As previously announced, Telnet to CAC3270.PSU.EDU to logon to PSUVM was discontinued on August 31, 1998. Mainframe users can logon to PSUVM by using telnet to connect to VM.CAC.PSU.EDU using Telnet software clients with their Access Accounts. Macintosh users can use the TN3270 client software; Windows users can use the QWS3270 client software. See the Internet software distribution Web page for links to the Telnet clients.
From the Help Desk
A serious security flaw in Eudora 4.0 and 4.0.1 for Windows has been discovered and fixed by QUALCOMM Incorporated. QUALCOMM believes the problem does not affect Eudora Pro 4.0 for Macintosh.
According to QUALCOMM, "This risk involves the ability for users to include hostile Java applets or scripts in an email message. The offending code has the potential to allow a person to attach to an email message an executable program, as is possible with any email program, while 'hiding' the name of the attachment as a URL in the email message. A user could then potentially click on that URL and launch the email attachment."
To immediately solve this problem, disable the Microsoft viewer in Eudora's options. Then download the "patch" from QUALCOMM's Web site. This patch is a free upgrade for registered users of Eudora Pro Email 4.0 and Eudora Pro CommCenter 4.0.
Further information may be found at http://eudora.qualcomm.com/security.html.
In the meantime, we wish to remind everyone that it is never advisable to open email attachments or URLs sent to you from someone you do not know.
From the Help Desk
Netscape 3 users will get warning messages when connecting to secure sites (via https) that are certified by Thawte Consulting. Thawte certifies approximately 20% of the secure sites including some run on CAC Web servers (www.work.psu.edu and www.worldcampus.psu.edu most notably). The cause of these warnings is an expiration for Thawte's certification authority in the built in certificates that come with the Netscape 3 browser. This is the first of several certificates built into Netscape 3 that will expire in the next year.
To avoid the warnings, download the "rollover" certificate and install it into the "Site Certificate" section of your browser. The procedure takes only a minute or two, and the new certificate will be good until the year 2020 (by which time it is hoped that no one is using Netscape 3). The procedure is detailed at the following URL:
http://www.thawte.com/certs/server/rollover.html
The only thing that might be unclear in the directions found at
the above URL is what to name the new "Site Certificate." We suggest
naming it the same as the original: "Thawte Server CA".
An alternate course of action would be to upgrade to a newer version of Netscape. To obtain a newer version, use an FTP client to download Netscape from the following locations:
Host name: ftp.cac.psu.edu
Directory path: pub/access/cd/
For Macintosh:
ftp://ftp.cac.psu.edu/pub/access/cd/mac/www/
For Windows 3.1:
ftp://ftp.cac.psu.edu/pub/access/cd/win31/www/netscape.htm
For Windows 95, 98, NT:
ftp://ftp.cac.psu.edu/pub/access/cd/windows/www/netscape.htm
From the Help Desk
Do you ever get frustrated trying to set up and configure dial-up networking in order to connect with the Center for Academic Computing Access Server modems? Well, life just got a little easier with the recent upgrade of the more than 1,000 CAC dial-up modems.
A new functionality in the CAC modems is now available. It's called PAP (Password Authentication Protocol) and it's always been supported by Windows 95 and Windows NT4 "out-of-the-box". Windows 98, NT5, Mac OS and many versions of Unix support it too, so any of these systems can take advantage of this new capability in the CAC modem servers. This also applies at some, but not all, of the Commonwealth Colleges (see http://cac.psu.edu/internet/dialup for the master list of Commonwealth College modem telephone numbers. Those that support PAP are marked.
In Windows, you no longer need to manually key in your PSU Access Account user ID and Password pair after you've connected to one of the CAC's Netblazer or Micablazer modems. The PPP software automatically provides whatever you typed in the Username and Password fields in the dial-up connection window to the CAC's Kerberos authentication server. Once the Access Account user ID and Password pair are verified, the full PPP connection is automatically provided.
Those of you who have been using a Windows 95, NT4 or Mac dial-up script have achieved the same result for the past several years, because the script provided the mechanism, or glue, that passed the Access Account user ID and Password along to the CAC Access Server interface. If you've been successfully connecting, there's probably no reason to change.
If you decide to take advantage of this new capability, you'll find detailed instructions for Windows 95, 98 and Windows NT4 at ftp://ftp.cac.psu.edu/pub/access/cd/windows/dialup/psc.htm.
On a Macintosh using Open Transport's PPP, you no longer need to use a connect script. If you have been connecting successfully, again, there's probably no reason to change. However, new machines can open the PPP control panel, select OPTIONS and then PROTOCOL and finally uncheck the box that says "Connect to command-line host." Then the system will use the Name and Password that were supplied on the main PPP screen.
Different versions and flavors of Unix handle this capability differently, with many newer Unix systems also providing the capability "in-the box." If you have an older system, you may wish to visit what many consider to be the ultimate UNIX PPP web site at http://www.stokely.com/unix.serial.port.resources/ppp.slip.html.
For more information about dial-up connection issues in
general, visit the CAC's web pages at
ftp://ftp.cac.psu.edu/pub/access/cd/index.htm
Jim Forkner, Center for Academic Computing
