For updates on Virginia Tech Exchange and Google Apps Mail email, see Virginia Tech Email Announcements and News.
Wireless enhancements implemented this spring will support eduroam as the primary wireless network on the Virginia Tech campus for all students, faculty, and staff. eduroam provides the same level of service on campus as VT-Wireless and makes it easier to get and stay connected, whether you’re on campus or visiting an institution in one of the 76 territories around the world where eduroam is available, including the University of Queensland in Brisbane, Australia. Once you’ve connected at the Blacksburg campus, simply use your Virginia Tech wireless username (PID@vt.edu) and network password to connect at any eduroam location.
On May 17, 2016, the VT-Wireless SSID (service set identifier) will be retired to simplify wireless on campus and enable a strong focus on eduroam. All Virginia Tech employees and individuals affiliated with the university who use wireless Internet access on campus should make sure they connect using eduroam before the end of the 2016 spring semester. You can connect by following the instructions at Connecting to Virginia Tech Wireless eduroam.
Also on May 17th, a new SSID called VirginiaTech will be available, providing a streamlined way to connect to the network. When subscribed to the university wireless network service, employees can use the VirginiaTech SSID to initially configure their devices and connect to eduroam. Department-sponsored or non-sponsored guests will also use the VirginiaTech SSID and connect. The CONNECTtoVT-WIRELESS SSID will be retired to make way for this improved service.
For any questions or help, contact 4Help at http://4help.vt.edu or by calling (540) 231-4357.
On Monday, February 22, Virginia Tech’s 2-Factor Authentication (2FA) program implemented a new 7-day “remember me” option. This feature makes it possible for users to authenticate just once per week, for each computer and browser used.
While PID and password are still required for each login, this change allows easier access for users who have to log in and out many times per day, or who use their computers, tablets, or phones at many locations around campus.
To enable the 7-day option, your browser must be set to accept cookies. In addition, if the 7-day option is checked, you will not be able to add or remove 2-factor authentication devices from that browser until the start of the next 7-day window.
Complete information can be found on the 2-Factor Authentication page in the IT Knowledge Base: Using 2-Factor Authentication.
The Division of Information Technology is also hosting a series of walk-in help sessions at various locations on the Blacksburg campus to assist anyone that has questions about 2-Factor Authentication:
We also offer assistance 24-hours a day at http://4help.vt.edu.
Since November 2015, Virginia Tech has been defending against a wave of persistent online attacks that have compromised several computers on campus, and resulted in the university’s appearance on several email block lists. These block emails are affecting normal business operations, especially for email to addresses outside the university domain.
In cooperation with departmental IT staff, the IT Security Office shuts down these compromised machines as soon as they are localized. However, once placed on a blocked email list, it takes some time to be removed from it.
This problem is among the reasons that the implementation of university-wide 2-factor authentication is underway. In almost all cases, these compromises were the result of weak, easily-guessable passwords. The negative impacts of weak passwords are becoming more serious. Users are advised to implement strong passwords that are in compliance with university guidelines. Click here for information on how to create strong passwords.
As an intermediate step in the mitigation of this situation, the IT Security Office will begin blocking inbound SSH connections beginning on Feb. 8 at 5 p.m. Users who wish to connect to VT computing resources from outside the university network will need to set up a virtual private network (VPN) connection first, and go through the VPN to access Virginia Tech resources on campus.
To set up VPN access, go to https://computing.vt.edu/content/virtual-private-network and follow the configuration instructions to set up Junos Pulse for your computers or devices.
We will continue to provide updates on efforts to restore our email reputation. If you have technical questions, or are experiencing difficulties with connecting via the VPN, please go to 4help.vt.edu to submit your question or problem.
Two different employees of the university recently experienced a different type of phishing, one using a Windows computer, the other a Mac. While viewing a website they saw a flashing warning that the computer was infected, instructing them to call a toll-free number for assistance. The VT employees called and spoke to someone who assisted them with remotely connecting a hacker to their computer. The hacker stated they were a Microsoft or Apple employee. In the most recent case the website phone number called was 855-971-2627, an unpublished toll-free number.
In one case, the VT employee realized something wasn’t right after the hacker took over the computer, and hung-up the connection. In the other case, the VT employee stayed on the phone, helping the hacker for about 40 minutes, until the hacker stated he would need a fee to fix the computer problems.
This "personal touch" hacking is becoming more common. It is important to know that just as clicking on unfamiliar link or attachments can compromise your computer, speaking to an unknown individual on the phone about your computer can be just as unsafe.
Virginia Tech recently received an allocation of a new IPv4 address range: 22.214.171.124/18. None of these addresses have been assigned from this range, as yet. This advance announcement is provided to allow administrators time to assess how this impacts their services and security policies and make any necessary adjustments.
We encourage you to watch the Announcements from Virginia Tech's 4Help Web page for more details as they become available.
Should you have questions, please send an email to Ask-NISemail@example.com.
Accommodating the increasingly large volume of mobile and other internet capable devices connecting to Virginia Tech's network requires a corresponding use of IPv4 private addresses (RFC-1918). These private addresses require the use of Network Address Translation (NAT) to access off-campus services and resources.
Every device on the Internet requires a unique IP address. Due to IPv4 address resource constraints, it is not possible to provide every device a public IP address. Therefore each device is provided a private IP address that can only be used on campus. To accommodate traffic that is sent off-campus, the private IP address must be translated to a public IP address. The campus NAT service provides this translation so that the traffic can be routed over the Internet. NAT is not used for on-campus destinations. During peak hours, multiple devices may share the same public IP address. This may affect the functionality of certain services or applications.
The university uses IPv4 private addressing for the following services (not all require NAT services):
IPv6 is the latest Internet protocol. Virginia Tech supports IPv6 on almost all of its networks. IPv6 was designed to accommodate magnitudes more address space than IPv4. All IPv6 capable clients will receive a publicly routable IPv6 address. IPv6 traffic from these clients will not utilize NAT. Some common IPv6 capable services are Google, Netflix, and Facebook.
System administrators are encouraged to adapt their IPv4 firewall strategy to meet the needs of the services they manage. A list of the valid private networks is available at the IP Addresses at Virginia Tech page. Accessing devices with private IP addresses from off campus will not be possible since the public IP address assigned to that particular device will change throughout the day.
The private IPv4 addresses currently comprise the subnet: 172.16.0.0/12
A breakdown of individual services by subnet is as follows:
While all Windows 7 and 8.1 users should upgrade to Windows 10, we advise you to pick a good time to upgrade. If you are in the middle of classes and projects, then we strongly suggest you wait until the semester ends and you have the time, just in case anything goes wrong. Since new software and operating systems often have bugs that need to be patched when first released, we suggest you wait a few days or weeks until any problems are resolved.
***You should make backups of files and folders to Google Drive or an external hard drive before performing any upgrades.***
If you are running the Enterprise version of Windows 7 or 8.1 from the University, then you will have to wait until the University provides the Windows 10 Enterprise version. This will not happen for several weeks.
If you are running the Home or Professional version that came with your computer at the time of purchase, then you should use Windows Update to update to Windows 10.
Yes, it should. BUT, we have not tested any of the University software and have not upgraded to Windows 10. Windows does provide a compatibility center to give you a better idea of which software may or may not work: Windows Compatibility Center.
If restricting access to Virginia Tech affiliates based on IP address, in addition to allowing 126.96.36.199/16, 188.8.131.52/16, you now need to add 172.16.0.0/12.
This is because NAT (network address translation) services are being moved to our campus network border. As a result of the addition of new IP addresses, as of August 1, 2015, wireless network traffic and other forthcoming services previously "NAT’d" before reaching the campus network will begin to be assigned private addresses (RFC-1918) when communicating with on-campus servers. In addition, the new Residential networks will use private addresses.
To view addresses of other subnets, see the IP Addresses at Virginia Tech Computing page.
The Department of Human Resources, Information Technology Security Office, and other offices at Virginia Tech are receiving reports of tax-related identity theft.
The IRS defines tax-related identity theft as theft that occurs when someone uses your stolen social security number to file a tax return claiming a fraudulent refund. Employees are urged to be vigilant in protecting their social security number and to be aware of the risk of tax-related identity theft.
The Taxpayer Guide to Identity Theft published by the IRS provides more information about tax-related identity theft and what to do if you are a victim.
If you believe you may be a victim of tax-related identity theft, contact law enforcement and follow the other steps indicated by the IRS.
This information first appeared on Virginia Tech News.