Care and Feeding of your OPAC

New England Innovative Law Users Group  October 27th, 2000

INNOPAC Management at UConn Law

The Basics

• Turnkey site: Alpha Personal Workstation 433au with a StorageWorks RAIDarray
• Release 2000; Preview Release of Update D
• Options for installations

  Turnkey

  purchase hardware, application software, and support from Innovative

  Software Only

  purchase application software from Innovative; purchase hardware and support from a third party

  Software Plus

  purchase application software and operating system support from Innovative; purchase hardware and hardware support from a third party

Division of Labor

Information Systems

• Backups
• Software upgrades
• Configuration maintenance
• Authorization/password changes
• Free busy records
• Lead contact to Innovative

Bibliographic Services

• Rapid updates
• Record loads
• Global heading changes

Division Heads

• Authorization/password requests

Systems Advisory Group

• Council of unit heads
• Meets every two weeks
• Discussion and approval of configuration changes that have an impact across the system.
  Classic example: adding a new location code.
  • Acquisitions (ordering for items in the new location code)
  • Cataloging (assigning location code to new items or changing old records)
  • Access Services (changes to Loan Rule Determiner table; days-closed/hours-open)
  • Reference Services (assigning a meaningful label to the location)

Basic system security

Comments about passwords

• Change passwords often and create good passwords
• Once every few months for staff authorizations, three times a year for INNOPAC logins
• Ideal passwords should not be words and have upper/lower case letters as well as digits and symbols
• "PW DATE:" last-modified date for staff authorizations
• Password Schemes
  1. First letter of each of the words of a phrase, eg:
     WJcMH: When Johnny comes Marching Home
  2. Alternating letters from two common but unrelated words, eg:
     MToavlEK: From move and talk

Securing Staff logins

• Select good passwords
• Password protect all staff logins
• Password protect INNOPAC menu options

  Character-based

  Anything from the Main Menu (menus with times at the bottom)

  Selected other features

  Millennium-based

  Passwording is all over the place

  Traditional 1-199 authorizations

  Millennium-specific login manager

Controlling Network Access

"N > Limit NETWORK connections" table

TELNET

Terminal-based connections based on the "TELNET" protocol

LOGIN

Terminal-based connections based on the "RLOGIN" protocol

HTTP

WebPAC access to your machine

PATRONAPI

INNOPAC Patron API access

Z39

Access to the Z39.50 server running on your INNOPAC

OCLCNET

OCLC Interactive Download port

MILLENNIUM

Client login access to the Millennium server

MILPACSERVER

Client access to indexes searches

MILDATA

Client access to server for database records and other searches

May also see other WWW entries if you have reference databases or community databases loaded on your system.

Format of Table

1. Remote Host: IP address of remote system

   nnn.nnn.nnn.nnn:

   Traditional IP address form

   nnn.nnn.nnn., nnn.nnn., etc:

   Fragments of IP addresses

   ALL:

   matches all IP addresses

   LOCAL:

   matches any remote host whose first three octets match the first three octets of your system's IP address

   LOCAL+:

   matches any remote host whose first two octets match the first two octets of your system's IP address

2. Comment: Free-text comments about this entry
3. Access?: Does this host have access to your system? (Yes or No)
4. Login Name: Automatically log the user into this login name (blank if no forced login)
5. Service Level: Service level for users accessing your INNOPAC from this host

Comments and recommendations

• Open Logins for staff only
  • Force all unknown connections from the Internet or your campus network into a login, including your OPAC terminals
  • Only allow open "login:" prompts for known staff stations
• Disabling RLOGINs
  • In the "LOGIN : Remote Login" table, create one entry for ALL IP addresses and set access to No
• Remove access to services which don't need it

Wrap-up

• Slides are available over the Internet at http://www.PandC.org/peter/presentations/neilug2000/
• Presenter Information
  
  Peter Murray
  Computer Services Librarian
  University of Connecticut School of Law

  E-mail:

  PMurray@law.uconn.edu