SULAIR

For Students | For Staff | Directory | About | Sitemap

Stanford University Residential Computing

A department of Academic Computing, Stanford University Libraries and Academic Information Resources

Information & News: In-Room Network Connections: Automation

After much hard work, automated in-room network connection registration has finally gone live! As of Thursday, September 18, 2003 (freshman arrival day for the 2003-04 academic year), students living in on-campus housing can get online within minutes.

Every student living in on-campus housing (with the exception of those living in Schwab) is required to register his computer(s) with Residential Computing in order to gain complete access to the Stanford University Network (SUNet) and the Internet. In previous years, to register his connection, a student needed to lookup the hardware ethernet address of the computer he was trying to register and then go to an already networked computer (usually one in the public computer cluster available in each residence) and fill out the registration form. After submitting, the information would be routed to his Resident Computer Coordinator (RCC) who would, in turn, "process the registration" by copying the resident's information into the network database.

IP Config

>>

Confused

>>

Ethernet hardware address

The old registration process was problematic because:

  1. Students had to find and submit their hardware ethernet addresses themselves. Most students do not know how to do this and even with the instructions provided during the registration process, many have trouble obtaining this information on their own, not to mention the added possibility for error when entering it into the registration form.

  2. RCCs had to manually copy the resident's information into the network database. In an all-freshmen dorm, the RCC would have to process approximately 100 requests within the first few days after student arrival. Not only tedious and an inefficient use of an RCC's time, this process introduced even more chance for error. Moreover, residents would have to wait hours, sometimes even days during peak times to get online.

By allowing students to register from their rooms and automatically entering their information into the network database, the new registration system solves both of these challenges. For example, as part of the Keyboard Generation, when bright-eyed Stanford freshmen Joe Schlobotnik moves into his brand-new dorm room, one of the first things he'll want to do is set up his computer and sign up for an in-room network connection. To do so, he'll go through the following steps:

Plug into the network jack

Step 1: Instead of having to find an already networked computer, he simply plugs his computer into his in-room network jack, turns on his computer, and opens a Web browser.

Step 2: No matter what Web page Joe tries to visit, he is automatically redirected to the ResComp Web site where he can access the registration form.

Step 3: Before, Joe would have had to follow step-by-step instructions for his computer's operation system to figure out his ethernet hardware address, a unique 12-digit hexidecimal number, and then carefully type it into the form. Instead, the registration form asks Joe if he is registering the computer which he is currently using. If yes, the system will automatically detect and fill-in the registration form with his computer's hardware ethernet address and operating system. (If no, those fields are left blank for him to complete.)

Step 4: Joe then completes the registration form with additional information about his computer (make and model, laptop versus desktop, etc.) and himself (phone number, class year, etc.).

Step 5: When he clicks "Submit," the system first enters the information into the ResComp database and then tries to enter the corresponding relevant information into the network database.

Step 6: If the system was unable to enter his information into the network database, the registration request is routed to the RCC (as in the old system). However, if the system was successful, Joe is shown a confirmation message, told to restart his computer in about 15 minutes (the time for changes to the network database to take effect), and then he should have a fully working Internet connection! He can check his email, surf the Web, including his dorm's Web site, register for classes, play online games, instant message his new dormmates and more!

Registration Form

Even if a student is registering from a different computer, his registration would still be processed automatically-- he would just have to find and enter his ethernet hardware address himself (as in the old system).

Looking at the first week after freshman arrival day, the amount of time between submitting the registration form for a new connection and having the request processed has dropped from an average of 9.5 hours in 2002 to 15 seconds in 2003. Of all registration requests (including updates and reconnects) submitted during that first week, 94% were processed automatically. Those not processed automatically were usually because the ethernet hardware address already existed in the network database (since a student may be trying to register a computer already registered with his department).

RPC Cleaner Tool integration

During late July and August, Stanford, like many other universities and businesses, began to be affected significantly by Internet attacks targeting the recently announced vulnerabilities in the Microsoft Windows operating system. The vulnerabilities affected machines running versions of Windows based on Windows NT: Windows NT, Windows 2000, Windows XP and Windows 2003 Server. For more information on the RPC vulnerabilities and exploits, click here.

In anticipation of student arrival for the start of the academic year and the expected increase in vulnerable or infected machines, use of the RPC Cleaner Tool provided by ITSS was integrated into the in-room registration process. Upon arrival, each student was given a copy of the Essential Stanford Software CD that included a copy of the tool and was asked to run the tool before connecting to the network. This would prevent them from being infected during the registration process-- at Stanford, when a vulnerable computer was connected to the Internet, it would usually be hacked within minutes.

While running the CD version of the tool protected them from being infected while registering, students were also asked to run an updated online version of the tool that not only included the patch for the latest vulnerabilities, but was also able to write to an online clean list, recording that the tool was run on a particular computer (the hardware ethernet address was logged). When registering a computer, if the hardware ethernet address did not appear in this list, the student was not allowed to register and was directed to a page explaining why his registration was rejected and how to get his computer onto the clean list.

While integration of the tool may have caused some inconvenience for students, we were able to successfully keep vulnerability and infection rates in the residential network below one or two percent during times of peak registration. By October 6, 2003, we had approximately 98% of our expected number of registered machines for the school year and of those, only 0.4% were scanned as being vulnerable or infected. Integration of the tool was removed on October 6 and we do not expect to reinstitute it for registration next year.

Other changes

Numerous other changes were also implemented for this release of the registration system:

Stanford Computing and Network usage policies
Before accessing the registration form, all students must view a summary (with links to complete text) of and agree to abide by Stanford Computing and Network usage policies. To view a copy of this page, click here.

Privacy
Previously, each resident had the option of choosing privacy, which kept his phone number, email address and room number out of the network database record for his computer. Additionally, the system generated an automatic hostname based on the resident's location. This year, we have moved to a policy of full privacy where no personal information about the resident is included in the network database, not even the owner's identity or residence. Only authorized University personnel can associate a record with a particular student. So, no one can track your location based on the headers of an email you send or your identity based on the logs of Web pages you surf.

Multiple hardware addresses
To accomodate students with laptops who may have multiple hardware interfaces for a single computer, the registration form now includes spaces to enter wireless and/or docking station hardware ethernet addresses in addition to the main interface.

About this project

The automated in-room registration system is an on-going, collaborative project between Information Technology Systems and Services (ITSS) and ResComp. The project managers are Ethan Rikleen, Network and Systems Administrator, and Sindy Lee, Systems Software Developer (both from ResComp). Together, ITSS and ResComp manage the residential network and both departments have wanted to see this project completed for years. It was a long and strange journey as we worked to overcome the numerous technical hurdles that stood in the way, but with the launch of the new automated system, we have hopefully been able to deliver a greatly improved service to students.

Last updated Wednesday, 10-Dec-2003 11:25:41 PST.

Questions or comments about this Web site? Email webmaster@rescomp.stanford.edu.
Need help with your computer or in-room network connection? Contact your RCC.

© 2007. Stanford University. Residential Computing.

 

Student Computing Home | Academic Computing Home | SULAIR Home | SU Home