| Version 49 (modified by , 14 years ago) ( diff ) |
|---|
Information regarding Nevis computing infrastructure
Here is a link to the Nevis website.
Contacts for Nevis/Astrophysics Lab
Network Related
- Sys Admin: David Secrest (secrest), Pupin 1008a
Aprile Group
- PI: Elena Aprile (age), office 1016 (Pupin)
- Roberto Santorelli (santorelli), Cyclotron building, 914-591-2825
- Karl-Ludwig Giboni (kgiboni)
- Guillaume Plante (guillaume)
Hailey Group
- PI: Chuck Hailey (chuckh), office 1018 (Pupin)
- Jason Koglin (koglin), Cyclotron building, 914-591-2881
Savin Group
- PI: Daniel Wolf Savin (savin), office 1210C (Pupin)
- Hjalmar Bruhns (hbruhns), Cyclotron building, 914-591-2874 (dial 72-2874 from Morningside Campus)
- Bohdan Seredyuk (seredyuk)
Network Information for Astro/RARAF at Nevis
IP range: 129.236.254.1-126
Netmask: 255.255.255.128
Gateway: 129.236.254.1
DNS: 128.59.59.70, 128.59.62.10
CUIT handles nameserver records, both forward and reverse.
Router
IP Address: 129.236.254.1
The following information was provided by Bill Seligman, Network Engineer on the particle/nuclear physics half of Nevis:
CUIT manages a router that is physically located in the Nevis particle-physics research building, which is the first red-brick building you see when you enter the Nevis driveway; the "Cyclotron" building is the one behind it, with the big round windows, and that's where the Astro/RARAF groups work.
That CUIT router is in a locked cabinet, and I don't have a key. They take care of the network traffic from the outside world into the Nevis research building.
Four Ethernet cables come out of that cabinet, two for you and two for me. Of each pair, one is a direct link to the microwave dish on top of the research building; that link goes to Lamont-Dougherty across the Hudson River, then down to Columbia. The other is a link to a central network hub in White Plains. Under normal conditions, all the columbia.edu traffic goes through Lamont, and the rest goes through White Plains; however, each link acts as a backup for the other.
Your (the Astro/RARAF) pair of cables connects via a switch to a fiber-optic cable that goes from the research building to the Cyclotron building. That your network link to the outside world.
Switch
There is a single switch located on the second floor at the northwest corner of the cyclotron bay. It is a
Linksys Etherfast 10/100 24-port, model no: DSSX24
with a
100Base-FX module providing two optical ports
The optical connections come from CUIT and provide connectivity to the rest of the world, as described in the previous section.
Wireless Network
There are two wireless access points, one located next to the switch on the second floor, and one almost directly below that on the first floor. They are both
Asus WL-520gU wireless routers running dd-wrt (firmware: v24-sp2 (01/01/09) mini-usb-ftp - build 11296M NEWD)
SSID: Cyclotron
They are running as access points that forward DHCP requests to and from the DHCP server, so machines connecting wirelessly will pick up public IP addresses.
The AP on the first floor (cyclotron1) is running on channel 2 (2.417 GHz) and the one on the second floor (cyclotron2) is running on channel 9 (2.452 GHz).
There is no wireless key. (This is not such a security concern because all the ip addresses on the network are already public. It could provide Internet access to people outside the building and, potentially, be a spam launching point, but given its fairly remote location, that is not so great a concern.)
Astro/RARAF DHCP server
Hardware Manufacturer: Gateway
BIOS version: WL81020.ISA.0007.P06
Processor: Pentium III, 866 MHz, 133 MHz bus
RAM: 128 MB
OS: Windows 2003 Server
IP Address: 129.236.254.11
NETBIOS name: astronevis-dc
DNS name: an-dc.astronevis.columbia.edu
DHCP Address pool: 129.236.254.80-125
It is connected to a UPS.
It is set to reboot when power is restored after a power failure.
IP Assignments
| Switch Port | IP Address | MAC Address | OS | Group | User | Computer Name | DNS Name |
| 24 | 129.236.254.1 | 00000C07AC01 | Cisco IOS | CUIT | |||
| 24 | 129.236.254.2 | 0009E8299D41 | Cisco IOS | CUIT | |||
| 24 | 129.236.254.3 | 000BBF773819 | Cisco IOS | CUIT | nevis-gw-fe-astrophysics.net.columbia.edu | ||
| 129.236.254.5 | 00083029D605 | Cisco SG 300-10 | switch | donati | donati.astronevis.columbia.edu | ||
| 129.236.254.6 | 20370632C5D5 | Cisco SG 300-28 | switch | halley | halley.astronevis.columbia.edu | ||
| 15 | 129.236.254.11 | 000102D0DD42 | Win2003 Server | Astro/RARAF | DHCP Server | astronevis-dc | an-dc.astronevis.columbia.edu |
| 129.236.254.12 | nanook.astronevis.columbia.edu | ||||||
| 129.236.254.13 | barricade.astronevis.columbia.edu | ||||||
| 10 | 129.236.254.14 | 00248C65BC08 | dd-wrt | Astro/RARAF | wireless AP | cyclotron1.astronevis.columbia.edu | |
| 13 | 129.236.254.15 | 00248C65B8C3 | dd-wrt | Astro/RARAF | wireless AP | cyclotron2.astronevis.columbia.edu | |
| 3 | 129.236.254.19 | 0030C1ACB041 | HP 2500CM | Aprile | printer | ||
| 3 | 129.236.254.20 | 000400181448 | raraf1.raraf.columbia.edu | ||||
| 129.236.254.21 | raraf2.raraf.columbia.edu | ||||||
| 129.236.254.22 | raraf3.raraf.columbia.edu | ||||||
| 129.236.254.23 | 000D569B8F29 | raraf4.raraf.columbia.edu | |||||
| 129.236.254.24 | 000102E7ABA4 | raraf5.raraf.columbia.edu | |||||
| 129.236.254.25 | raraf6.raraf.columbia.edu | ||||||
| 129.236.254.26 | raraf7.raraf.columbia.edu | ||||||
| 129.236.254.27 | raraf8.raraf.columbia.edu | ||||||
| 129.236.254.28 | raraf9.raraf.columbia.edu | ||||||
| 129.236.254.29 | raraf10.raraf.columbia.edu | ||||||
| 129.236.254.30 | raraf11.raraf.columbia.edu | ||||||
| 129.236.254.31 | raraf12.raraf.columbia.edu | ||||||
| 129.236.254.32 | raraf13.raraf.columbia.edu | ||||||
| 129.236.254.33 | raraf14.raraf.columbia.edu | ||||||
| 129.236.254.34 | 000AE4145B84 | raraf15.raraf.columbia.edu | |||||
| 129.236.254.35 | 0030AB1DAAF6 | raraf16.raraf.columbia.edu | |||||
| 129.236.254.36 | 080009A8D3C5 | HP printer | printer | hp-nevis.astronevis.columbia.edu | |||
| 129.236.254.37 | 00219B729C0C | Windows | Hailey | NUSTAR_SCANNER | nustar-scanner.astronevis.columbia.edu | ||
| 129.236.254.38 | astro8.astronevis.columbia.edu | ||||||
| 129.236.254.39 | 00E018B63A2B | Linux | Aprile? | astro9 | astro9.astronevis.columbia.edu | ||
| 129.236.254.40 | 00E01849556A | astro10.astronevis.columbia.edu | |||||
| 129.236.254.41 | 00C04FB8C368 | Windows 98 | Hailey | Scan_Lab | scan-lab.astronevis.columbia.edu | ||
| 129.236.254.42 | 001D097C9E8C | WinXP | Hailey | slumplab.astronevis.columbia.edu | |||
| 129.236.254.43 | 002129964116 | Miller | cosmolab.astronevis.columbia.edu | ||||
| 129.236.254.44 | 00234D1FC4BA | Brother MFC-9840CDW | Hailey | printer | astro14.astronevis.columbia.edu | ||
| 129.236.254.45 | 000D56F7E369 | Linux | astro15.astronevis.columbia.edu | ||||
| 129.236.254.46 | 00065B5EFD20 | Linux? | Miller | ebex.astronevis.columbia.edu | |||
| 129.236.254.47 | astro17.astronevis.columbia.edu | ||||||
| 129.236.254.48 | 001C251897CB | astro18.astronevis.columbia.edu | |||||
| 129.236.254.49 | 00142224D580 | Linux | Aprile? | astro19.astronevis.columbia.edu | |||
| 129.236.254.50 | 000C6E618205 | Linux | Aprile | webserver | astro20.astronevis.columbia.edu | ||
| 129.236.254.51 | 00807736ABDC | Brother HL-6050DN | Hailey | printer | scanprinter.astronevis.columbia.edu | ||
| 129.236.254.52 | 000F1F97A098 | WinXP/Ubuntu64 | Savin | Hjalmar Bruhns | klaatu | klaatu.astronevis.columbia.edu | |
| 129.236.254.53 | 00142239C7AD | WinXP/Ubuntu64 | Savin | Bohdan Sereyuk | marvin | marvin.astronevis.columbia.edu | |
| 129.236.254.54 | 0800111BAD49 | Oscilloscope | Savin | savinscope1.astronevis.columbia.edu | |||
| 129.236.254.55 | 00D0C99E344D | WinXP | Savin | lab computer | rossum | rossum.astronevis.columbia.edu | |
| 129.236.254.56 | 0080778C7A7F | Brother HL-5250DN | Savin | printer | BRN_8C7A7F | savinprinter.astronevis.columbia.edu | |
| 129.236.254.57 | 001111647240 | WinXP | Savin | server | bishop | bishop.astronevis.columbia.edu | |
| 129.236.254.58 | 0023DFFF1BA9 | Mac OS X | Hailey | server | NuSTAR-servers | ||
| 129.236.254.59 | C42C030BA360 | ? | ? | server | rmcfserver | ||
| 129.236.254.60 | 001F1F35A6A8 | ? | ? | server | AssemblyDAQ | ||
| 129.236.254.61 | 001F1F35A555 | ? | ? | server | AssemblyDAQ2 | ||
| 129.236.254.62 | 0C60765D9A54 | ? | ? | server | BRN001BA920C467 | ||
| 129.236.254.64 | 0026F2ABEB26 | Hailey | sensor | commodore.astronevis.columbia.edu | |||
| 129.236.254.65 | 0018C800175C | door security? | |||||
| 129.236.254.66 | 0018C800172F | door security? | |||||
| 129.236.254.67 | 0018C8001769 | door security? | |||||
| 129.236.254.68 | 0018C800176E | door security? | |||||
| 129.236.254.69 | 0018C8001762 | door security? | |||||
| 129.236.254.70 | 00408C9DAD20 | security camera? | |||||
| 129.236.254.71 | 00408C9D6C77 | security camera? | |||||
| 129.236.254.73 | 00408C9DAFD8 | security camera? | |||||
| 129.236.254.74 | 00408C9D6C75 | security camera? | |||||
| 129.236.254.75 | 003067564CEA | Win7 | Savin | Julia Stützel | eve.astronevis.columbia.edu | ||
| 4 | 129.236.254.80 | 00188BB1B46A | RARAF | xuraraf | dynamic1.astronevis.columbia.edu | ||
| 129.236.254.81 | 0011435FE16D | WinXP | Hailey | Colin Hawthorn | HAWTHORN | dynamic2.astronevis.columbia.edu | |
| 4 | 129.236.254.81 | 000E351C234D | Gerhard | dynamic2.astronevis.columbia.edu | |||
| 129.236.254.82 | 0017F2F1CE8A | Aprile | Maria Elena Monzani | dynamic3.astronevis.columbia.edu | |||
| 129.236.254.83 | 00095BD1F96F | netgeard1f96f | dynamic4.astronevis.columbia.edu | ||||
| 4 | 129.236.254.84 | 000D56A9F08D | Steve | dynamic5.astronevis.columbia.edu | |||
| 4 | 129.236.254.85 | 001143528F65 | RARAF | Alan Bigelow | Bigelow | dynamic6.astronevis.columbia.edu | |
| 4 | 129.236.254.86 | 000C7670B586 | dynamic7.astronevis.columbia.edu | ||||
| 129.236.254.87 | 000FB570B8F8 | Windows | RARAF | MB2offline | dynamic8.astronevis.columbia.edu | ||
| 129.236.254.88 | dynamic9.astronevis.columbia.edu | ||||||
| 129.236.254.89 | dynamic10.astronevis.columbia.edu | ||||||
| 129.236.254.90 | dynamic11.astronevis.columbia.edu | ||||||
| 129.236.254.91 | 0016EC1FE3F6 | WinXP | Hailey | Marcela Stern | Beyond | dynamic12.astronevis.columbia.edu | |
| 129.236.254.92 | 00308494796D | RARAF | Guy Y Garty | garty | dynamic13.astronevis.columbia.edu | ||
| 129.236.254.93 | dynamic14.astronevis.columbia.edu | ||||||
| 129.236.254.94 | dynamic15.astronevis.columbia.edu | ||||||
| 129.236.254.95 | 0017F2DCAD27 | yamac | dynamic16.astronevis.columbia.edu | ||||
| 129.236.254.96 | 000874EB76D7 | Win2003 Server | Hailey | server | scan-dc | dynamic17.astronevis.columbia.edu | |
| 129.236.254.97 | dynamic18.astronevis.columbia.edu | ||||||
| 129.236.254.98 | dynamic19.astronevis.columbia.edu | ||||||
| 129.236.254.99 | 0018F3276BB1 | Windows | Aprile | Roberto Santorelli | astrohp | dynamic20.astronevis.columbia.edu | |
| 129.236.254.100 | 00065B5EFD20 | Windows | gsk-01 | dynamic21.astronevis.columbia.edu | |||
| 129.236.254.101 | 00184D2C2FDA | dynamic22.astronevis.columbia.edu | |||||
| 129.236.254.102 | 000AE4145B85 | Windows | RARAF | RARAFserver | dynamic23.astronevis.columbia.edu | ||
| 129.236.254.103 | dynamic24.astronevis.columbia.edu | ||||||
| 129.236.254.104 | dynamic25.astronevis.columbia.edu | ||||||
| 129.236.254.105 | dynamic26.astronevis.columbia.edu | ||||||
| 129.236.254.106 | 0013722376D9 | ISS-423 | |||||
| 129.236.254.106 | 0010C6C0FF0A | binc | |||||
| 129.236.254.108 | 00B0D0C47935 | zion401 | |||||
| 129.236.254.109 | 0013CE591103 | binc | |||||
| 129.236.254.111 | 120859000970 | RARAF | Giuseppe Schettino | schettino | |||
| 129.236.254.112 | 0060977785C9 | RARAF | Brian Ponnaiya | brian | |||
| 129.236.254.113 | 0019E3000CC7 | ||||||
| 129.236.254.117 | 00E081347F80 | ||||||
| 3 | 129.236.254.125 | 000E7FE36C98 | HP Color LJ 3700dtn | printer | neviscolor |
Power
There have historically been power failure problems at Nevis. There is a backup generator, but not all systems are connected to the generator.
Remote Access to Nevis Office Computers (Windows)
Since the following allows accessing your computer remotely, make absolutely sure that all user accounts your computer has are secured with a good password.
On your office computer (has to run Windows XP, possibly works also with Windows Vista), open the System Properties dialog (start->right-click on "My Computer"->"Properties"). Go to the "Remote" tab and mark the checkbox "allow users to connect remotely to this computer". Click the "Select remote users" button. In the dialog that pops up, click "Add" to open the "select" users dialog. Click "Advanced" to expand the checkbox, and then click "Find Now". Mark all users that you want to give remote access to (use ctrl+click to select more than one user). Then hit ok on all the windows that were opened in the process of getting here.
Go to start->run and type "cmd" to open a console. Enter the command
ipconfig
and write down your IP address.
On another Windows XP computer, you can now go to start->"all programs"->accessories->communications->remote desktop connection. Enter your computer's IP address there. You will be connected with your office computer, and have to enter your office computer's login name and password in order to log in.
If the computer you are connecting from runs Windows 2000 or earlier, you will have to install a Windows Remote Desktop Client to be able to access your office computer.
You'll notice that you can't reboot a remote computer from the normal start menu. If you need to reboot the remote computer for any reason, hit CTRL+ALT+END to open the task manager on the remote computer (note that CTRL+ALT+DELETE will open the task manager on the client computer). You can select to reboot the computer from there.
Securing Windows Remote Desktop
It is highly recommended to follow these step-by-step instructions to increase the security of your remote desktop connection system (i.e. to prevent someone to break in). Even after you have followed those steps, you are still vulnerable to so-called man-in-the-middle-attacks. This can be secured using SSH, as explained in the following.
The last paragraph on the page explaining how to increase the security of Windows Remote Desktop motivates why it's a good idea to additionally secure your Windows Remote Desktop connection with SSH. You'll need to configure an SSH Server on your office computer, and you will need an SSH client software on the computer you are connecting from (the client computer). The following helps you set up an SSH server on your host computer, and then you'll tunnel the Windows Remote Desktop connection through the SSH client putty.
On the office computer, install and configure Cygwin with OpenSSH (follow this detailed step-by-step tutorial until the end of the section explaining how to configure the Windows XP firewall). On the client computer, download and run the putty Windows installer. Then follow this tutorial on how to configure putty for the Windows Remote Desktop connection. In that tutorial, the computer names entered in "Destination" and "Gateway/Host Name" are different. If your office computer is one at Nevis, both these computers are actually your office computer, so enter your office IP address instead of the tutorial's fictional computer names.
