How to get network access
The access to our D-PHYS network is restricted to registered machines. For most computers the ETH Docking network should be sufficient and can be used without registration.
How do I register my computer?
The following informations must be provided to register your computer for the D-PHYS network:
- MAC address of your ethernet interface
- Operating system (Windows/Mac/Linux, what version)
- Hardware type (Laptop/Desktop/Ethernet adapter)
- Two physics accounts to register the computer on: typically one being the user and administrator of the computer and the second a deputy we could contact if the user is unreachable and there's a problem with the machine. The latter is often chosen to be the IT responsible of your group.
Where can I find the MAC address?
The MAC address is a kind of telephone number which is needed for computers to communicate in a network. It is written as 6 pairs of letters or numbers, like
Use the command
getmac -v or
ipconfig /all in a Command Prompt to see the MAC address. Be sure to pick the wired network interface and not the wireless.
Open System Preferences, Network, Ethernet, Advanced, Hardware to see the MAC address.
Enter the command
/sbin/ip address to see the MAC-address
$ /sbin/ip address link/ether 45:24:c6:7b:f0:da brd ff:ff:ff:ff:ff:ff ^^^^^^^^^^^^^^^^^
Or on older computers, enter the command
/sbin/ifconfig to see the MAC-address
$ /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:D0:B7:AB:FD:BF ^^^^^^^^^^^^^^^^^
Why do I need to register my computer?
The network of ETH Zurich is different from the networks usually found in companies. There is no firewall between the internet and the local network! So each computer is visible in the internet. Even more the internet link is quite fast. These two things imply, that computers attached to this network are very valuable for hackers.
In the Department of Physics we discover about one or two hacked computers each week. Those computers are hacked to use for filesharing (exchange music and movies) or to attack other computers in the internet. Everyone is affected: There is no difference between professors and students, between notebooks and beowulf clusters, between Windows and UNIX. Some attacks are run automatically seconds after pluging in the network, others are done by hand and discovered only several weeks or months later.
The only effective protection against such attacks are regular updates of the system. Each time, new security problems are discovered, the software vendors distributes patches (software updates), which must be installed as soon as possible. Further on it's important that only software from a reliable source is installed and on Windows it's important that you have a current virus scanner.
The IT support group of the Departement of Physics is responsible that no hacked or hackable computer will be attached to the network. Computer who are found to be hacked must be unplugged and reinstalled. We need to know who is responsible for a computer in case of problems. Because of that each computer attached to a public network must be registered.
Which requirements must be fulfilled?
- A maintained version of the operating system with all updates installed.
- Strong passwords for all accounts on the computer.
- Unused services should be switched off.
In case you installed a firewall software, be sure to accept Ping (ICMP-Echo-Request). This is necessary for the DHCP service to work. Visit http://dhcp.phys.ethz.ch/ to check your setup.
How could I get an IP-number?
We distribute IP-numbers, DNS-servers etc. by DHCP. When you never touched your network settings, everything will work without your intervention. When you changed the default, be sure to enable DHCP.
If you are using Windows and would like to access D-PHYS IT services, please refer to the following documentation as well: Configuration hints for self-managed Windows Machines
Linux is quite particular, but most Linux distributions set up DHCP usage by default. In other cases please consult the manual of your distribution on how to activate DHCP.
You may want to have a look at our configuration hints for self-managed Linux machines if you want to use specific DNS features here at D-PHYS, though.