DUKE ITAC - April 22, 1999 Minutes
April 22, 1999
Attending: Landen Bain, Pakis Bessias, Chris Cramer (for John Board), Kevin Cheung, Ken Hirsh (for Dick Danner), Jim Coble (for David Ferreiro), Nevin Fouts, Pete Goswick, Jimmy Grewal, Patrick Halpin, Alfred Trozzo (for Paul Herrod), Donna Hewitt, David Jamieson-Drake, Betty Leydon, Melissa Mills, Kyle Johnson (for Caroline Nisbet), John Oates, George Oberlander, Lynne O'Brien, Mike Pickett, Rafael Rodriguez, Leslie Saper, John Sigmon, Clark Smith, Bob Currier (guest), Alan Halachm (guest), and Charlie Register (guest).
Review of Minutes and Announcements:
- David Jamison-Drake is working on some edits to previous minutes related to correcting information reported as part of Confidentiality presentation/discussion.
- Reminder of end-of-year celebration at next ITAC (May 6). A reminder will be sent.
Ivy+ CIO Meeting report
- Infrastructure environment
- Measuring and assessing IT costs
- Voice/video/data integration
- Duke's HelpDesk received great praise for response time/staff ratio.
- Many are developing standards which facilitate movement towards a more homogenous environment.
- Examples of IT cost per desktop were cited (some were as high as $10,000/year).
- Duke should develop metrics about costs (TOC per desktop).
- John Long (Lucent) spoke to group. Killer applications have not yet been identified for this space. Currently, this area is technology driven and the associated application space is immature. Voice over IP is useful now for certain niche's.
Betty Leydon Main topics of discussion were:
Measuring and assessing IT costs
Instructional Technology Planning Update
- Ensure that faculty members are aware of and prepared to use technologies that improve teaching and learning.
- Encourage faculty to experiment with uses of technology in teaching.
- Promote collaboration among faculty, other campus units, and the public and private sector interested in using technology for teaching.
- Help develop facilities where faculty and students can use technology appropriate for their teaching and learning goals.
- Coordinate planning for instructional technology support; integrate instructional technology planning into other institutional change efforts.
- Assess the effectiveness of instructional technology initiatives.
- Ensure that instructional technology initiatives are sustainable and cost effective.
The Center for Instructional Technology advisory board is established and has met twice. Key topics of discussion: general priorities, speaker series, classrooms, faculty incentive grants.
http://www.lib.duke.edu/cit/CITABwebsite.htmlIn progress at http://www.lib.duke.edu/cit/. I have begun to identify information that faculty want and existing information that could be reorganized to be more useful to faculty. I hope to improve the appearance and add substantial content this summer as a result of having new staff available to help. Please forward information about links to existing information, types of information that would be useful, etc.Spring speaker series is planned. Please help me to publicize these sessions.
Potential sessions for Fall 99/Spring 00 are identified. Please give me your reaction to proposed topics and your suggestions for other speakers and topics, both within and outside of Duke.
Along with faculty from the Engineering school, I will be offering a four-part workshop in May to Engineering faculty on using different types of technology in teaching
http://www.lib.duke.edu/cit/training.htmlPlanning is underway to implement CourseInfo software by mid-May for course web page development. I also have been collecting subject-specific resources and tools which will be linked into CIT web page later this summer.I have toured many classrooms and heard feedback from faculty and students about the enhancements they would like to see in Duke classrooms. I am organizing a planning session for early to mid-June to bring together individuals from all schools to talk about classroom planning issues.I've met with a variety of faculty about projects they either have underway or would like to start. I'm working with the Foreign Language Task Force to discuss how technology can play a role in implementing the new foreign language requirement. Several faculty members have consulted with me on grant applications involving instructional technology.
The academic technology consultant positions are almost approved; hiring for two academic technology consultants in the CIT plus an instructional technology specialist in foreign language should start soon. ATC job descriptionAn incentive program was built into the Engineering workshop mentioned above. http://www.lib.duke.edu/cit/memo.html
The CIT advisory board reviewed incentive programs at fourteen other schools. Summary of other programs and key issues discussed for Duke's program are at:
Draft for a program at Duke will be linked from CIT advisory board page.I've met with Bob Froh, Bob Thompson, David Jamieson-Drake, Duke Student Government and others to discuss coordinating efforts to assess impact and effectiveness of instructional technology initiatives. I've also been collecting information about assessment efforts at other schools and articles on IT assessment that will be useful in planning assessment activities at Duke. I've asked the new Director of the Center for Teaching, Learning and Writing to be on the CIT advisory board so we can coordinate activities wherever possible.
I've distributed a pre-workshop questionnaire to Engineering faculty planning to attend the May workshops. I'll be doing a follow up questionnaire and interviews with them next year to assess the impact of this workshop. http://www.lib.duke.edu/cit/form.html
- Establish an advisory group representing different constituencies interested in instructional technology to help define needs, develop and review plans and assess the impact of instructional technology initiatives.
Create a university-wide web site to serve as a clearinghouse for information, resources and contacts about instructional technology.
Organize activities that publicize effective uses of technology in the curriculum.
Provide a set of integrated, well-supported, easy-to-use tools to help faculty develop and use technology in the planning and delivery of their courses.
Develop technology-enhanced classrooms and clusters that meet pedagogical needs.
Consult with faculty, teaching assistants and instructional support staff on all aspects of integrating technology in teaching.
Develop an incentive program for faculty members who wish to undertake significant instructional computing projects.
Working with the advisory board, develop short term and long term assessment goals and plans.
Lynne O'Brien presented the following report:
Goals presented to ITAC at January 14, 1999 meeting
Planned activities and progress toward them:
Alumni & Development System Update
- GRADS [Gift Record and Alumni Development System] was developed in 1980
- ADVANCE system was purchased and brought on-line in 1992; written in CSP and DB2
- Hired CSP programmer in 1996; developed GUI interface to ADVANCE using Client Soft (screenscraper) product.
- Developed a Visual Basic application usable by distributed development staffs which supports inquiries and printing.
- Plan to use current environment/framework until 2003 (end of current capital campaign)
- 345,000 entities in databases (company + individual) and over 2,000,000 gift records
- 97 total users
Pete Goswick provided a brief overview of related system development efforts
In 1973 Duke raised $13M from 15,000 entities. In 1999 to-date (9.5 months), we have raised $269M from 72,000 entities. Have raised $2.4B since 1973 and $1.5B in the last five years.
The system selection process for the replacement system will involve other schools/departments within Duke.
The first attack that we were able to get good data on occurred during the day on 14 April. Massive amounts of SNMP traffic was sent from Fuqua, causing major ARP storms across both DukeNet and the CSN. Filters were put in place to deny SNMP from this interface.On the same day, (14 April), at approximately 4:00pm router utilization shot up to 99%. Subsequent backbone traffic analysis revealed huge amounts of UDP traffic from a ResNet machine and an offsite machine, trinity. tegris.com. Filters were installed in beck to block all traffic to and from trinity.tegris.com. As soon as the filters were put in place router load dropped to normal levels.The third major attack occurred during the day and evening of Friday, 16 April. DukeNet and the CSN were hit extremely hard. Late in the evening, backbone traffic analysis revealed huge amounts of spoofed IP traffic on the backbone. Further examination revealed this to be a TCP SYN-Flood attack.
This attack was particularly interesting as it involved numerous machines on several network segments, all working in conjunction with each other. This indicates that serious comprises of system security have occurred.
Filters were installed on beck and kansas and the load on both routers subsequently increased by 15%.
- ATTACK 1: ARP STORMER
ATTACK 2: UDP BOMBER
ATTACK 3: IP SPOOFING WITH SYN-FLOOD
Access Denied and Actions Taken:
During the week of 12-16 April, users of DukeNet and the CSN experienced major interruptions in network service, with the days of 14 and 16 April being particularly painful.
Symptoms of the attack included rapidly increasing backbone router loads, massive packet loss, routing table and bridge table corruption and an across-the-board loss of service. Attacks generally lasted from 10 to 60 minutes and occurred at varying times of the day and night.
After analyzing all of the collected data, we've determined that the attacks were of different types and perpetrated by different individuals. Of course, it is impossible to be certain that all of the attacks weren't carried out by the same group, but it is unlikely given the variance in attack signatures.
Data Communications has implemented several anti-DOS filters on both beck and kansas, the core routers, with a corresponding 15% increase in router CPU load. Shortly after installing the filters it was noted that over 4,000 IP spoofing attempts had been detected inbound from ResNet.
To date, we have seem to have been successful in containing the attacks after the filters were put in place. It is likely that the black hats will find a way around the filters in a week or two. Good security practices are of utmost importance in the war against the bad guys. All it takes is one unsecured box and we're right back to where we started.
Charlie Register reviewed events surrounding recent DOS (Denial of Service) attack [handout--Access Denied and Actions Taken--included as part of the minutes]. Discussed need to communicate proactive information to all users (including users accessing Duke systems from home) about securing their environments.