May 15

Alert- New malicious software infecting Windows computers

Hello friends- Alert from SAS Computing below.

We are actively monitoring faculty and staff computers on campus, but please contact us with any questions! Restart and update your computers, and please make sure everything is up to date.


Saturday May 13, 2017

To:      School of Arts and Sciences Faculty and Staff

From:  Warren Petrofsky, Senior Director, SAS Computing

SAS Computing and ISC’s Information Security Office are monitoring a massive ransomware attack that appears to have infected many organizations around the world.  The WannaCry ransomware (also called WCrypt or WCry) spreads rapidly on an organization’s network, targeting unpatched Microsoft operating systems. Once infected, files on a Windows computer are encrypted and a ransomware popup window appears demanding the user pay approximately $300 in Bitcoin to unlock (decrypt) the files. The computers that are most vulnerable to this attack are Windows computers that have not been patched recently.

Most SAS computers are patched and managed by SAS computing, and their patches should be up to date as patching status is monitored on an ongoing basis by SAS Computing staff.

For computers you manage yourself or for your home computers, it is very important that you take the following steps to protect your data as soon as possible:

  1. Ensure you have a current backup of your files.  Back up the files stored on your computer to an external hard drive (or even a thumb drive) and disconnect the external hard drive afterwards. 
  2. Patch (ie update) your Windows operating system by running the latest Microsoft updates.  For information on how to do so see the following:

You may also want to reach out to your LSP on Monday and ask about how SAS Computing can automatically patch your SAS computer for you and help ensure you have a means of backing up your data.

If your computer becomes infected:

  1. Immediately disconnect your computer from the network (unplug the network cable and/or disable wifi)
  2. Contact your Local Support Provider (LSP):

Information about this latest attack can be found here:

For more information about ransomware in general, please see:

Category: Uncategorized | Comments Off on Alert- New malicious software infecting Windows computers
May 4

How to Make a Secure Password

Hello folks,

Password pop quiz! I know, it’s hard to remember the ongoing strings of passwords we have to maintain, but remember, they are access into very important personal parts of your life!

In the interest of keeping your passwords up to date and current with the modern requirements and complexities, I have noted the following resources. Please consider changing your old passwords, especially if they have been previously shared.

UPenn’s Pennkey Password general information:

A tool for creating complex passwords, courtesy of, following the idea that phrases and sentences are easier to remember for humans and harder for computers to guess:

Another useful tool for creating complex passwords which are easier to remember and safe:

The Pennkey Password Requirements are listed below, in openly suggested options.

20 or more characters: any U.S. keyboard characters
example: boldaugustpretzelcloud
16-19: capital and lower-case letters
example: BoldAugustPretzel
12-15: capital and lower-case letters and numbers
example: 4Bold7August8
8-11: capital and lower-case letters, numbers, and symbols
example: $4Bold78!

PennKey passwords are also screened for easily guessed combinations, such as:

  • Portions of, or simple variations on, your name or username
  • Single dictionary words (English and non-English): Diversifications, Alternativamente
  • Common 2-3 word combinations: PhiladelphiaEagles
  • Predictable strings: 123123, abcdef, qwerty, johnpaulgeorgeringo, pa$$w0rd, drowssap
  • Compromised passwords on published lists

If you have trouble remembering a longer password, write it down and handle it with the same caution you would a credit card.

And remember! Legit IT Support will never ask you for your password, especially in an email!

-SSC Help Desk, 215-898-6454

Category: Uncategorized | Comments Off on How to Make a Secure Password
April 26

New AirPennNet-Guest effective tomorrow, 4/27!

Good afternoon,

We are writing to inform you that changes are coming to the AirPennNet-Guest wireless network on Thursday, April 27, 2017. The new system will streamline and improve registration, refresh aging infrastructure, and reduce or eliminate the administrative burden for special events.  Clients will not need to do anything to prepare for these changes.

Who Is Affected?

Anyone who uses the AirPennNet-Guest wireless network will be affected. Please keep in mind that the AirPennNet-Guest wireless network is for visitors of Penn and not intended for student, faculty, or staff use.

What Will Change?

·       The AirPennNet-Guest wireless network will act as one large wireless hotspot for campus
·       Guests will be required to register a properly formatted e-mail address, therefore eliminating the dependency on having a PennKey
·       All current forms of AirPennNet-Guest authentication (e.g., conference codes, Penn affiliate sponsorships, sponsored MAC, etc.) will no longer be required
·       Only basic Internet connectivity will be provided, including web browsing and secure protocols, such as standard VPN and RDP
·       Bandwidth usage limits are in effect providing 3Mbps up/down per device
·       Registration of devices on the AirPennNet-Guest wireless network will need to be renewed daily, instead of weekly
·       The AirPennNet-Guest wireless network will block hosts that may serve malicious content
·       In case of abuse, repeat offenders will be blocked from using the AirPennNet-Guest wireless network

How to Connect

  1.  Select the AirPennNet-Guest SSID
  2.  Open a browser
  3.  Review and accept the Acceptable Use Policy terms and conditions
  4.  Enter a valid email address
  5.  Click Submit


If you have any questions, please contact Client Care by emailing or calling (215) 898-1000.

ISC Client Care

University of Pennsylvania

(215) 898-1000

Monday-Friday 8:00AM – 6:00PM

Category: Uncategorized | Comments Off on New AirPennNet-Guest effective tomorrow, 4/27!
March 13

The Ghost of Web-Facstaff

Shell Access to Web-facstaff

Also this

  1. Download SecureCRT
  2. New Session
    1. Host (or hostname or server): web‑
    2. Port: 22
    3. Connect using (or protocol or servertype): SFTP (or SFTP using SSH2)
  3. Once connected, load index.htm with pico
    1. pico index.htm
  4. Enter edited html code
  5. Save and exit: ^O to Write Out, Enter to save the lines
    1. /home-f/leonhart/index.htm
  6. Test website through browser


Category: Uncategorized | Comments Off on The Ghost of Web-Facstaff
March 2


When Onboarding a new hire of any kind at Penn.

  1. Payroll
  2. PennID (ask for Pennkey setup code)
  3. Pennkey
  4. Everything else
    1. Email
    2. Domain Access/Shares
    3. Allocation Computer
    4. VoIP Phone
Category: Uncategorized | Comments Off on Onboarding
February 23

InfoSec’s Malware Reference Sheet


Below is a link to Information Security’s Malware Guidance Page. This includes good practices and tips to identify malware, along with what to do when you suspect potential danger.

Follow the Data!

Incident Flow Chart

Category: Uncategorized | Comments Off on InfoSec’s Malware Reference Sheet
February 15

New Malicious Email with Fake Penn login

Below is a letter from the Senior Director of Computing regarding a new malicious email. Please be on the lookout for this message. Always double check before clicking on a link in an email! Also, always feel free to forward a questionable message to and we will verify its validity.

To:         SAS Faculty and Staff

From:    Warren Petrofsky, Senior Director SAS Computing

Re:         Malicious Fake Email Today

This afternoon you may have received a malicious fake email claiming to be from the “Technology Service.”  It provided a link that looked like a Penn website but really went to a malicious external website, and asked you to login with your Pennkey and Pennkey password.    I have attached an image of what the fake email looked like.   The goal of such email is to collect your username and password and later use them for malicious purposes such as stealing data or changing where your direct deposit goes.

If you clicked on the link in the email please let me or your LSP know immediately.




Category: Uncategorized | Comments Off on New Malicious Email with Fake Penn login