translated by Google

Machine-translated page for increased accessibility for English questioners.

You can connect your notebook to the faculty network (or Internet) in the following ways:
  • 100Mbit / 1000Mbit Ethernet (wired)
  • Wi-Fi wireless network (IEEE 802.11a / g / n); this is managed by RouterBoard Access Points (ESSID wlan_fi) covering almost the entire faculty area

As a newly arrived faculty member (any type of connectivity), first obtain IP / DNS data for your network interface using DHCP. You can still access only the faculty DNS servers and the HTTPS service (not HTTP this time) on the server fadmin.fi.muni.cz. Use them to open a web browser page https://wifi.fi.muni.cz . After successful authentication, all notebooks should be included in the faculty network and the Internet. Your IP address has been activated in the terminology of the Faculty Administration.

Once activated, access to the Internet is allowed from the assigned IP address. The faculty network treats the address like any other computer in the outside world. So all the services on the FI should work, which you can use for example if you are connected through some other Internet provider. On the contrary, some services will not work - for example, sharing disks over NFS and SMB (Windows).

The Faculty Firewall continuously tests whether the activated computer is still active. If it does not respond to the ping for more than 5 minutes (ICMP echo request), the activation of the given IP address is canceled and the user must reactivate its address using the URL above. Keep this in mind when configuring the firewall on your laptop.

Network security

Keep in mind that all communication to / from your computer is interceptable on intermediate network elements, so use encrypted protocols (eg HTTPS, IMAPS, POP3S, SSH) instead of unsafe, unencrypted (IMAP, POP3, FTP) , HTTP). This problem is particularly acute when connected to a wireless network: all network traffic related to your computer is transmitted not only to you but also to all wireless subscribers of the access point. Hardware-level encryption (eg WEP) is not enabled for faculty Wi-Fi access points due to the lack of support for reasonably strong cryptography.

In this context, we also urge you to be collegial with other network members: Provide your system with sufficient protection software to prevent viruses and similar pests from infecting your computer that will use the faculty network to send spam, hack attacks on nearby computers, and so on without your knowledge. This is especially true for Windows users. Keep all your software up to date: a security incident can happen through unexpectedly hidden, remote paths.

It should be added here that if your notebook starts showing unwanted network activity (eg scanning the ports of nearby computers caused by a virus), it will not only be disconnected from the faculty network, but you will also be prohibited from accessing the faculty network from the notebook. ) for one week or more.

Finally, we recommend that you do not store the password for the Faculty Administration in a web browser or any script (eg to facilitate activation of the IP address). In the past, an error has been discovered several times in one of the common browsers, thanks to which the saved passwords could be extracted from the browser by the evil web programmer, of course without your knowledge. Misuse of your FI account can cause irreparable difficulties.

Links, documentation