OIT protects servers from attacks during registration


tech_code_nik
Photo by Nikhilesh De |

Last fall, hundreds of first-year students anxiously waited to sign up for classes through the web registration system for the first time. That night, Rutgers was hit by the first of many distributed denial of service (DDoS) attacks.

A timeline of the attacks was listed in a previous article by The Daily Targum. When the first occurred during pre-registration in November 2014 it was not considered anything more than an isolated incident, even though it forced the University to change the registration dates,.

Subsequent attacks caused further inconvenience to students, and their aftereffects are still being felt now, according to another article by the Targum.

Over the summer, the Office of Information Technology hired FishNet Security and Level 3 Network Security Services to supplement Incapsula Inc. in protecting University servers, according to the Targum.

Country-blocks were put in place as well, to prevent attacks from specific nations from hitting Rutgers. Traffic from China, Vietnam and Brazil had been seen during previous attacks.

While the University did see an attack earlier this year, Rutgers' networks were not taken down during the registration period.

Part of this comes from the Office of Information Technology (OIT) hiring different companies to protect Rutgers, including Incapsula.

The company protects several Rutgers sites, including the Web Registration System (WebReg), according to a ping test.

Ping tests measure how fast a computer’s connection to a website or application is, according to speedtest.net. Shorter times indicate faster connections, measured in milliseconds.

People who use Windows machines can launch their own ping tests through the command prompt. To launch the command prompt, they can either click “start,” or tap the Windows and “R” keys at the same time. In both, they should type “cmd” and hit the enter key.

Mac users should open "Terminal" from the "Utilities" folder, which is located in "Applications," to reach their version of the command prompt.

To actually ping a website, users can type “ping” and follow with the Uniform Resource Locator (URL). This is the part that people type into Google Chrome or Internet Explorer to get to a website.

Beyond using this method to check if Rutgers' servers are online or not, users can check whether other websites are responding or not. This is especially helpful if a user is not sure whether they can access a website or not.

It can also help to make sure a computer is connected to the Internet in the first place.

Normally, webreg.rutgers.edu and similar websites resolve Rutgers hostnames.

Hostnames are unique identifiers for computers and servers, according to Microsoft. A single computer can also have multiple hostnames.

In other words, pinging Rutgers-hosted servers should show that the University is actually doing the hosting.

When Domain Name System (DNS) Services were disrupted on Nov. 18, internet access and access to some Rutgers servers were lost. The outage was caused by “service provider error,” according to the Net People mailing list.

Pinging cas.rutgers.edu and webreg.rutgers.edu during this outage showed those sites resolved their hostnames to Incapsula addresses, rather than Rutgers addresses. Normally ping tests time out, or show no results, during an outage.

This means the company is protecting Rutgers servers by redirecting traffic through their servers. In the event of another DDoS attack, University servers should not be hit.

While announcements have explained the steps the Office of Information Technology have taken to mitigate the problems, not many students understand the steps taken.

Ann Strzelczyk, a School of Environmental and Biological Sciences senior, said she heard there was a piece of software designed to prevent against DDoS attacks, but is not sure what it is or how it works.

Based on statements from the alleged attacker, she said she thinks the software is inadequate to the challenges posed.

"The University should share more information about how its services are being protected," said Jennifer Chen, a School of Arts and Sciences sophomore.

Like many other students, she was unable to register for classes or use any internet services last fall, she said.

“I’m sure (Rutgers) is doing their best to protect us from more attacks but … they did spend a lot of money on (companies to protect servers) this summer,” she said. “… we still lost internet. I’m not sure exactly what (OIT is) doing but … I’m sure it’s going to help.”

She said it would be helpful if OIT updated students more often than just when services go down, similar to how they announced the upcoming Central Authentication Service (CAS) migration to a new infrastructure.

OIT announced in an email last week that access to CAS would be limited on Dec. 27 between 7:00 am and 1:00 pm. This would be because the office is changing the hardware behind CAS to improve it.

The OIT “should definitely” make announcements like that one when applicable, Chen said. These announcements help keep the student body informed

“I know Rutgers has our personal data,” Strzelczyk said. “I want to know if Rutgers is spending more than the bare minimum for some cheap software.”


Nikhilesh De

Comments powered by Disqus

Please note All comments are eligible for publication in The Daily Targum.