Loading ...
Sorry, an error occurred while loading the content.

RE: [fhctech] Unfiltered Family History Center Computer

Expand Messages
  • Dana Repouille
    Absolutely. I personally installed and configured all computers in the stake. Dana _____ From: fhctech@yahoogroups.com [mailto:fhctech@yahoogroups.com] On
    Message 1 of 8 , May 10, 2010
    • 0 Attachment

      Absolutely. I personally installed and configured all computers in the stake.

       

      Dana

       


      From: fhctech@yahoogroups.com [mailto:fhctech@yahoogroups.com] On Behalf Of James W Anderson
      Sent: Monday, May 10, 2010 7:37 PM
      To: fhctech@yahoogroups.com
      Subject: Re: [fhctech] Unfiltered Family History Center Computer

       




      Is the machine mentioned in the letter also on LANDesk?  Was it a donated machine that might simply have not had the security systems installed on it to provide for filtering?


      --- On Mon, 5/10/10, Dana Repouille <drepouille@...> wrote:


      From: Dana Repouille <drepouille@...>
      Subject: [fhctech] Unfiltered Family History Center Computer
      To: fhctech@yahoogroups.com
      Date: Monday, May 10, 2010, 3:15 PM

       

      This is one of the messages I received concerning this situation.

      Assuming these computers are indeed connecting to a Wifi signal outside the
      chapel, how do I configure the computers to NOT do that?

      These computers should be connecting to the LDSAccess wireless signal that
      is being broadcast from the Cisco Aeronet 1200 wireless access point that is
      located in the metal cabinet across the room, about 20 feet away from these
      computers.

      The wireless adapter is a Linksys USB device, but I am not using the Linksys
      software -- just the driver. I am allowing Windows XP to manage wireless
      connections.

      All five computers in the chapel are connected through the Cisco Pix. The
      clerk's computer and two of the FHC computers are wired, and two of the FHC
      computers are wireless via the LDSAccess SSID on the Aeronet.

      This worries me, as I have clerk's computers in other buildings that use the
      same wireless configuration. I do not want those computers to connect to
      unsecured Wifi signals in the neighborhood.

      Thanks,
      Dana
      Stake technology specialist

      -----Original Message-----
      From: FamilySearch [mailto:support@familysearc h.org]
      Sent: Thursday, April 29, 2010 1:19 PM
      To: IA_Atlantic@ ldsmail.net
      Subject: Unfiltered Family History Center Computer

      Subject: Unfiltered Family History Center Computer

      Dear Center Director,
      At the bottom of this e-mail is the name of a computer that resides in your
      center. This computer was tested for Web filtering and found not to be using
      a Web filter. This is most likely because the computer is not behind the
      Cisco PIX or Cisco ASA device, which provides the Web filtering. This
      filtering is designed to prevent patrons from accessing inappropriate Web
      sites or Internet content.

      Please correct this issue as soon as possible by connecting this computer
      directly to the Cisco device or to a switch or hub that is directly
      connected to your Cisco device.

      If assistance is needed, please contact your stake technology specialist or
      FamilySearch Support.

      Thank you for your prompt attention to this matter.

      Sincerely,

      FamilySearch
      support@familysearc h.org
      Toll-free phone number: 1-866-406-1830
      International toll-free phone numbers may be found online at
      http://contact. familysearch. org/.


    • Gary Templeman
      Are the 4 computers in the FHC in reasonable proximity to each other? (I am assuming yes) Wouldn t their suggest be the simplest option? If you do as they
      Message 2 of 8 , May 10, 2010
      • 0 Attachment
        Are the 4 computers in the FHC in reasonable proximity to each other? (I am
        assuming yes)

        Wouldn't their suggest be the simplest option? If you do as they recommend
        and disconnect the Ethernet cables to the other computers (coming from the
        PIX) uplink one of them to a small hub or switch, then connect the four
        computers to that the problem is solved. Wires can run around the room
        periphery, or use those flat rubber cord guides to send across the room
        without risk of tripping. Unless the boxes are in different rooms there
        should be no need to pull wire.

        In regards to the other buildings, there may not even be any outside signals
        from the neighborhood that can reach those machines so I would evaluate that
        before getting overly concerned. You can wander around with a laptop and
        NetStumbler to see what it sniffs out.

        Gary Templeman


        ----- Original Message -----
        From: "Dana Repouille" <drepouille@...>
        To: <fhctech@yahoogroups.com>
        Sent: Monday, May 10, 2010 2:15 PM
        Subject: [fhctech] Unfiltered Family History Center Computer


        > This is one of the messages I received concerning this situation.
        >
        > Assuming these computers are indeed connecting to a Wifi signal outside
        > the
        > chapel, how do I configure the computers to NOT do that?
        >
        > These computers should be connecting to the LDSAccess wireless signal that
        > is being broadcast from the Cisco Aeronet 1200 wireless access point that
        > is
        > located in the metal cabinet across the room, about 20 feet away from
        > these
        > computers.
        >
        > The wireless adapter is a Linksys USB device, but I am not using the
        > Linksys
        > software -- just the driver. I am allowing Windows XP to manage wireless
        > connections.
        >
        > All five computers in the chapel are connected through the Cisco Pix. The
        > clerk's computer and two of the FHC computers are wired, and two of the
        > FHC
        > computers are wireless via the LDSAccess SSID on the Aeronet.
        >
        > This worries me, as I have clerk's computers in other buildings that use
        > the
        > same wireless configuration. I do not want those computers to connect to
        > unsecured Wifi signals in the neighborhood.
        >
        > Thanks,
        > Dana
        > Stake technology specialist
        >
        > -----Original Message-----
        > From: FamilySearch [mailto:support@...]
        > Sent: Thursday, April 29, 2010 1:19 PM
        > To: IA_Atlantic@...
        > Subject: Unfiltered Family History Center Computer
        >
        > Subject: Unfiltered Family History Center Computer
        >
        > Dear Center Director,
        > At the bottom of this e-mail is the name of a computer that resides in
        > your
        > center. This computer was tested for Web filtering and found not to be
        > using
        > a Web filter. This is most likely because the computer is not behind the
        > Cisco PIX or Cisco ASA device, which provides the Web filtering. This
        > filtering is designed to prevent patrons from accessing inappropriate Web
        > sites or Internet content.
        >
        > Please correct this issue as soon as possible by connecting this computer
        > directly to the Cisco device or to a switch or hub that is directly
        > connected to your Cisco device.
        >
        > If assistance is needed, please contact your stake technology specialist
        > or
        > FamilySearch Support.
        >
        > Thank you for your prompt attention to this matter.
        >
        > Sincerely,
        >
        > FamilySearch
        > support@...
        > Toll-free phone number: 1-866-406-1830
        > International toll-free phone numbers may be found online at
        > http://contact.familysearch.org/.
        >
        >
        >
        >
        >
        > ------------------------------------
        >
        > Home Page: http://fhctech.org/fhc
        > Community email addresses:
        > Post message: fhctech@yahoogroups.com
        > Subscribe: fhctech-subscribe@yahoogroups.com
        > Unsubscribe: fhctech-unsubscribe@yahoogroups.com
        > List owner: Rick@...
        > Shortcut URL to Yahoo! group page:
        > http://groups.yahoo.com/group/fhctechYahoo! Groups Links
        >
        >
        >
      • Dana Repouille
        I had originally configured that FHC with all wired connections, but the long Ethernet cable running around the floorboards to the other side of the room
        Message 3 of 8 , May 10, 2010
        • 0 Attachment
          I had originally configured that FHC with all wired connections, but the
          long Ethernet cable running around the floorboards to the other side of the
          room looked rather bad. So I decided to make the two against the far wall
          wireless. Anything is possible.

          In the stake center, there are a couple unsecured wireless signals from the
          neighborhood that can be detected in the clerks' offices. I don't know why
          those computers sometimes lose their connections to the Cisco Aeronet, which
          is less than 50 feet away. IIRC, I have warned the brethren in those wards
          to not try to connect to weak signals from the neighborhood.

          Thanks,
          Dana

          -----Original Message-----
          From: fhctech@yahoogroups.com [mailto:fhctech@yahoogroups.com] On Behalf Of
          Gary Templeman
          Sent: Monday, May 10, 2010 9:57 PM
          To: fhctech@yahoogroups.com
          Subject: Re: [fhctech] Unfiltered Family History Center Computer

          Are the 4 computers in the FHC in reasonable proximity to each other? (I am
          assuming yes)

          Wouldn't their suggest be the simplest option? If you do as they recommend
          and disconnect the Ethernet cables to the other computers (coming from the
          PIX) uplink one of them to a small hub or switch, then connect the four
          computers to that the problem is solved. Wires can run around the room
          periphery, or use those flat rubber cord guides to send across the room
          without risk of tripping. Unless the boxes are in different rooms there
          should be no need to pull wire.

          In regards to the other buildings, there may not even be any outside signals

          from the neighborhood that can reach those machines so I would evaluate that

          before getting overly concerned. You can wander around with a laptop and
          NetStumbler to see what it sniffs out.

          Gary Templeman


          ----- Original Message -----
          From: "Dana Repouille" <drepouille@...>
          To: <fhctech@yahoogroups.com>
          Sent: Monday, May 10, 2010 2:15 PM
          Subject: [fhctech] Unfiltered Family History Center Computer


          > This is one of the messages I received concerning this situation.
          >
          > Assuming these computers are indeed connecting to a Wifi signal outside
          > the
          > chapel, how do I configure the computers to NOT do that?
          >
          > These computers should be connecting to the LDSAccess wireless signal that
          > is being broadcast from the Cisco Aeronet 1200 wireless access point that
          > is
          > located in the metal cabinet across the room, about 20 feet away from
          > these
          > computers.
          >
          > The wireless adapter is a Linksys USB device, but I am not using the
          > Linksys
          > software -- just the driver. I am allowing Windows XP to manage wireless
          > connections.
          >
          > All five computers in the chapel are connected through the Cisco Pix. The
          > clerk's computer and two of the FHC computers are wired, and two of the
          > FHC
          > computers are wireless via the LDSAccess SSID on the Aeronet.
          >
          > This worries me, as I have clerk's computers in other buildings that use
          > the
          > same wireless configuration. I do not want those computers to connect to
          > unsecured Wifi signals in the neighborhood.
          >
          > Thanks,
          > Dana
          > Stake technology specialist
          >
          > -----Original Message-----
          > From: FamilySearch [mailto:support@...]
          > Sent: Thursday, April 29, 2010 1:19 PM
          > To: IA_Atlantic@...
          > Subject: Unfiltered Family History Center Computer
          >
          > Subject: Unfiltered Family History Center Computer
          >
          > Dear Center Director,
          > At the bottom of this e-mail is the name of a computer that resides in
          > your
          > center. This computer was tested for Web filtering and found not to be
          > using
          > a Web filter. This is most likely because the computer is not behind the
          > Cisco PIX or Cisco ASA device, which provides the Web filtering. This
          > filtering is designed to prevent patrons from accessing inappropriate Web
          > sites or Internet content.
          >
          > Please correct this issue as soon as possible by connecting this computer
          > directly to the Cisco device or to a switch or hub that is directly
          > connected to your Cisco device.
          >
          > If assistance is needed, please contact your stake technology specialist
          > or
          > FamilySearch Support.
          >
          > Thank you for your prompt attention to this matter.
          >
          > Sincerely,
          >
          > FamilySearch
          > support@...
          > Toll-free phone number: 1-866-406-1830
          > International toll-free phone numbers may be found online at
          > http://contact.familysearch.org/.
          >
          >
          >
          >
          >
          > ------------------------------------
          >
          > Home Page: http://fhctech.org/fhc
          > Community email addresses:
          > Post message: fhctech@yahoogroups.com
          > Subscribe: fhctech-subscribe@yahoogroups.com
          > Unsubscribe: fhctech-unsubscribe@yahoogroups.com
          > List owner: Rick@...
          > Shortcut URL to Yahoo! group page:
          > http://groups.yahoo.com/group/fhctechYahoo! Groups Links
          >
          >
          >



          ------------------------------------

          Home Page: http://fhctech.org/fhc
          Community email addresses:
          Post message: fhctech@yahoogroups.com
          Subscribe: fhctech-subscribe@yahoogroups.com
          Unsubscribe: fhctech-unsubscribe@yahoogroups.com
          List owner: Rick@...
          Shortcut URL to Yahoo! group page:
          http://groups.yahoo.com/group/fhctechYahoo! Groups Links
        • Bill Henderson
          I haven t configured the cisco aironet/odyssey/linksys wireless yet so my thoughts are suppositions; but here we go. 1) there should be a means of controlling
          Message 4 of 8 , May 11, 2010
          • 0 Attachment
            I haven't configured the cisco aironet/odyssey/linksys wireless yet so my thoughts are suppositions; but here we go.
             
            1) there should be a means of controlling which SSID a PC seeks, if only setting a single SSID as primary and not allowing the PC to respond to other SSID's (or not having other SSIDs on the list).  Configuring the PC's Linksys software should provide for this, via WEP or WPA security which must match the access point's security.   If you are using Odyssey correctly, I can't imagine how you are having the problem you describe.
            2) You can change the channels the wireless uses (usually channels 1, 5, or 11 [1, 6, 13 in europe]). Your locals can't be using all the channels.. 
            3) Set hard IP addresses on the PC and access point which are outside of the undesired transmitter's IP range. (since you only have two PCs on wireless, this should not be a hard issue (probably will need help from Global Services for this since the firewall has a fixed range of addresses you can use. 
            4) You can open the wireless software (linksys/microsoft) or go to Regedit and delete any SSIDs you don't want. 
            5) Write a small program that tells the PC to specifically search for the desired access point.
            6) Write a brief/simple set of instructions to show the staff and/or patrons how to connect to the access point they want.
            7) Be sure you have Deep Freeze installed so that if the PCs are inadvertently connected to the wrong access point, any malware they pick up won't stick and cause problems. AND... Once you configure your system for only one SSID and Deep Freeze is locked, that SSID will be the first and only one recognized during daily bootup.
            8) There is also a security measure that dep0ends on the ethernet (MAC) address of the equipment.
             
            I'm pretty sure you haven't secured your wireless net as well as you could.  Usually it is the central wireless hub (the access point/router) that needs to be locked down securely and the workstations are allowed to roam as desired.  Your problem is the reverse.  Campuses all over the world are pretty succssful with the standard setup.  Item 6 above is the answer campuses use (ie teach the student how to connect to the desired transmitter on their own).
             
             I believe one of our commentors was basing his comments on the premise that you are referring to two buildings on the same campus.   From the way you mentioned it, I assume you are supporting two or more sites. 
             
            I hope that is enough ideas to solve your trouble.  Beyond that, I would have to go there myself (not a cheap solution).

            Good luck - Bill


            From: Dana Repouille <drepouille@...>
            To: fhctech@yahoogroups.com
            Sent: Mon, May 10, 2010 8:10:43 PM
            Subject: RE: [fhctech] Unfiltered Family History Center Computer

             

            I had originally configured that FHC with all wired connections, but the
            long Ethernet cable running around the floorboards to the other side of the
            room looked rather bad. So I decided to make the two against the far wall
            wireless. Anything is possible.

            In the stake center, there are a couple unsecured wireless signals from the
            neighborhood that can be detected in the clerks' offices. I don't know why
            those computers sometimes lose their connections to the Cisco Aeronet, which
            is less than 50 feet away. IIRC, I have warned the brethren in those wards
            to not try to connect to weak signals from the neighborhood.

            Thanks,
            Dana

            -----Original Message-----
            From: fhctech@yahoogroups .com [mailto:fhctech@yahoogroups .com] On Behalf Of
            Gary Templeman
            Sent: Monday, May 10, 2010 9:57 PM
            To: fhctech@yahoogroups .com
            Subject: Re: [fhctech] Unfiltered Family History Center Computer

            Are the 4 computers in the FHC in reasonable proximity to each other? (I am
            assuming yes)

            Wouldn't their suggest be the simplest option? If you do as they recommend
            and disconnect the Ethernet cables to the other computers (coming from the
            PIX) uplink one of them to a small hub or switch, then connect the four
            computers to that the problem is solved. Wires can run around the room
            periphery, or use those flat rubber cord guides to send across the room
            without risk of tripping. Unless the boxes are in different rooms there
            should be no need to pull wire.

            In regards to the other buildings, there may not even be any outside signals

            from the neighborhood that can reach those machines so I would evaluate that

            before getting overly concerned. You can wander around with a laptop and
            NetStumbler to see what it sniffs out.

            Gary Templeman

            ----- Original Message -----
            From: "Dana Repouille" <drepouille@hotmail. com>
            To: <fhctech@yahoogroups .com>
            Sent: Monday, May 10, 2010 2:15 PM
            Subject: [fhctech] Unfiltered Family History Center Computer

            > This is one of the messages I received concerning this situation.
            >
            > Assuming these computers are indeed connecting to a Wifi signal outside
            > the
            > chapel, how do I configure the computers to NOT do that?
            >
            > These computers should be connecting to the LDSAccess wireless signal that
            > is being broadcast from the Cisco Aeronet 1200 wireless access point that
            > is
            > located in the metal cabinet across the room, about 20 feet away from
            > these
            > computers.
            >
            > The wireless adapter is a Linksys USB device, but I am not using the
            > Linksys
            > software -- just the driver. I am allowing Windows XP to manage wireless
            > connections.
            >
            > All five computers in the chapel are connected through the Cisco Pix. The
            > clerk's computer and two of the FHC computers are wired, and two of the
            > FHC
            > computers are wireless via the LDSAccess SSID on the Aeronet.
            >
            > This worries me, as I have clerk's computers in other buildings that use
            > the
            > same wireless configuration. I do not want those computers to connect to
            > unsecured Wifi signals in the neighborhood.
            >
            > Thanks,
            > Dana
            > Stake technology specialist
            >
            > -----Original Message-----
            > From: FamilySearch [mailto:support@familysearc h.org]
            > Sent: Thursday, April 29, 2010 1:19 PM
            > To: IA_Atlantic@ ldsmail.net
            > Subject: Unfiltered Family History Center Computer
            >
            > Subject: Unfiltered Family History Center Computer
            >
            > Dear Center Director,
            > At the bottom of this e-mail is the name of a computer that resides in
            > your
            > center. This computer was tested for Web filtering and found not to be
            > using
            > a Web filter. This is most likely because the computer is not behind the
            > Cisco PIX or Cisco ASA device, which provides the Web filtering. This
            > filtering is designed to prevent patrons from accessing inappropriate Web
            > sites or Internet content.
            >
            > Please correct this issue as soon as possible by connecting this computer
            > directly to the Cisco device or to a switch or hub that is directly
            > connected to your Cisco device.
            >
            > If assistance is needed, please contact your stake technology specialist
            > or
            > FamilySearch Support.
            >
            > Thank you for your prompt attention to this matter.
            >
            > Sincerely,
            >
            > FamilySearch
            > support@familysearc h.org
            > Toll-free phone number: 1-866-406-1830
            > International toll-free phone numbers may be found online at
            > http://contact. familysearch. org/.
            >
            >
            >
            >
            >
            > ------------ --------- --------- ------
            >
            > Home Page: http://fhctech. org/fhc
            > Community email addresses:
            > Post message: fhctech@yahoogroups .com
            > Subscribe: fhctech-subscribe@ yahoogroups. com
            > Unsubscribe: fhctech-unsubscribe @yahoogroups. com
            > List owner: Rick@Klemetson. com
            > Shortcut URL to Yahoo! group page:
            > http://groups. yahoo.com/ group/fhctechYah oo! Groups Links
            >
            >
            >

            ------------ --------- --------- ------

            Home Page: http://fhctech. org/fhc
            Community email addresses:
            Post message: fhctech@yahoogroups .com
            Subscribe: fhctech-subscribe@ yahoogroups. com
            Unsubscribe: fhctech-unsubscribe @yahoogroups. com
            List owner: Rick@Klemetson. com
            Shortcut URL to Yahoo! group page:
            http://groups. yahoo.com/ group/fhctechYah oo! Groups Links


          • Dana Repouille
            We no longer use Odyssey to connect to the Aeronet. I have no control over the Aeronet s configuration. I also do not use Deep Freeze. My only choice is
            Message 5 of 8 , May 11, 2010
            • 0 Attachment

              We no longer use Odyssey to connect to the Aeronet. I have no control over the Aeronet’s configuration. I also do not use Deep Freeze.

               

              My only choice is whether to use Windows to manage the PC’s wireless adapter, or to use the Linksys software.

               


              From: fhctech@yahoogroups.com [mailto:fhctech@yahoogroups.com] On Behalf Of Bill Henderson
              Sent: Tuesday, May 11, 2010 5:21 AM
              To: fhctech@yahoogroups.com
              Subject: Re: [fhctech] Unfiltered Family History Center Computer

               




              I haven't configured the cisco aironet/odyssey/linksys wireless yet so my thoughts are suppositions; but here we go.

               

              1) there should be a means of controlling which SSID a PC seeks, if only setting a single SSID as primary and not allowing the PC to respond to other SSID's (or not having other SSIDs on the list).  Configuring the PC's Linksys software should provide for this, via WEP or WPA security which must match the access point's security.   If you are using Odyssey correctly, I can't imagine how you are having the problem you describe.

              2) You can change the channels the wireless uses (usually channels 1, 5, or 11 [1, 6, 13 in europe ]). Your locals can't be using all the channels.. 

              3) Set hard IP addresses on the PC and access point which are outside of the undesired transmitter's IP range. (since you only have two PCs on wireless, this should not be a hard issue (probably will need help from Global Services for this since the firewall has a fixed range of addresses you can use. 

              4) You can open the wireless software (linksys/microsoft) or go to Regedit and delete any SSIDs you don't want. 

              5) Write a small program that tells the PC to specifically search for the desired access point.

              6) Write a brief/simple set of instructions to show the staff and/or patrons how to connect to the access point they want.

              7) Be sure you have Deep Freeze installed so that if the PCs are inadvertently connected to the wrong access point, any malware they pick up won't stick and cause problems. AND... Once you configure your system for only one SSID and Deep Freeze is locked, that SSID will be the first and only one recognized during daily bootup.

              8) There is also a security measure that dep0ends on the ethernet (MAC) address of the equipment.

               

              I'm pretty sure you haven't secured your wireless net as well as you could.  Usually it is the central wireless hub (the access point/router) that needs to be locked down securely and the workstations are allowed to roam as desired.  Your problem is the reverse.  Campuses all over the world are pretty succssful with the standard setup.  Item 6 above is the answer campuses use (ie teach the student how to connect to the desired transmitter on their own).

               

               I believe one of our commentors was basing his comments on the premise that you are referring to two buildings on the same campus.   From the way you mentioned it, I assume you are supporting two or more sites. 

               

              I hope that is enough ideas to solve your trouble.  Beyond that, I would have to go there myself (not a cheap solution).


              Good luck - Bill

            • Larry Jackson
              I do not have a wireless card on the computer where I presently am typing, but I seem to recall that under the Windows wireless networking area (where the
              Message 6 of 8 , May 11, 2010
              • 0 Attachment
                I do not have a wireless card on the computer where I presently am
                typing, but I seem to recall that under the Windows wireless networking
                area (where the computer goes looking for networks) there is a setting
                in the advanced area where you can tell it not to connect, or to connect
                manually, to other networks.

                I would put the FHC SSID and network first on the list with an automatic
                connect, and either delete or change to manual connect any other
                networks I see.

                I may be a bit daft, though, and there may not be a do not connect box
                to check. I will also be the first to admit that Windows sometimes (ok,
                often) will do things it has been told not to do.

                I would let Windows manage the wireless, although I do not think it
                would hurt if you let Linksys do it. Linksys may give you more control
                over random connecting that Windows wireless.

                I have some D-Link stuff at home, and would definitely choose Windows
                control over D-Link.

                Larry Jackson

                __

                Dana Repouille wrote:

                > My only choice is whether to use Windows to manage the PC’s wireless
                > adapter, or to use the Linksys software.
              Your message has been successfully submitted and would be delivered to recipients shortly.