Sep 2024

Maintenance of the University of Oldenburg network on 14.9.2024
(Message from Christoph Pierl, Head of Data Center Department)

Dear ladies and gentlemen,

On Saturday, September 14, 2024, maintenance work will be carried out on some central network components between 8:00 am and 12:00 pm. First of all, the software of the central campus switch at the Haarentor site will be updated between 8:00 - 10:00. During this period, there will be an interruption to the network connection at the Haarentor site lasting approx. 15 - 20 minutes. Immediately afterwards, the software of the two Internet access points will be updated one after the other. This will have no impact on users, as one of the two Internet access points will always be active during the work. Access from the Internet and from the Wechloy site to servers in the Data Center, such as the mail server, web server and StudIP, will not be affected by the maintenance work.

As a precaution, we recommend that you close all open files on Friday, shut down your workstation computer and do not use it until the end of the time-out on 14.09.2024 at 12:00 noon.

If you have any questions about this service time-out or encounter unexpected difficulties afterwards, please contact the IT Services Service Desk(servicedesk@uni-oldenburg.de, extension -5555).

Aug 2024

Due to the increased importance of the topic of IT security, we have set up an extra subpage (see green menu bar on the left) on which we post currently valid regulations, warnings and notices. We kindly ask for your attention.

Temporary support for ICBM-IT by student assistant

From August to November the ICBM-IT will be supported by Elnur Imamaliyev.

Elnur is studying Neuroscience (M.Sc.) at the UOL, but is also very well versed in the field of IT and has already familiarized himself with the tasks and processes of ICBM-IT since mid-May. Since he is standing in for Matthias Schröder during his sabbatical (Aug. 5 - Oct. 25), he will occasionally be found opposite Matthias' office (in W15 1-110, usually Mon.-Thurs. 14-17h) and is looking forward to getting to know the ICBM through personal contacts.

At this point, we would like to repeat our request to everyone to prioritize requests to the ICBM IT via the ticket system - i.e. via email to it(at)icbm.de.

Jun 2024

(Message from Renke Schütte)

Dear colleagues,

Our university is currently under attack again. Once again, the attackers have succeeded in gaining access to user accounts, once again the attackers have gained access to our secure, internal area and are up to mischief there.

The newer SentinalOne anti-virus software has succeeded in disabling some programs that the attackers use to spy on other passwords, among other things.

Based on the experience of past attacks by SentinalOne/Thor, I believe there is hope that we will get off lightly again, but defensive measures by IT services may result in operational restrictions.

My request:

• Be vigilant so that your access data does not fall into unauthorized hands.
• Use long, complex passwords! Passwords of only 8 characters without numbers, special characters or upper and lower case letters are unsuitable.

If you still have a weak password, change your password immediately! The use of simple passwords is negligent!

You can change your password now here: https://pw.uol.de/

• NOBODY from the IT services or other authorized persons will ask you for your access data including your password. For this reason: Do not tell your password to anyone else.
• Only use software from really trustworthy sources; there are thousands of software packages floating around on the Internet that steal passwords or compromise our computers, steal data, etc. If you are not 100% sure, do NOT install such software (note: always pay attention to the license terms for software, software is often free for private use, but requires a license and a fee in a university environment).
• Do not download anything from websites where you are not sure that the site and its content are secure and trustworthy.

May 2024

The anti-virus software SentinalOne, which must be installed on every university PC by a decision of the Presidential Board (see below), will receive an automated update.
The update takes place in the background and will largely go unnoticed by users, but in some constellations messages may appear on the screen or computers may slow down.
This notification is sent to prevent users from becoming unsettled in such cases.
For us in Faculty V, the update of the SentinalOne antivirus software takes place on Fridays (or Mondays).

Mar 2024

Notes on the mandatory use of the SentinalOne antivirus software

(Excerpts from emails from Thorsten Kamp & Renke Schütte)

... As announced last fall, the Presidential Board has now decided that Sentinel One must be used as virus protection on all systems of the university for which a client exists.

... The obligation to install SentinalOne also applies to all mobile computers (laptops/notebooks) and teleworking stations with university devices.

Please note that SentinalOne must also be installed for every new PC and every new installation.

SentinalOne can be downloaded here for various operating systems (bottom entry in the list): https://uol.de/itdienste/services/software

Private computers of employees and students or visiting academics

SentinalOne is not to be installed on the private computers of students, employees or third-party devices. However, there is an obligation to ensure that these private devices have adequate, up-to-date virus protection and an up-to-date operating system including security updates if these devices connect to the university network (e.g. via VPN/GlobalProtect). For private Windows devices, this can be achieved, for example, by using the free Windows Defender antivirus software and an active Windows firewall. Everyone involved is aware that we all only have limited possibilities to enforce this, especially for students.

Background:

Last year, our university was subjected to a fairly massive malware attack, which could only be fended off through massive deployment of personnel and financial resources in the six-figure range and a bit of luck. The attackers are becoming more and more professionalized and are thus making millions of euros through blackmail; the damage to companies and institutions also runs into tens of millions every year. Several universities have already been affected and were barely able to work for weeks.

This professional, organized crime also forces our university to strengthen protective measures to protect confidential data, research results and the functioning IT infrastructure (mail, Internet, data storage, etc.). Our IT services can only operate a part of the protection centrally; another part of the protection must be installed, updated and operated individually on each computer. Part of this individual protection on each computer is SentinalOne and an up-to-date operating system with all security updates. Since the faculties are independent in their IT support and the institutes are responsible for their own areas, this e-mail is sent to you (/you) for implementation.

SentinalOne should have been installed on all university computers months ago, but an analysis has shown that we have a considerable gap here. SentinalOne does not appear to be installed on many computers and no agreement/arrangement appears to have been made with the DSM for an alternative, equivalent protective measure for these computers.

Against this background, the Presidential Board has now decided to make installation mandatory, as it is a matter of protecting the university's IT infrastructure, including all our data.

Further measures such as 2-factor authentication will follow.

Information and a how-to can be found under this link.

Dec 2023

Dear Sir or Madam,
Dear colleagues,
Dear students,

Microsoft has released a new, free Outlook app for Windows 10 and 11 in addition to the classic Outlook application. This free application synchronizes access data, including passwords, and emails with the Microsoft cloud. For information security and data protection reasons, the app may therefore not be used for business purposes at the University of Oldenburg.

For students, the app may not be used to access university email addresses.

The same applies to Outlook apps on mobile devices (Android and iOS).

This expressly does not apply to the classic Outlook application from the Microsoft Office package (Office 2016, Office 2019). This application can still be used and webmail(https://w.uol.de) can also be used without restriction. You can find instructions on how to use webmail at the IT services: https://uol.de/itdienste/services/groupware/outlook-web

Stay vigilant!
Your Data Protection and Information Security Management staff unit

Aug 2023

Please return borrowed ICBM laptops (unless they are currently in use after consultation with us)

Jun 2023

THOR: FAQs & information

Warning against ransomware attack!

(Message from Renke Schütte, IT Coordinator of Faculty V)

Dear colleagues,

Action on your part is probably necessary.

Our university IT infrastructure is currently under attack and the attackers have already penetrated our IT network.

The attackers are currently (presumably) carrying out a vulnerability analysis within our network. Our IT services have already identified user accounts through which the attackers were able to penetrate our system, but there is uncertainty as to whether all "hacked" accounts have been discovered or whether other vulnerabilities have already been found by the attackers. The attackers are preparing a RAMSON attack in which all infected systems/computers are encrypted and all data, programs etc. are rendered unusable.

The central IT services and our university management are making every effort to keep this attack under control. For this purpose, external software (THOR) and expertise/consulting have already been procured or commissioned. The THOR software analyzes whether the respective computer is possibly infected.

What does this mean for us users, what should we do?

For all computers/IT systems that are in the W2KROOT domain structure of the central IT services, the central IT services will check the connected PCs. Actions by the users (you) are not necessary in this case. If you are not 100% sure whether your computer is in the W2KROOT domain and is therefore checked and protected by the IT services, be sure to ask your administrator at the work group or institute.

Notebooks/computers in mobile working/teleworking stations, all PC systems in the laboratories for device control, data evaluation etc., if these are connected to the network, and any other systems that are available in your area, must also be taken into account.

For all computers/servers owned by the University of Oldenburg that are not in the W2KROOT domain of the IT services, software with the name THOR must be installed immediately. Self-operated servers have priority. Once the THOR software has been installed, no further action is required by the user. If you do not have the appropriate user rights or do not trust yourself to install the software, please ask your administrator in your working group or institute.

Please act immediately, there is an urgent need for action.

On private computers and private computers of students, the software THOR software may not be installed on private computers and students' private computers!

--

The following link to download the THOR software for the various operating systems was provided by the Data Protection and Information Security Management Office, please only use this source for the THOR scanner:

(The link to the download has already been sent with an email from Matthias Schroeder; check with us again if necessary)

Note: As the THOR software is an executable file, some browsers such as Microsoft Edge will only allow the download to your computer after explicit confirmation.

May 2023

Change of antivirus software from Sophos to SentinelOne

Information and a HowTo can be found under this link.

Important security information!

Dear colleagues,
there will be some changes in the IT area for all IT users, which I would like to briefly inform you about.

New antivirus software
Currently, the product SOPHOS is to be used as antivirus software on the computers of the University of Oldenburg. The user contract for SOPHOS expires on 23.06.2023 and will not be extended.
The successor product to SOPHOS will be SentinalOne. It will be possible to adapt the upcoming SentinalOne software to the needs of faculties or working groups. Working groups or institutions that do not want to or cannot use SentinalOne must develop their own data protection concept that meets the requirements of the BSI and submit this to the Data Protection and Information Security Management Unit.
SentinalOne will not be available for the group of students via the university!
SentinalOne is available for Linux, Windows XP and above, MacOS (Intel chip and above), but not for mobile devices such as Android or IOS.
IT Services is currently testing the software in selected groups and will gradually add other groups that lie within the direct area of responsibility of IT Services. As the faculties are not part of these groups, IT Services will not be carrying out any installations on our premises. The institutes and working groups must do this themselves.
From 15.05.2023, the faculties can/may carry out the "replacement" of the anti-virus software.
I will send out information on how this is to be done shortly. Some of this will be done automatically, some will require installation on the PC.

2-factor authentication
The University of Oldenburg will introduce 2-factor authentication, which is also required by the General Data Protection Regulation (GDPR). For us employees, this means that when we log in with GlobalProtect, for example, we have to authenticate ourselves in a second way in addition to our password. This second way can be an app on the smartphone, a small personal USB stick, a TAN list or similar. IT Services is currently developing a system that is being coordinated with our data protection department, the staff council and other institutions.
This procedure is already common practice for online banking and other online systems, and now it is coming to us too. I am not yet aware of a time frame for its introduction.

Password safe and passwords
We all have to assign passwords for various areas and password security is (also) important.
For security reasons, it is necessary to set up different passwords for different applications/accesses. Given the now considerable number of accounts, access points, etc., this results in a not inconsiderable number of (different) passwords, which are often difficult to remember.
Browsers such as Firefox, Internet Explorer, Chrome, etc. offer the option for these programs to remember the passwords for us. However, we strongly advise against the use of saving passwords in browsers. These passwords can be read and decrypted. Do not store any passwords in your browsers!

Passwortsafe
Our university therefore recommends the use of a so-called password safe, which stores and manages passwords for us. Under the following link you will find a product KeePassXC including instructions:
https://uol.de/dism/faq/anleitung-keepassxc-1
If you have any problems, please contact your local IT administration in your working group or institute. The central IT services do not offer any support.

Passwords
The security of a password increases mainly with the length of the password and only slightly with the complexity (special characters, numbers and upper case). Even the most cryptic password with only 5 characters can be cracked in a few minutes.
Here are a few tips for good passwords:

• The password should be at least! 8 characters long, the longer the better! (My personal passwords are usually longer than 11 characters)
• The password should contain numbers, upper and lower case letters and special characters, but preferably no umlauts such as ä, ü, ö, as these occasionally cause problems with international applications.
• Passwords with names, series of numbers, dates of birth and similar are unsuitable.
• It is not a good idea to write down passwords on pieces of paper on the PC/monitor, under the keyboard or in a drawer.
• It goes without saying that personal passwords should not be passed on to other people.

Unfortunately, the reality of life shows us that increased sensitivity on our part and higher technical security measures are unavoidable. The various protective measures currently taken by IT services cannot provide sufficient protection on their own, so we users must also make an increased effort and adapt our IT devices accordingly.

Best regards

Dipl. Ing. Renke Schütte
Head of the Laboratory Supply and Disposal and Receiving Department of the BI
Head of the Presentation Technology Department of the BI
IT Coordinator of Faculty V
Faculty V - Mathematics and Natural Sciences

Mailing address:
Carl von Ossietzky University Oldenburg
D-26111 Oldenburg
---------------------------------------------------------
Campus Wechloy
Carl v. Ossietzky Straße 9-11
26129 Oldenburg
---------------------------------------------------------
Room: W2 0-016
Phone: 0441/798-3446
Mail: renke.schuette@uni-oldenburg.de

Dear colleagues,

We have received a report from our MWK about possible attacks via the software products Confluence (WIKI software) and Jira (task management software), which are also frequently used in teaching and research.

Our Data Protection and Information Security Management staff unit, Mr. Thorsten Kamp, is asking for prompt feedback from those who use this software. If the software is not used, there is no need for a negative report.

Mr. Thorsten Kamp will talk to the persons/working groups concerned about the problem and solutions.

Contact: Thorsten Kamp:
Stabsstelle Datenschutz- und
Informationssicherheitsmanagement
Carl von Ossietzky Universität Oldenburg
Ammerländer Heerstr. 114-118
26129 Oldenburg
Tel.: 0441/798-4768
Email: thorsten.kamp@uni-oldenburg.de

Yours sincerely

Dipl. Ing. Renke Schütte
Head of the Laboratory Supply and Disposal and Receiving Department of the BI
Head of the Presentation Technology Department of the BI
IT Coordinator of Faculty V
Faculty V - Mathematics and Natural Sciences

Mailing address:
Carl von Ossietzky University of Oldenburg
D-26111 Oldenburg
---------------------------------------------------------
Campus Wechloy
Carl v. Ossietzky Straße 9-11
26129 Oldenburg
---------------------------------------------------------
Room: W2 0-016
Phone: 0441/798-3446
Mail: renke.schuette@uni-oldenburg.de

Apr 2023

Possibilities for editing and annotating pdf documents

The software "KOFAX Power PDF" is available for Windows computers in the university network. A short description of how it works can be found in the linked document. The program can be installed via ZENworks if the university PC is connected to the central software distribution.

PDF Studio is an inexpensive alternative that also runs on Linux and Mac in addition to Windows. There is also a linked short description of this.

A free version with limited functionality is Xournal++.

If you have any questions or need help with the installation, please send an email to it(at)icbm.de.

Jan 2023

With the new year we welcome Andre El-Ama as a further reinforcement of the ICBM-IT team!

An inventory of the ICBM laptop stock has shown that only about 20 of the 60 existing devices are currently available. The remaining 40 were issued on loan in the past as part of the switch to online teaching due to Corona. Since teaching is now being held in person again and the laptops are intended for this purpose, we ask that the borrowed devices be returned.

Jun 2022

UPDATE: Microsoft has integrated a fix into the Cumulative Security Update on 14.06.2022 (finally!) - i.e. instead of the path described below via the registry entries, simply install the latest Windows updates - but everyone does that anyway, right?

The university DISM has classified a current security vulnerability as severe. There is no fix for this vulnerability yet, but there is a workaround - the affected module is more or less deactivated. Microsoft has written a blog post about this. You can follow this or download a script we have created here from our cloud and run it as an administrator.

Follow the steps below:

1. Download the batch file https://cs.uol.de/s/nWQS5Kmepe68SMt (and ignore any warnings)
2. Right-click on the downloaded file and select 'Run as administrator'.

The script deletes a branch from the registry, but first saves it on the desktop.

May 2022

Various transmission systems for online meetings and hybrid teaching are now available in ICBM. These are set up in

• W15 0-023 Permanently installed system: Rally(description as pdf)
• W15 0-027 Mobile system: MeetUp (description as pdf)
• W15 1-146 Permanently installed system: Rally(description as pdf)
• WHV conference room Permanently installed system: Rally(description as pdf)

Mar 2022:

Our online conference system Big Blue Button has been updated to version 2.4.

A nice list of the most important changes can be found here.