: that you usually see) had a bug that could expose userids and passwords to an attacker. In addition to passwords, other highly sensitive information can be leaked. The ramifications of the problem are broad and potentially grave. Vendors are rushing updates, but not all web sites and services are patched at this point in time.

Why do I care?

Your password(s) to various websites may be compromised. Think about all the sensitive web sites you use!

What is Denison doing?

Denison ITS staff have updated affected software on all of our exposed web sites and services. We are still awaiting some vendor updates. We are examining all our 3rd party services to be sure they are patched as well. At this time, the risk of having your BigRedID and password exposed is minimal.

What can I do to protect myself?

Because this affected more than 1/2 million web sites and services, you are undoubtedly affected somewhere. For an idea of the impact on popular sites, check out the Mashable article “The Heartbleed Hit List”.

Changing your password is a good response, but if you use the new password at a site that is still vulnerable, your new password could still be at risk. Because Denison sites have been patched, we advise you to change your BigRedID password. (Go to MyDenison and select My Apps -> Change My BigRedID Password.)

The best steps you can take now are the same ones you should follow as a general practice:

(1) Use different passwords for all sites, especially highly sensitive sites such as banking. You should NEVER use your BigRedID password on any other site;

(2) Monitor your accounts for unusual activity. If the site/account has a “Last Time You Logged In” message, check to be sure it seems reasonable; and,

(3) Beware of phishing emails to update your password. NEVER click on password change links embedded in an email. The only safe way is to go to the web site directly and locate their password change link on the site itself. If you are still unsure, contact your bank or other institution for more information. The bad guys will almost certainly take advantage of this event to harm unsuspecting victims.

Additional questions may be directed to Kent King, Information Security Officer (kingk@denison.edu).

The vendor who provides the denison.onthehub.com web site for distribution of Microsoft software for student, faculty, and staff personally owned machines has announced they will be performing maintenance this Wed., 3/26/14. It will begin at 7AM and may last for up to 2 hours. The site will be unavailable during this time. Please try again after 9AM.

Update: The Consort library catalog issue was resolved at about 11:00am.  Vendors will be called to determine the root cause of the problem.

Original Post: The Consort Library Catalog is currently unavailable.  Technicians are investigating the issue and updates will be posted here.

Update: We believe this issue has been corrected as of noon on March 12. If you continue to experience the issue, please contact the ITS Help Desk at 740-587-6395 or helpdesk@denison.edu.

Original Post:

ITS has received a number of reports of errors occurring when clicking links that appear under “Time Reporting” or “Time Approval” on the Employment tab in MyDenison. The errors reported involve being redirected to the Self Service login page which may display a “Break-in Attempted” message.

ITS has identified the issue and will be implementing a patch in Banner on March 22nd that will correct the error. In the meantime, if you experience this problem, please try closing the tab displaying the Self-Service login page and clicking the link again. If the problem recurs, you may…

• Use the blue Self Service icon in the top menu bar to open Self-Service Banner and select “Employee” then “Time Entry Reporting” to access the necessary timesheet area.
• Sign out of MyDenison, clear the cookies in your web browser, and then try again.

If you experience any additional problems or the above workarounds do not work, please contact the ITS Help Desk at 740-587-6395 or helpdesk@denison.edu

The ITS Help Desk received a number of reports of issues connecting to wireless in academic buildings between 10 and 11AM.  Our network engineers have  identified, and we believe resolved, the issue. If you experience any problems connecting to the Denison wireless network, please report them to the ITS Help Desk at 740-587-6395 or helpdesk@denison.edu.

Update 2/3/14 3:30PM:

The denison.onthehub.com web site is now available.

Original Post:

The “denison.onthehub.com” web site that distributes Microsoft products for student, faculty, and staff use on personally owned computers is currently unavailable due to vendor system issues.  The vendor reports that they anticipate being able to restore service by 4PM this afternoon.

Update:

A configuration change briefly interrupted the ability of devices to either newly obtain a wireless connection or renew an existing one. The issue has been corrected.

Original Post:

ITS has received two reports of issues connecting to wireless in two separate academic buildings and is investigating. If you experience any wireless issues, please contact the ITS Help Desk at 740-587-6395 or helpdesk@denison.edu.