Note: The FAQ is an evolving document. Please help to make it better. If you have any additions, suggestions or corrections, please mail Zube.
Where can I find the latest copy of this FAQ?
What computer resources are available
in the department?
How do I get an account?
How do I (temporarily or permanently) lose my account?
What is my username and password on the network?
How do I change my password?
What is my email address?
How do I read and send email?
What software is available on the network?
I'm a unix novice. How do I get help on unix and application programs?
What unix applications are the friendliest?
What applications are on the PCs?
How do I dial in to CSU?
How do I get a lamar/holly account?
How do I work with my unix files from the PC side?
How do I get to my J: drive from my home PC?
How do I create a webpage?
Where is the Requesting Weber 205/206 Accounts
message you send out every semester?
How much disk space can I use?
How much can I print?
How can I run many large jobs efficiently?
When should I run jobs out of /tmp/mydirectory?
Which unix machine should I do my work on?
How many simultaneous jobs can I run on the linux servers?
Where do I find out about system announcements?
How long can I keep my PC/unix account?
I can lock my unix/pc screen and keep the machine exclusively for myself. Isn't that cool?
Can my {friend, relative} use my account?
Why is using the xhost command such a bad thing? What
should I use instead?
Does the Stat Department block mail from any domains?
I just received an email message warning about an
email virus. Shouldn't I warn everyone I know?
I am receiving email bounces for mail I never sent.
Is my account being used for spamming?
What should I think about before I send
an email attachment to someone or to many people?
When the heck are machines rebooted around here?
What is Black Tuesday and when does it occur?
I have a machine that I want to put on the network. All I need is an IP number and a live port. It will take you only five minutes to set up, right?
The Department is hosting a visitor. Is it possible for him/her to have access to the network?
How do I print from a unix machine?
How do I print from a PC?
How do I print single-sided to a duplex printer?
The printer will not print and the message on the LCD readout
is "Toner Low {1,2,3}," what should I do?
When I try to print a postscript document that someone sent
me, the printer blinks but nothing ever comes out. Why?
I got this lovely document from the CSU Interlibrary Loan (ILL)
program. How the heck do I view it or print it out?
How do I print to the color printer? It doesn't show up on any PC.
When I try to print a pdf file using the Adobe reader on a PC, the printer LCD screen reads
How do I mail the system people?
How should I describe my problem to the system people?
Where can I find Zube?
Why should I email Zube when I have a problem?
Why are you (Zube) such a jerk?
I deleted a file on my J: drive, but it's not in the recycle bin. Where did it go?
I've lost a file. How do I get it back?
lamar/holly isn't working. Can you help?
ssh/slogin/scp/sftp/putty/winscp to the unix machines doesn't work. How can I fix this?
Why are PC logins so slow? What can I do about it?
What's the story with xv and what can I use instead?
What machine should I read my mail on?
I get lots of junk mail. What can I do about it?
When I try to send mail from home through space to
anyone outside of the Stat Department, it fails with "relaying denied."
What's wrong?
Can I use a .forward file to forward mail somewhere else?
How do I use CIS?
How do I create a pdf file?
Why do I sometimes get "disk full" messages when
trying to save a file to a floppy, especially when using Word and Excel?
telnet and ftp? What works, what doesn't and why?
What is webmail? Should I use it? Why doesn't it
work as it should?
How do I set up a vacation message for my email?
Do you have a copy of maple I can install at home?
Can you install WinEdt on my computer?
Can you install an R package for me on one or many computers?
Why shouldn't I use Internet Explorer (IE) as a browser? What should I use?
Where's the CSU Stats thesis format?
Who the heck is Dave Smith?
If you are reading this sentence, consider yourself special. All users are told of this FAQ upon entering the department and some are even presented with paper copies of it, but when the FAQ is mentioned again, you can almost see the wheels turning:
FAQ? Hmm. ef-ay-queue? Fish And Quail? Fuzzy Acrylic Q-tip? Freakin' Awesome Quaalude? FAQ? Hmm.
Not everything you could possibly ask is in here, but there is a lot of information that is both useful and time-saving. As above, if you happen upon something that is not in the FAQ, feel free to mail me (also see the "mail Zube" question below) and ask about it.
Q: Where can I find the latest copy of this FAQ?
A: The Stat Department FAQ is always here. That's http://www.stat.colostate.edu/FAQ/FAQ.html for those too lazy to look at the link. The FAQ is updated whenever things change and I have time to update it (the latter happens much less frequently than the former).
Q: What computer resources
are available in the department?
A: The Statistics Department has a fairly strong network/computer environment, especially for such a small department. The network features Sun Sparcs running Solaris, Dell and Gateway boxes running Windows 2000 and XP, a couple of Linux machines, some laser printers and one color printer (all postscript). Unfortunately, some of these resources are restricted to faculty and staff. Fortunately, many are not. By default, all grad students have access to the following machines: vanguard, cheyenne, cachat, crossbow and all PCs located in public or grad areas. In all but the busiest times, you can usually find a free seat to check mail or crunch some numbers.
As far as PCs go, room 005 (in the basement of the stat building) contains 8 Gateway PCs. This room is a cozy, almost-no-classes-scheduled extention of the Weber 205/206 lab. There are also three PCs in room 007 and a few on the third floor and all of those are exclusively for grad use.
Logins are, of course, required on the PCs. See Zube for a username and password. There are several things to note about the PC setup:
There is also the MATHSTAT lab in Weber 205/206, which contains 80 PCs and is used for both labs and classes. There are many open hours as well. See the Weber Lab FAQ for more information.
A: If you are a grad student, you will probably receive your username and password from whoever teaches the Computer Introduction for Incoming Students. If you aren't a grad student, keep reading.
When you first arrive in the department, someone will escort (or point) you to Zube, the lone systems person. He will ask you a few questions, create your account, and point you in the direction of this document. He is the person to see if you have technical questions or problems with the computers or the network. Please be nice to him as he may seem quite frazzled if the system isn't performing as expected.
Q: How do I (temporarily or permanently) lose my account?
A: By not thinking or perhaps by ignoring certain warnings listed in this FAQ. If the rules seem overly annoying or harsh, they are at least consistent. The metric is very simple. If something jeopardizes the security of the network, in whole or in part, then that is bad (tm) and is prohibited. Examples:
... you get the idea, I hope. However, some of these rules are not etched in stone. For example, if you have a project related to your research/teaching/whatever that requires some kind of server, send me some mail and we'll talk about it. I try to be fair in any case, but the security of the network always comes first. Please remember this before asking me if you can run a Doom server on your laptop.
Finally, the last warning. This warning is repeated in the other section about if your friend or relative can use your account. It appears that people either do not read the FAQ (big surprise) or simply don't take me seriously. No mercy from now on. You let someone else use your account for any reason or any purpose, it will be disabled and you'll have to have a chat with the chair to get it back. It appears that being a nice guy has no benefits while being a bastard at least keeps the system secure.
Q: What is my username and password on the network?
A: The current convention is that your last name (up to 8 characters) is your username (all in lowercase). If you happen to have a common name, your username will be your last name followed by the first letter of your first name. For example, if your last name is tweedie, then tweedie is your username. If your name is terri smith, however, your username will probably be smitht. If your name is exactly the same as someone else on the network, you'll have to fight that user to the death to see who gets the name (just kidding; first blood is usually enough to decide).
Some older accounts do not follow this convention, but have been kept for simplicity (for the users anyway).
Your password will be created when your account is created. We'll randomly pick a password for your first login; after you log in, you can change it to something a bit more friendly (but still unguessable).
Q: How do I change my password?
A: On the unix side, use the /usr/local/bin/npasswd program on vanguard. It won't work on any other machine and it will force you to choose a password (in Jan 2008 anyway) of at least 11 characters.
On the PC side, you change it by pressing CTRL-ALT-DELETE and then clicking on Change Password. The password must be at least 11 characters here as well and you can't change it for 24 hours after your account is initially created.
Please note that the unix and PC passwords are separate. Changing one does not change the other.
Before you change your password, please read /stat/HELP/choosing.passwords on any unix machine. It suggests some techniques for choosing a good password.
A: username@stat.colostate.edu is your email address.
Q: How do I read and send email?
A: This is a tough question to answer, simple as it may seem. Please read this entry thoroughly.
You have an email address, username@stat.colostate.edu. This is your stat email. It is not related to your EID/colostate email or any other email that you may have. There are several ways to get at this email.
The most secure way is to use an ssh client (such as putty), log into a unix machine (such as vanguard) and use a command line unix email client (such as elm, pine or mutt). When confronted with this idea, most people either run away screaming, dismiss the idea as stupid or believe that it's too much work. I will say this one bit and let it go: the skills you learn in trying to use mail in this way will make you a better computer user overall. But there are, of course, other options.
The next choice is the CSU Webmail (webmail.colostate.edu; choose vanguard.stat.colostate.edu), but you will quickly discover a limitation you will not like: you'll find that you can read your mail, but you can't send mail. As this is acceptable to almost no one, keep reading.
Next, you may discover that if you use Webmail and use your EID/lamar/holly/simla account, you can both read and send mail. You then may think, "Wouldn't it be nice if Zube would forward all my stat mail over to my other CSU account?" Yes, I can certainly do that, but there are two warnings: 1) I can forward only future mail; any mail that is already there, you can at least read with webmail (see the previous entry) and 2) since EID/lamar/holly/simla are not under my control, if you have any problems with email, you'll have to contact ACNS, not me. If you mail me and tell me the address of your colostate.edu account, I'll forward all future email out.
Alternatively, if you have an external account from gmail, yahoo, hotmail etc., I can forward all future mail out to that address.
Finally, for those of you who like pop3s or imaps, the pop and imap server is vanguard.stat.colostate.edu. If you are using a stat machine, the outgoing SMTP server is space.stat.colostate.edu. If you are using the CSU VPN, the outgoing SMTP server should be set to smtp.colostate.edu. If you are anywhere else, you'll have to discover what your local SMTP server is and send mail out through that machine.
As of March 17, 2008, insecure pop and insecure imap will not work from off-campus. If, in your mailer's settings, you are using port 110 or 143, your mail program will be sad. You must use SSL (and watch the port magically change to 995 or 993), accept a certificate the next time you connect and live happily ever after.
Q: What software is available on the network?
A: There are bunches. A semi-complete list can be found in /stat/HELP/software.list and /stat/HELP/packages.on.system on the unix side. For the PC machines, see /stat/HELP/pc.software.list, which is wildly out of date.
Q: I'm a unix novice. How do I get help on unix and application programs?
A: While the system people are friendly, they unfortunately don't have time to answer questions like "How do I use unix?" If you are unfamiliar to unix, we suggest that you buy an introductory unix book. Most any introduction will get you through the basic stuff in a few chapters. (The Nutshell books by O'Reilly & Associates are good choices.)
The Stat department possesses a few manuals covering some application programs such as Sas, Splus, LaTeX, and TeX, but they can sometimes be hard to find, especially when many people are working on projects. Buying your own copies is the best defense against being manual-less. [The CSU bookstore has a fairly good selection of computer books, as does Barnes & Nobles on south College Ave. http://www.amazon.com in your favorite browser is yet another option.]
For specific information on a particular command, use the unix man pages. "man ls" (no quotes) will provide you with more information than you ever wanted to know about the ls command. Also "man -k term" (no quotes) will find commands that have some reference to "term." For example, if you wanted to list your files, but you didn't know that the unix command for that was ls, you might try "man -k list" (no quotes). Be warned that man pages are dense sources of information; learning to extract the information that you want is an acquired skill.
Finally, if you are really stuck, mail Zube. He doesn't mind helping if you have tried to solve the problem yourself first.
Q: What unix applications are the friendliest?
A: For many people, the idea of using unix is a very scary proposition. To help, we've added several "friendly" applications [as opposed to some unfriendly ones]:
mailers: mutt, elm, pine [mailx, mail] editors: pico [vi, emacs]
elm and pine are used by virtually everyone in the department, but everyone should be using mutt :) . pico is much less used, but it will get you going much quicker if you aren't used to vi or emacs. We suggest that you learn either vi or emacs eventually, because they are available on virtually any unix system you ever encounter, while pico is not.
If you are brave enough to learn vi, there is a tutorial online called vitutor. Megan Stewart has written a vi help file which can find it in /stat/HELP/vi.help. There is also a summary of vi commands in /stat/HELP. Print it out by typing "lpr -Php4 /stat/HELP/vicheat.ps"
If you are brave enough to learn emacs, there is a tutorial built-in. Once in emacs, Ctrl-h t will start the tutorial.
Q: What applications are on the PCs?
A: The public PCs (all Pentiums) run Windows 2000/XP. Some applications you can find on the machines are SAS, mozilla, firefox, Microsoft Office (Word, Excel, Powerpoint), gsview, Maple and many others. As with unix instruction, we can't help you with using application programs, but we can help with system problems.
A: The CSU terminal server number is 212-2222. It supports normal (dumb, vt100) terminal dial-in, as well as PPP on its 391 V.90 modems. You will need a lamar/holly account to get in, because the terminal server prompts for user identification. These lines have a 2 hour time limit, although it is not enforced if it is not at capacity.
Of course, there is a catch: you now have to pay to use it. The cost is $22 a semester for students, $60 a year for faculty and staff. In addition, you must assert, via an accept button, that you will use the modem pool substantially for University business only. To sign up go to the sign up page.
One other note: if you wish to use the new modem pool, you cannot block Caller ID. Prefix the above numbers with *82 when dialing in if you have Caller ID blocked on your telephone service.
Q: How do I get a lamar/holly account?
A: The path to obtaining a lamar/holly account is to sign up for an eID (no, I didn't choose the name). You'll have to get an eID to sign up for classes anyway, so head on over to http://eid.colostate.edu and click on the first link to start.
Q: How do I work with my unix files from the PC side?
A: This entry is longer than it should be. Skip to the end if you aren't interested in all the details.
A long time ago, samba 2.x was installed on the unix side. It allowed one to easily map unix files as a PC drive. It worked really well, I didn't have to be involved in any way, it was fast enough, it was easy and everyone was happy. vanguard, however, was starting to show its age.
We then bought a couple of big honkin' dual-processor linux boxes. The idea was that samba would be moved to one of the boxes. And we would have gotten away with it too if it wasn't for those meddling kids.
Alas, the powerful hind legs of fate kicked us in the stomach. samba 2.x was abandoned for samba 3.x. samba 3.x changed a zillion things, one of which affected our configuration dramatically. The stuff that used to run very fast on vanguard ran like molasses in winter on the new linux box (but this had more to do with the samba change than the solaris to linux change).
We quickly moved back to a very simple configuration on a Solaris machine (vanguard), which is where we are now.
Enough history, how about answering the question?
The single best way to work with your unix files is to use WinSCP. It is on virtually every machine, it is small, it works from anywhere, it's small enough to fit on a floppy and the knowledge you gain from working with it is useful. Don Estep created a computer introduction for the Math grad students and in it he covered WinSCP. Here are the slides from that talk.
Most people do not take the road less travelled, so if you would like your unix files visible as a drive, you'll have to mail me and set up a time when we can meet. It takes less than 2 minutes to do and there are some limitations (e.g. if you change your PC password, you'll have to come by again before the mapping will work).
Yes, there are *much* better ways to handle this and I would love to be able to go back to the way it was. Alas, this is how it is now and this is how it is likely to stay until I can carve out some time to work on it. While it is a pain for both of us, it does work which is sometimes the best one can hope for.
Q: How do I get to my J: drive from my home PC?
A: There are two answers to this.
If you are one of the unfortunate souls that lives in CSU housing, the answer is that you can't. A long time ago, "the dorms" were considered part of the CSU network and the answer was the same as the answer below. Then ACNS turned "the dorms" essentially into their own network. Result: good for overall security and bad for you. The best you can do now is something like this:
It's a pain, but it's better than nothing. Mail me if you want help with the smbclient command.
On the other hand, if you do not live in "the dorms," you can get directly to J:. First, however, you'll have to download the latest client from the CSU VPN client page. You must install this program first, then reboot, then use the program to connect to CSU. Before you mail me, make sure you receive the message "Welcome to the CSU VPN" from the client. If you get that far, you will have properly connected to CSU and the rest is easy. Mail me and I'll send you instructions on how to map your J: drive.
Please do not ask me for instructions on how to map your drive before you know you can connect to the CSU VPN; without a proper VPN connection, the mapping will not work.
Finally, the CSU VPN needs cable or DSL speeds. If you have only dial-up, don't try to use the CSU VPN. You'll end up frustrated and annoyed and you'll probably end up saying the wrong thing at the wrong time to the wrong person and your life will never be the same. Oh sure, you'll wish you could take that awful comment back, but once the bullets are out of the gun, you can't suck 'em back in. You'll finally realize that life is nasty, short and brutish, devoid of love and caring, an infinite black void bent on consuming all that is good and that you are alone, oh so alone because you tried to use the CSU VPN over dial-up. Don't say I didn't warn you.
A: This entry considers the logistics of setting up a web page. It is not a step-by-step tutorial on how to create one.
On the unix side, you have a home directory. If you create a directory called public_html in your home directory and set the permissions correctly, then people will be able to get to anything under public_html by going to:
http://www.stat.colostate.edu/~username
If you wish to know how to deal with your public_html directory without actually using unix, you might consult Don Estep's slides from his computer intro for the Math grad students. In those slides there are some examples for using a directory on your J: drive to create a web page and then using WinSCP to "publish" it to your public_html on the unix side.
Also, if you believe you have created your page correctly, but you still receive errors of the "access forbidden" type, then it's probably a permissions problem. Mail Zube and he'll take a look.
Q: Where is the Requesting Weber 205/206 Accounts message you send out every semester?
A: The message for the fall and spring terms is at http://www.cs.colostate.edu/~dzubera/mathstat.accounts.txt.
The message for the 8-week summer term is at http://www.cs.colostate.edu/~dzubera/mathstat.summer.accounts.txt.
Q: How much disk space can I use?
A: At the moment, there are no quotas. This *does not mean*, however, that you can use hundreds of megabytes of disk space. Remember that you are sharing the same disk with many other grad students. Please be courteous.
To find out how much space you are using, type "du -s" (no quotes) in your home directory. The number that is returned is in kilobytes. For example:
vanguard> du -s 8437
means that I am using 8+ megabytes of space. To see how much space is free on the partition of the disk where your home directory is, type "df ." (no quotes) in your home directory.
vanguard> df . Filesystem 1024-blocks Used Available Capacity Mounted on space:/home/grad/a 959294 799338 64027 93% /home/grad/a
This means that there are 64+ megabytes still available, but that the disk is becoming full (93%).
At times, you may receive a message from Zube asking you to clean up your directory by deleting unnecessary files. If you receive such a message, please comply. If the disk becomes very full, we'll have to decide on the fly which files are non-essential.
One way to help is to gzip (compress) all the files that you need, but wont be using in the near future. For example, if you have a large file called bigfile, you would run:
gzip -9 bigfile
bigfile would then become bigfile.gz. This file can still be accessed with programs such as zcat, zmore, etc. If you need the entire file again, gunzip the file with:
gunzip bigfile.gz
bigfile is then back as it was.
A: As of now, we don't put any restrictions on how much is printed. However, we have had some abuse in the past, so we do watch the amount of printed output closely. We ask that you restrict printouts to those things directly related to your statistical work (mostly anyway) and that you try to conserve paper (and toner) whenever possible. We will disable your account if you print out large amounts of non-statistical-related material. In short, if you are using the printers as copy machines, you are abusing the resources.
Q: How can I run many large jobs efficiently?
A: [see /stat/HELP/running.large.jobs for the full text]
There are two rules of thumb. First, rather than heavily using one machine, lightly use many. Not only will the allocation of resources be distributed over several machines, but your overall run times will decrease. Second, if for some reason you can't use some of the machines, use a small script to fire off the next program as soon as the first one is done. For example, suppose that I have a program called "hog" that needs to run 10 times for parameters 1-10. The following script would run each one in turn:
#!/usr/local/bin/tcsh foreach i (1 2 3 4 5 6 7 8 9 10) nice hog $i > outputfile mv outputfile outputfile.$i end
and then at the shell prompt ...
chmod +x filename_of_script.
Then run the script. [I'm willing to assist anyone who needs help in setting up scripts. -- Zube]
Here's what the script does: each time through the foreach loop, i is assigned the next value from inside the () list. The first time through it runs "hog 1", the second time through it runs "hog 2" etc. Also, at the end of every loop, it takes the outputfile and moves it to outputfile.1 for the first run, outputfile.2 for the second run, etc. [If this wasn't done, outputfile would be overwritten for each run of hog.]
Q: When should I run jobs out
of /tmp/mydirectory?
A: The department network is configured such that all unix user files reside on one machine. When you log into vanguard, for example, the files that you see in your home directory are actually stored on a remote machine (space). Normally space is fast enough to handle network traffic, so much so that you probably don't notice any delays. However, if you are running a job that is performing frequent reads and writes of file(s), you are taxing both the network and space. The result is a slower network and longer running times for your program.
A better approach for these types of programs is to use the local temporary space on a machine. First, make a directory in /tmp (say /tmp/myname). Copy (cp) the relevant bits of your program and data to that directory, modifying any references to files in your home directory to /tmp/myname. Now, when you run the program from /tmp/myname, any reads and writes to files in that directory are local to the machine and do not generate any network traffic. Hence, your program will run faster and not tax space or the network.
There are two caveats to this approach. First, /tmp as its name implies is for temporary space. Once you are done with the run, copy back to your home directory the bits you want to save (data files, program files, etc), and delete the /tmp/myname directory and everything in it. /tmp is never backed up and is cleared regularly, so please save what you need. Second, /tmp can fill up. Always check the current state of the /tmp file system with "df /tmp" before starting. If /tmp is very full, please don't use this technique unless you first mail the system people and ask them to free up some space in /tmp. In addition, note that the Solaris machines have a true /tmp (temp file system) in which /tmp gets completely cleaned upon reboot.
Q: Which unix machine should I do my work on?
A: You probably want to use cachat and cheyenne. Both are dual-processor Linux boxes and their whole purpose in life is to run large jobs.
When you log into a machine, try the "ruptime -l" command. This command will show you the load average of all the unix machines for the last 1, 5 and 15 minutes respectfully. Moving over to a less busy machine can have a large effect on response time and on the running time of your programs.
Q: How many simultaneous jobs can I run on the linux servers?
A: First, some background information.
A machine with one processor can run one job flat out. It can run two jobs by switching back and forth between the jobs, etc. This is a gross simplification, but it will do. Another gross simplification is that if you have n processors, it can run n jobs flat out, 2n jobs by switching back and forth between the jobs, etc. But the switch isn't free; it costs time and resources to save one job and load the other one and then to save the other one and load the first one. This is especially true for memory-intensive programs.
Also note that the machines are shared resources.
The two lessons to take away from this are:
Both cheyenne and cachat are dual-processor machines. cachat is faster (3.2ghz v. 2.4ghz) and has more memory (4GB v. 2GB). cachat should be your first choice, cheyenne your second. There is also an older server, crossbow, but that is the web server, ftp server and Zube's console. Unless you have some special needs, please use cheyenne and cachat and stay away from crossbow.
Keeping all this in mind, here are the rules:
How do you tell what's running? First, try the uptime command. The three numbers on the right will give you an idea of how many jobs are running. A load average of 0.00 means nothing is running, 1.xx means one job is running, etc. Also, using the top command is recommended, but please don't run top for extended periods of time as it uses a lot of CPU time. Use it to find out what's going on and then exit the program.
If you fail to follow the rules, any extra jobs running will be killed and you'll get nasty email. If you continue to fail to follow the rules, your account will be disabled.
Derek Sonderegger was kind enough to write a short tutorial on how to run sims using R code called Running Simulations on Linux Servers. If you find that link useful, you might also thank him for writing it.
Q: Where do I find out about system announcements?
A: There used to be many avenues, from /etc/motd being displayed when you logged into a unix box to the Usenet group csu.stat.systems. All of these are now defunct. All important system announcements are sent though email.
Q: How long can I keep my PC/unix account?
A: You may continue to use your account as long as you are affiliated in some respect with the Stat department. Once your affiliation is dissolved, your account will be removed. We usually give two weeks notice before turning off accounts.
Faculty may request that an account remain active for professional reasons, such as an ongoing collaboration. In this case, the account will remain open for another semester, but disk usage *must* be pared down to essential files only. "I want to use it for mail," alas, does not qualify.
If you wish to preserve your files, we will happily copy them to SDLT or cdrom if you provide the media (sometimes we have spare tapes, so ask Zube before you buy one). It's usually easier, however, to tar/tar.gz/zip up your home directory so that you can get it via sftp or http.
If you would like all *future* incoming mail forwarded to another address, please let us know. This forwarding can remain until someone with your account name joins the department. Any mail that is currently in your inbox will *not* be forwarded. We will copy your inbox to your home directory, however, so you will have it if you choose to preserve your files.
Finally, on a personal note, please accept the end of your account graciously. There is nothing so disheartening and frustrating as to provide what I believe is a fair compromise between offering no post-STAT support (i.e. your account is gone and it's your tough luck if you didn't save things or plan to move them in time) and offering never-ending support (which is a poor security choice) only to have people say things like:
"I'm going to be visiting Colorado on a Wednesday in the Summer of 2015 and while I'm not planning on it, there is a chance that I might stop by and want to do research, so DON'T DELETE MY ACCOUNT!!!!"
or:
"I'm moving to another department, but I want to keep my account here. No, I'm not going to be in the department anymore, but why can't I keep my account? It's such a pain to move everything."
One thing is certain: if this continues, it's a sure bet that the policy will become more, rather than less, restrictive. Please keep this in mind.
Q: I can lock my unix/pc screen and keep the machine exclusively for myself. Isn't that cool?
A: No, it's discourteous to others, it's annoying to me, it makes me seriously wonder whether I should just remove the lock features altogther and it makes puppies cry.
The purpose of keeping the lock bits around was to insure that users could lock the machine temporarily (i.e., for as long as it takes to run to the bathroom, make a phone call, have a smoke, etc). It was not meant as a way to run simulations on open-access machines or to allow exclusive access to one person. If I (Zube) find your terminal locked for a long period, I will unlock it, log you out and probably send you nasty email. If I continue to find locked terminals, the lock features will go away.
Exceptions: If you have a machine on your own desk, you can do what you like. Also, if it's a particular slow time (i.e. not during the semester), a locked machine here or there isn't a big deal.
Q: Can my {friend, relative} use my account?
A: No. We will disable your account if we catch someone else using it. Further violations will result in the permanent removal of the account. There are no exceptions for wives, husbands, girlfriends, boyfriends, close relatives, people who were "just checking mail" "just surfing the web" or "just helping out."
Finally, the last warning. This warning is repeated in the other section about temporarily or permanently losing your account. It appears that people either do not read the FAQ (big surprise) or simply don't take me seriously. No mercy from now on. You let someone else use your account for any reason or any purpose, it will be disabled and you'll have to have a chat with the chair to get it back. It appears that being a nice guy Admin has no benefits while being a bastard Admin at least keeps the system secure.
Q: Why is using the xhost
command such a bad thing? What should I use instead?
A: In X, when you use "xhost +machine," you are using host-based authentication. What this means is that you are allowing anyone on "machine" (including yourself, which is probably what you only want) access to your X session. A mischievous person could simply annoy you by running programs that display to your screen, while a malicious person could record every keystroke that you type. In short, xhost and host-based authentication are not secure.
Instead, everyone should be using user-based authentication. In most cases, you don't have to worry about this; it is done for you. When you sit down at an xterminal and log in, a magic cookie is inserted in your .Xauthority file. That magic cookie insures that only you can access your X server. That is, unless you use xhost. If you use xhost, the host-based authentication supersedes the user-based authentication and you are right back to an insecure X session. So the only rule is:
In almost all cases, you never need xhost.
Unfortunately there are other cases, such as running X apps from lamar. If you try to display an X application such as maple from lamar, you will get treated to "Connection refused. Client not authorized to connect to server." The usual fix is to do "xhost +lamar" from an open stat department window. Yes, that will get rid of the message and allow you to display the window on the local display, but it also allows anyone on lamar to do the same. Instead of xhost +lamar, ftp (binary mode) your .Xauthority file from the stat department computers to lamar. Make sure that the resulting file is mode 600 (only you can read and write it). Now X apps will display to the local X terminal without any security problems. One caveat: you will have to ftp your .Xauthority over to lamar every time you log into an X terminal in the stat department as the magic cookie changes every time you log in. You can automate this if you are clever. Contact Zube for details.
xhost will go away some time in the future. Please don't depend on it, as it puts both your files and the stat department security at risk.
Q: Does the Stat Department block mail from any domains?
A: Yes. We block mail in several ways.
First, we have several groups of IP addresses (consisting of literally millions of IPs) that we simply drop connections from. These are known spam hosts on ISP networks that either can't or won't clean up their act. This list is updated daily.
Next, we check each connection against three sets of databases of well-known spammers. We also check to see if the address is a dynamic IP. If there is a match, we reject that connection too.
Finally, we scan incoming mail for virus content and discard any mail that contains it.
We do not filter email based on content, except to look for viruses.
Filtering email is an inexact science. It is possible (actually probable) that we are blocking some sets of addresses too aggressively. If someone is having difficulty getting mail through, please have them mail me (Zube@cs.colostate.edu) and provide details such as where they are trying to email from (what ISP they are using, the outgoing SMTP server, etc.), who they are emailing to and any error messages they are receiving. A rejected email with full headers would be ideal. With such details, I can determine where the problem lies and perhaps adjust our blocking rules.
Q: I just received an email message warning about an email virus. Shouldn't I warn everyone I know?
A: In a word, NO. Every single one of the Do not open an email message with the title blah is a hoax. While it is possible (in certain cases) for an email virus to exist, we have yet to see one of this type. The only "virus" in this case is the email message itself; it gets passed from user to user and it infects email systems and the general sanity of system people around the world.
If you get an email as described above, mail the person back and tell him/her that it is a hoax. Do not forward it to your friends, your fellow grad students or any public mailing list. If you really are concerned that perhaps a new strain of email virus has developed (while possible, it is amazingly unlikely), mail Zube.
What has been seen (quite frequently) in the recent past are Microsoft Office macro viruses embedded in Word or Excel documents. These documents are sent as attachments through email. If one opens the document (e.g., by double-clicking it) and one does not have a up-to-date virus program running, there is a good chance of being infected. Please make sure that you always have an up-to-date virus program running on your PC and that you do not open documents haphazardly. One way to prevent such viruses from spreading is not to open the attachment, but to save it to disk and run the virus program on it before opening it. If you wish to be safe, never blindly open files if you do not know where (or who) they are from.
Finally, Unix mail users do not have to worry about this tripe. If you read your mail using mail, pine, elm, mailtool, mutt, etc., you can continue to yawn each time a new macro virus strain appears.
Q: I am receiving email bounces
for mail I never sent. Is my account being used for spamming?
A: Probably not. Anyone can forge your email address, just like anyone can put your name and return address in the top left corner of a USPS envelope. The forgeries usually come from two sources: spammers and viruses/worms/malware. Many mail gateways bounce mail based on the From: line, so receiving bounces for mail you never sent is not uncommon. Send Zube a copy of the bounce if you are worried and he'll take a look at it.
You should, of course, take reasonable precautions to insure that your account and/or computer do not become a source of spam:
Q: What should I think about before I send an email attachment to someone or to many people?
A: One of the worst jobs in the world is enforcing courtesy. Usually, it's much easier for the enforcer to throw out courtesy in full and instead adopt hard-and-fast rules and apply them without mercy. However, this tends to lower the number of BTUs of happiness in the world, puts everyone on edge and punishes mistakes or ignorance as harshly as open disregard. In short, removing courtesy makes the world worse.
With this in mind, here is one email courtesy everyone should follow, for everyone's benefit.
When sending attachments, think about the other end.
For an attachment to a single user, is the other person expecting it? Many people delete unknown and/or unexpected attachments to avoid potential virus problems. Is the other person going to be reading his/her email via a dial-up line? Does that person really want to wait 2 hours to see a picture of your dog?
For attachments to multiple users or any kind of mailing list, all this goes double or treble. For *private* email, one can argue that sending a 200K attachment of something important to 3 people is acceptable. However, sending a 200K attachment to, for example, the grads list, isn't acceptable because it's really
200K * number of grads = several megabytes of storage per email message sent
If this happens once in a blue moon, I tend to overlook it and on rare occasions, it can be acceptable (especially to the faculty list from the Dean's office). However, in almost all cases, the most courteous way to do this is to put the file(s) on your web site and then send an email with the link. This shows courtesy, not only to the recipients, but also to me (your grumpy sys admin). I know its easier to fire up your mail program and attach than to do a bit more work, but when courtesy is ignored, eventually everyone suffers. If I have no choice but to block attachments bigger than 50K, your friend won't receive your dog picture and you may not receive that important paper from your advisor when you need it.
Finally, under no circumstances send large email attachments to mailing lists in *other* departments without asking them first. I will get very upset if another department's sys admin contacts me to say that someone sent a 2 meg file to all of the chemistry faculty, for example. I yell at people from other departments when they do this and and I'll yell at you too if you do it.
Q: When the heck are machines rebooted around here?
A: All Solaris machines (vanguard, space, etc.) are patched and rebooted about every month, although security issues may shorten this timeframe. Usually the reboots occur somewhere between the 2nd and 5th of the month, but these dates can vary greatly depending on Sun's release schedule and the number of patches to be installed. The reboots are announced via email before 2pm and occur between 4:45pm and 4:55pm.
The Linux boxes are patched as patches are made available and are rebooted whenever certain patches are installed (kernel, libc). Warnings are sent if large jobs are running.
The PC server is usually rebooted monthly, after the latest patches from Microsoft are installed. Email is sent to everyone in advance of a reboot.
Q: What is Black Tuesday and when does it occur?
A: It's the day when Microsoft releases patches. It occurs on the second Tuesday of every month. Microsoft being Microsoft, they also release patches at other times ("off-cycle"), based on, well, nothing I've ever been able to figure out. IE patches are most likely to be released off-cycle.
In practical terms, this means the following:
And just in case you are in the SUS/WUS/AU camp: the reasons I don't set up PCs for automatic patch installation are:
A: No.
The security of the network depends upon all the machines that reside on it. I spend a majority of my life securing and re-securing machines on our network so that you don't have to worry about network integrity and I can sleep at night. Adding personal machines to any network makes that network less secure. This, in turn, cuts into my sleeping and makes me even more grumpy, something I'm *sure* no one wants, especially me.
That said, in the past I have allowed personal machines to be added to the network under a very restricted, non-negotiable set of rules. They are as follows.
In addition, patches *must* be installed promptly after release. For Windows machines, I am happy to do this for you on the second Wednesday of the month (patches come out on the second Tuesday) if the machine is here. For macs, either you or I can run software update when the patches come out. For unix, we should talk about how to keep the machine patched or, again, I can do it when patches come out.
I will not, however, try to track you down and beg to patch your machine. I don't have the time. If the machine isn't here within a short time after patches are released (say a day or two), you are on your own. If your machine gets hacked or virus- or spyware-infested, I turn off the port and the machine goes to the back of the personal machine queue, which may put your computer out of action for a long time. This is discussed in more detail in the link two paragraphs down.
There is a way around me though. If you have a wireless card and you download the CSU VPN software, you can connect to the CSU Wireless network and do what you like (mod CSU rules). You are, of course, on your own and no, you can't print to the stat printers from the CSU VPN.
Another bit of prose you might consider reading is Zube's PC Patches Policy, which The New York Times called "the biggest bunch of rubbish since rubbish was invented by Joe Rubbish in 1624 and furthermore ..." but then they got hacked because they didn't patch, so we'll never know what else they called it.
Q: The Department is hosting a visitor. Is it possible for him/her to have access to the network?
A: Yes. There are several options, all of which are unsatisfying to some degree. Much of this dissatisfaction springs from unrealistic expectations, such as expecting full network access for any machine that happens to accompany the visitor.
The easiest option is to point the visitor to one of the many "client kiosks" CSU maintains on campus. These Sunray terminals require no login and offer web access to the world via the Firefox browser. The closest two terminals are on the second floor of Weber, just across from the Men's bathroom.
The next easiest and most reliable option is to request a guest PC account from me (Zube). I can create this quickly and I promise not to grumble about it. All of the public computers on the third floor, in 005 and in Weber 205/206 would then be available for use. For someone who needs network access to check a web-based email account or to use ssh, this option should suffice.
Of course, most visitors bring their own laptops and prefer to stick with them. In this case, the best (but still not good) option is the University's Guest Wireless Access. The sponsor of the visitor may request from ACNS a guest network ID which will allow such access. Start by visiting the Requesting Guest Network IDs page and click on the "Log in to the guest ID creation site" button. You will be asked for your eID info and then taken to a form. Fill out the form, click on submit and you should receive the info needed for your guest to connect to the csu-visitor wireless network.
This access is brought to you by ACNS (not me), so here is where things start to get sticky. First, there is the CSU Acceptable Use Policy, which all users are subject to. Then there is this:
The school/division requesting guest access is responsible for recording to whom each ID is issued, and for ensuring that guest users agree to the AUP. This may be an informal agreement in the case of a single, well-known visitor, or may involve a signed form for larger groups of users unknown to the University.
which basically means that if your visitor starts hacking, they will come after you and the Department.
Then there are the technical hurdles. ACNS provides instructions for Windows and Mac OSX, but not for any other operating systems, such as Linux. The access itself is limited, meaning that not all ports are open (as ACNS puts it, the Guest Wireless provides "temporary access to the wireless network for simple, limited tasks including web, e-mail, and access to other networks"). Finally, wireless is sometimes tricky to get right and while I will try to help if I have time, you may get better and quicker results by calling the Computing Help Desk at 491-7276.
A third option for those not fettered by conscience is to find a classroom with a wired connection at the podium and connect directly to that. DHCP is usually enabled in the university classrooms, so you may be able to get out that way.
By now, someone is thinking, "Well, gee, can't we just hook the visitor's laptop to our network?" The answer to that is no (see previous FAQ question for details) with exceptions considered for visitors who will be here more than a few days. If you *really* want to give the visitor unfettered wireless network access, get him/her an Associate eID.
Q: How do I print from a unix machine?
A: The Stat Department has the following printers available to everyone.
hp9 is a replacment for hp5, but hp5 will stick around until everyone has been moved over to the new printer.
From all Solaris machines, lpr -Pprintername filename will print to the printer of your choice. For example,
lpr -Php4 myfile.txt
prints myfile.txt to the hp4 printer.
The enscript command is useful for performing advanced printing techniques. For example, the following command will print myfile.txt in landscape mode, with two pages per printer page to the hp4 printer:
enscript -2r -Php4 myfile.txt
Sas output sometimes contains long lines of data that don't fit on a single portrait page. With enscript, you can pick a smaller font so that the lines will fit:
enscript -2r -fCourier7 -Php4 myfile.txt
The enscript command has many other options. See the man page for details.
A:
From windows, choosing the correct windows printer and printing to it from a Windows application should result in the desired effect. The physically closest printer is available on each machine.
Note that all of the department printers are postscript. This means that you can print *only* plain ascii files or postscript files. Sending anything else to the printers will result in no output, an error message (such as "spooled binary file rejected") or reams of junk.
Q: How do I print single-sided to a duplex printer?
A: For hp5, use the hp5ss command:
hp5ss filename
As of now, there are three restrictions on hp5ss. First, the file must be postscript as non-postscript files will be rejected. Second, you can print only one file at a time (i.e. "hp5ss file1 file2" will fail). Finally, the postscript must contain a %%endcomments line (all dvips generated ps files have this line). The final two restrictions will be removed in the future.
There is also the hp5letter command, which works identically to hp5ss but prints on letterhead. Also note that the hp5ss command used to be called hp5.
A: Hit the continue button. This acknowledges that you know that the toner is low, but you want to print anyway. Check your printouts afterwards; if the quality is poor, see the systems people who will replace the toner cart.
A: There can be many reasons, but the most common is that the postscript is formatted for A4 paper. Look at the first few lines of file. If there is a line that reads:
%%DocumentPaperSizes: a4
then it won't print on the department printers. However, if the postscript conforms to certain conventions, you can convert it with the following command:
/usr/local/bin/psresize -PA4 -pletter infile.ps outfile.ps
outfile.ps will now contain the converted postscript. Try to print that instead.
A: Wouldn't it be nice if they mentioned that somewhere on the web page? Alas, your humble, lovable sys admin has tried to get them to post the following, to no avail.
Files received via the ILL e-mail option (once properly decoded) are in TIFF format, specifically CCITT Group 4 TIFF format. Here are some ways to view and print out this information. On Win95/98/NT, the twisty path to follow is: Start -> Programs -> Accessories -> Imaging On Win95, the program is called Wang Imaging and is usually found in c:\windows\wangimg.exe. On Win 98, the program is called Kodak Imaging and is usually found in c:\windows\kodakimg.exe. On Win NT, the program is called Wang Imaging and is usually found in c:\Program Files\Windows NT\Accessories\ImageVue\wangimg.exe. ***** On unix, some programs show only the first page of the TIFF and others (xnview) show all pages but cannot convert to something useful (like postscript). So far, the easiest thing (I've found) to do is to get and install the free libtiff utilities from http://www.libtiff.org. These are already installed on the stat systems. One of the utilities is called tiff2ps, which called in the following way tiff2ps -ap FILENAME.TIF > blah.ps will convert the file into viewable (gs, ghostscript, gv) and printable postscript. Warning: the files that tiff2ps generates are large. In my test, a 1 meg TIFF file became a 40 meg postscript file. ***** For the mac, there are two shareware programs: ImageViewer (http://www.imageviewer.com) and GraphicConverter (http://www.lemkesoft.de) that will display and print TIFF files. The latter one will display and print during the trial period, the former will only allow displaying until the program is registered.
Q: How do I print to the
color printer? It doesn't show up on any PC.
A: This is by design.
Color toner and imaging drums are very expensive and color printers often are used for personal printing. Consequently, access is restricted.
If you have a one-off job, your best bet is to ask one of the office staff or a faculty member to print it for you. On the other hand, if you have a machine on your desk and you will need regular access to the color printer, please clear it with the department chair. Once the approval reaches me, I'll be happy to install the printer on your machine.
A: These errors usually occur when the PC sends code to the printer that the printer cannot deal with. When it occurs, the only way to clear the error is to power-cycle the printer (turn it off and back on) and then remove the print job from the printer queue on the PC. That will keep the PC from constantly trying to resend it. If, when you try to remove the printer job it will not delete, reboot the PC before continuing.
So now you know how to clear the error, but how do you print the silly thing in the first place?
First, try printing using a different printer language. Most PCs have two virtual printers for each real printer. One is named printername (postscript), or sometimes printername (ps) and the other is named printername (pcl). Postscript and pcl are two different printer languages for HP printers. If you printed to the postscript printer and saw the error, try printing to the pcl printer. In most cases, the problem occurs when printing to the postscript printer but does not occur when printing to the pcl printer.
If neither works, then to go File -> Print -> Advanced and click on the "print as image" box. This will be slower than normal, but works 99.9% of the time.
You could also load the pdf into the Foxit PDF viewer (c:\bin\foxit.exe), which is smaller and lighter than the Adobe one, and try to print from that.
If none of these work, email Zube and tell him what PC you are using and where the pdf file came from.
Q: How do I mail the systems people?
A: The official mail alias is trouble (i.e. trouble@space), but since I'm (Zube) the only one around these days, you can just as well mail me directly. I try to respond ASAP, which may be anywhere from 10 seconds to several days, depending on the severity of the problem and how many other problems are pressing. If you don't receive a reply within a day, mail me again.
Q: How should I describe my problem to the system people?
A: In detail. All problem reports should contain the following information:
I can't print. HELP!!!!
I tried to do X, but it doesn't work.
I tried to do X, but I get an error.Here is a much better one:
I am unable to print from seicross to the hp4u printer. I logged in as I normally do, started Word and typed a document. I saved it, and then tried to print it. It never came out. I tried again, and it still didn't come out. Other people on other machines could print to hp4u, as I saw people picking up printouts. I haven't seen this problem before.
Also note that problems can be fixed only if I know about them. If you discover a problem, please report it.
Give yourself a pat on the back and a gold star if you read the following document, titled How To Ask Questions The Smart Way before reporting your first problem. While the above document is more about asking questions about software in forums and newsgroups, the general principles are useful just about anywhere. It also provides some insight into the techie mindset. It is time well-spent and will pay for itself many times over if you frequently interact with technical people.
A: Officially, 004, the stat systems office or perhaps Weber 129, the math systems office. Unofficially, just about anywhere depending on the crisis. If you want to get my attention, email will almost always get the quickest and most complete response. If you are sending mail from a non-CSU account, adding something like "(CSU Stat question)" to the front of the subject will help insure your message doesn't get lost.
Q: Why should I email Zube when I have a problem?
A: In the previous question, I made it clear that email is the preferred method of reaching me. Here are a few reasons why email is the best method of communication, at least in this particular environment.
Now, to be fair, there are some times when email is not appropriate. Here are some examples:
Also, when/if you do mail me, please make sure the subject line has some relevance to the subject at hand. I've found that people like to ask me questions when they reply to some mass mailing I've sent out. For example, I'll get a message subject of "Re: another virus/worm" but it will be a question about how many licks it takes to get to the Tootsie Roll Center of a Tootsie Pop. Please, either change the subject line if you do reply or mail me directly.
Finally, if you aren't going to wait for an answer before plowing on ahead on your own, don't mail me. If the question isn't important enough to wait for my reply, it isn't worth my time to answer it. [See the next entry.]
Q: Why are you (Zube) such a jerk?
A: This is a fair question. I *am* a jerk, sometimes. As many people will attest, I am high-strung, have a short temper, have zero patience during stressful times and horror of horrors, I have even been known to swear out loud (gasp!!).
A large part of the problem is me. I do not play well with others (I sometimes run with scissors too) and I take things personally. I also cover a fair amount of ground between this department, the Math department, the PRIMES lab and the Weber 205/206 lab, so my todo list is strictly non-decreasing. As you might imagine, this puts a huge premium on my time. I'm happiest when people value my time. Sending me email instead of asking me in person, skimming the FAQ before asking me a question, giving me weeks or days to do something rather than hours or minutes and especially, not breaking any of the rules listed in the "How do I lose my account?" sections of this FAQ are all examples of understanding the value of my time. I am much less likely to be a jerk if you show me some courtesy.
In short, I care a lot about the computer systems and I'm busy. This can be a dangerous mixture and is one of the reasons I try to do as much as possible via email. In a more generous world, your system person would always be calm and rational. Sadly for both of us, that world is not this world. I know and understand my shortcomings and so should you. Thank you or else.
Q: I deleted a file on my J:
drive, but it's not in the recycle bin. Where did it go?
A: It's gone. The recycle bin works only for local files (meaning those on the local drive, usually c:). This is by design, so if this design decision bothers you, please complain to Microsoft, not me.
Q: I've lost a file. How do I get it back?
A:
To recover a file, mail Zube and provide the following information:
The more accurate the information you can provide, the quicker your files will be restored. However ...
All restores are delayed a minimum of 24 hours unless the circumstances are exceptional. More often than not, thirty or sixty or ninety minutes after a restore request hits my inbox, a second message will arrive telling me to ignore the first request, as the files have been found or a copy has been secured from someone else.
Your files can usually be recovered with the following exceptions:
Q: lamar/holly isn't working. Can you help?
A: There are two answers to this question:
No. lamar/holly (just lamar from now on) are not under the Statistics department administrative control. If you find a problem with lamar, you can send some mail (giving as much detail as possible) to consult@lamar.colostate.edu.
Yes. Sometimes something will go wrong with the local machine or the network. For example, if the network card stops working, the network and hence the machines themselves will be inaccessible. In this case, you should mail trouble@space to report the problem.
How are you supposed to know the difference? lamar goes down more often than a network card. One sure way to check is to try a different machine. If both machines can't get to lamar, for example, then see "No" above; if one machine can but another cannot, see "Yes" above.
Q: ssh/slogin/scp/sftp/putty/winscp to the unix machines doesn't work. How can I fix this?
A: Mail Zube. He will mail you back a document that will explain the problem and the solution.
Q: Why are PC logins so slow? What can I do about it?
A: It's Symantec Anti-Virus 10.x that causes this. The 7.x version was fast; the 8.x version was slower, but usable. With the 10.x version, it may take minutes between the time you login and the time you can actually get work done. Symantec withdrew support for 8.x in Feb 2007, so, sadly, we are stuck with 10.x.
Here is how you can speed up the process for all future logins:
Unfortunately, the scan is generated for *each user*, so *each user* on each machine must do this. If you kill the scan on machine A, all future logins on machine A will be faster, but all future logins on machine B will still be slow (until you kill the scan on machine B, etc.).
You might thank your Lucky Stars that we are still using SAV 10.x. Its replacement is Symantec Endpoint Protection (SEP) and it's even slower. For the record, in the spring of 2008 I tried to move away from SAV/SEP to Avira Antivir, but this decision was blocked blocked by the central CSU IT support people (ACNS, Academic Computing and Networking Services). In my limited tests, Antivir was much faster than SAV/SEP as well as being less expensive, but it all fell on deaf ears.
Q: What's the story with xv and what can I use instead?
A: xv is an image viewer and file converter for the unix machines. CSU was recently contacted by the author's lawyer and he called our attention to the fact that xv is shareware and must be licensed as such. When you run /usr/local/bin/xv now, it tells you all about how to use it and how to license it.
Let's make this clear. According to xv's license, you may use it for your own personal use, but it *cannot* be used for classwork or research without the purchase of a license. The cost of an xv license is $25/user (see http://www.trilon.com/xv/pricing.html to buy a license).
Due to these licensing terms, we cannot recommend xv for anything save personal use. If you do like xv and want to use it for a class, we do encourage you to purchase the licenses. However, there are some other alternatives if you decide to forgo the use of xv. To wit:
Q: What machine should I read my mail on?
A: You can read your mail from any unix machine that you log into. However, please don't read your mail from two different machines *at the same time* (or use two mail programs on the same machine at the same time); you may corrupt your mail file if you do this.
Q: I get lots of junk mail. What can I do about it?
A: The first thing to note is that as of Aug 6, 2006, the mail server is now blocking literally millions of spam-sending hosts. While it won't stop spam completely, it will help as a first pass.
One relatively painless way to get rid of junk mail is to ignore it. Of course, it's hard to ignore when it makes up the majority of your mail.
One suggestion is to try to filter it. In the past, there were instructions here for filtering mail on the unix system using different programs. While these programs helped, they were hard to keep updated and as spam has gotten worse, they became less and less useful, so the instructions were removed. If you *really* want to filter mail on the unix side, send me mail and we'll talk about it.
There are some things you can do, however, to help and that are fairly easy:
A: There is nothing wrong. It's working as designed.
Our mail server has built-in anti-spam features. These features keep it from being used as a relay for unsolicited email. When you mail from home, you must use your local ISP's mail server to send outgoing mail (mail.frii.com for frii, for example) . If you don't know what it is, you should ask your ISP's technical support.
The mail server features do not stop you from picking up your mail via POP or IMAP from the department. Indeed, if you set your home mailer Reply-To: field to your_username@stat.colostate.edu, most replies will still go to the stat department. But you cannot send mail through the mail server if you aren't on our network.
Q: Can I use a .forward file to forward mail somewhere else?
A: Yes, as long as the machine is outside the the stat domain. Do not forward your mail from one stat machine to another, as it will cause a mail loop and you will lose mail.
A: CIS (Current Index to Statistics) no longer runs on the Stat machines. Go to the main CIS page (http://www.statindex.org/CIS/query) if you wish to use it.
Q: How do I create a pdf file?
A: For your home PC, the easiest way is to download one of the many free pdf packages. I use PDFCreator. On the unix side, your best option is to use ps2pdf, as in:
ps2pdf blah.ps blah.pdf
PDFCreator should be on every department PC that does not have the full Acrobat package (which costs $$$). Print to the PDFCreator printer, provide the program with a file name and you will get a pdf out the back. If there is no PDF printer or if there is a printer named "free pdf printer" on a machine, mail Zube and he will install the PDFCreator program straight away.
A: The entire MS Office suite (Word, Excel, etc.) as well as other programs sometimes do not play nice with removable media (floppy, zip). Do yourself a very big favor and observe the following procedure when working on files from floppies or zip drives:
If you follow this procedure, your chances of getting the dreaded "disk full" message when saving to a floppy are greatly reduced.
Q: telnet and ftp? What works, what doesn't and why?
A: Here's the short version. You can no longer telnet in to the stat machines, but you can (if you are silly and really want to) telnet out. You can ftp out of the stat machines, but unless you are using anonymous ftp, you shouldn't. Both telnet and ftp are horribly insecure and should have been thrown out ages ago.
Instead of telnet, you should use putty on the PCs and slogin/ssh on the unix machines. Every PC in the department and in the Math/Stat Lab has putty installed and the program acts very much like telnet.
In lieu of using ftp, there is a command line program called sftp (on unix) and there is the graphical WinSCP on all PCs.
If you have a PC of your own and want some very long-winded (but not very hard to follow) instructions on how to set up putty and WinSCP on it, mail Zube. He'll mail them back to you straight away.
Q: What is webmail? Should I use it? Why doesn't it work as it should?
A: webmail (webmail.colostate.edu) is a service provided by the University that admits the sending and receiving of mail through a web browser. While it has a nice interface, it currently has two significant problems. First, you can read your stat mail happily, but you cannot send mail. Period. Full Stop. End of Story. This is "by design" and will not change. Second, web-based email programs (sooner or later) seem to fall prey to security holes due to their dependence on java and javascript. I would never use a web-based mail program, perferring greatly to use elm, pine or (my favorite) mutt via ssh on the unix system. I also know I'm greatly in the minority, so as a public service I offer the next paragraph.
If you wish to use webmail and all its features, buy me a pizza and ask me to forward all future math mail to your lamar/holly/simla account. Now go to the webmail page and choose either lamar.colostate.edu or holly.colostate.edu or simla.colostate.edu as the server. You'll now be able to use all of the features of webmail. Keep in mind, however, that if you have a mail problem or a quota problem, you'll have to contact the ACNS people (consult@lamar.colostate.edu) as I have no control over webmail, lamar or holly. I'm kidding about the pizza.
Q: How do I set up a vacation message for my email?
A: The first question to ask is whether this is what you really want. You should answer no if any of the following are true:
If none of these are true, then do the following:
When you have returned and wish to remove the vacation message:
This will disable vacation completely. If you want to re-enable vacation:
Q: Do you have a copy of Maple I can install at home?
A: If you are a faculty, yes. According to the CSU Maple license, faculty may install Maple on home/personal computers. If you are a student, no. The Software Cellar sells the Maple 10 Student Edition for $168.72.
Q: Can you install WinEdt on my computer?
A: Yes and no. Yes, I can install it, but WinEdt is not free. While it does have a 30-day trial period, I've found that most people like to reinstall it every 29 days, thereby avoiding the license fee. If you buy WinEdt and present me with the license key, I'll install it. Otherwise, please use TeXnicCenter which is free. If TeXnicCenter is not on the PC you are using (it may not be on some older PCs), I'm happy to install it.
Q: Can you install an R package for me on one or many computers?
A: Sure, but different requests take different amounts of time. A request for adding a package to a unix machine will be satisfied quickly, usually within the day. A request for one or two particular PCs may take a couple of days. A request to install a package on all machines in the MATHSTAT lab may not happen until a semester break. During the summer of 2006, R was upgraded to 2.3.0 in the MATHSTAT lab (and on many other machines) and many packages were added to the install. Mail Zube to see if your favorite is there.
All is not lost, however. R provides a method for users to load their own packages, even on restricted machines. Jennifer Hoeting has kindly documented this procedure.
Q: Why shouldn't I use Internet Explorer (IE) as a browser? What should I use?
A: I could write pages about this, but I'll try to keep it short.
IE is the third most insecure program ever written (kudos to those that can guess #1 and #2). Because it was, by design, integrated into Windows it is a very easy path for baddies to get in. When MS made this decision, the thing farthest from their mind was security. We will be living with the consequences of that decision for a long time.
Why should you care?
Baddies exploit the security flaws in IE to install spyware/malware on your machine, eventually turning it to mush. The stuff may just track where you surf, or it may install a keystroke logger so that your credit card info is stolen or it may do something else entirely. IE is a prime target because it is installed on every windows machine and because most people choose the path of least resistence.
There are alternatives. firefox, seamonkey and opera are all good choices.
For the record, all programs (well, almost all programs) have bugs and some of those bugs manifest themselves as security issues. All programs need updates. Switching to a different browser won't make you 100% secure, but it will go a long way towards protecting you.
So, in short, stop using IE. The only times you should use it are for Windows and Office Updates.
Q: Where's the CSU Stats thesis format?
A: It's in /stat/HELP/TeX/thesis.style. Read it, and then copy it to your thesis directory and make the necessary changes. You may also want to copy /stat/HELP/TeX/template.tex there too.
There are some compressed TeX help files in /stat/HELP/TeX for your convenience.
Q: Who the heck is Dave Smith?
A: Dave Smith was a grad student who finished his degree some time ago. He was a system person who was very good at answering questions related to TeX, the Web and various statistics packages, as well as being a nice guy. Those who knew him, loved him. Those who didn't know him, loved him from afar. He has moved on to greener pastures, so you'll have to ask Zube (or other grad students) your TeX, Web, or stat questions. He is also the reason why "we" is used in some of the previous answers.