Cosmos Upgrade – FAQ Information Systems 12/9/2013

Champlain College will be upgrading its primary file server, cosmos, from 5:30 pm Friday December 20th to 8:00 am Monday December 23rdDuring this time, cosmos will not be available.


Here, in FAQ format, are the answers to questions that some of you may have about this upgrade.


What’s better about the new system?
The most visible change will be that you will get more file storage. The behind-the-scenes changes are that we will be moving off an old system (it’s a Gateway! Remember them?) to a new system that is faster, more reliable and has greater redundancy.


2.5 days is a long time to go without my files. Why is it taking so long to do this upgrade?
Cosmos contains millions of files and just the process of copying those files to the new system will take over 36 hours.


With the new system, will I get more storage? Those quota messages are a pain!
Yes! Faculty and Staff will have individual quotas of 5 GB and Students will have individual quotas of 2 GB (10 times what you have today!). With the new system, we can also create different quotas for department folders. For example, files that you put on your department’s I drive, won’t count towards your personal quota. That data will count towards a separate departmental quota.


5 GB?! I can go down to the country store and buy a 2 Terabyte drive for $100. What gives?
High performance, redundant enterprise storage systems that run 24/7 and are backed up are much more expensive than consumer grade storage devices. This is what we could budget for storage this year, though we did install a system that can be expanded in the future. We hope to expand the system on a regular basis.


Will this give me more E-mail storage?
No. This upgrade only impacts file storage. E-mail storage will be addressed when Champlain switches to Google Apps for Education in 2014.


Is there anything I should do to prepare for the upgrade?
Yes. You could start by looking through your H drive and deleting any files you no longer need. Also, please make sure that you don’t have any documents open during the upgrade as that may cause you to lose changes to those files.


Will I still use the same drive letters and network paths ?
Yes from on campus, No for ftp access. The new server will still use the cosmos name and network shares. Paths like \\cosmos\<foldername> and drives like your HI, J, K, and X drives, etc will still work the same way they do today. However to accomplish some of redundancy and scalability we desired, we had to use a different system for SFTP access from off-campus. To access cosmos from off-campus, you will now use the hostname . Instructions for setting up ftp clients to use this new host will be posted prior to the upgrade. Please be sure to update any ftp clients you use to access files remotely.


This sounds like a big change. This isn’t going to be like that health care web site is it?
We hope not! The IS team has been working hard preparing the new system and testing the transition process. While we are making every effort to make this transition as smooth as possible, unforeseen problems can occur during a transition of this magnitude. If you encounter any problems, please contact ChampSupport and we will do our best to address your problem as quickly as we can. Thank you in advance for your patience and support!

Campus Network Maintenance

On Sunday November 24th we will be performing critical maintenance to our campus network from 7 pm to 9 pm EST. During this time, all campus computing resources such as E-mail (including webmail), Datatel, Campus Wifi, and cosmos will be intermittently unavailable.

Resources that we host off-campus such as Canvas, Workday, and will be up and running, however the on-campus server they use to process logins will also be intermittently unavailable.

ALERT: Threat to Computer Accounts Due to Adobe Security Breach

November 15, 2013

BACKGROUND: In October 2013, Adobe suffered a data breach. Their database of 38 million usernames and passwords was stolen and subsequently posted online [1][2]. Adobe did not protect user passwords to industry standards, and attackers were able to exploit that. Also stored with the passwords were the users’ password hints in clear text.

Many of the hints are weak and easily exploited by third parties.

Security experts agree that it will be trivial for miscreants to discover the passwords.

Of the estimated 38 million Adobe customers affected, analysis indicates that there were over 2 million education-related accounts. We don’t know how many of the email addresses are attached to active institutional accounts.

Adobe reached out to individual affected users via email. The notification thoughtfully included “[we] recommend that you also change your password on any website where you use the same user ID or password”. However, there are reports of non-delivery (it might have been filtered as spam) and users disregarding the e-mail (it might have been thought to be a phishing message).

IMPACT: If the same password used for Adobe System accounts was used for work, school, banking, or other accounts, those accounts may be at risk.

Repercussions could range from simple to severe, such as account hijacks to send spam, theft of bank deposits, or hackers gaining a foothold in a place of employment to conduct widespread damaging attacks.

RECOMMENDATIONS: We recommend that you take the following actions:

1. CHANGE PASSWORDS IMMEDIATELY. Persons who used the same password for Adobe and other accounts should immediately change their passwords at the other locations and monitor for unusual activity.

2. ADOBE PASSWORDS SHOULD BE RESET only by manually visiting the Adobe website, and not by clicking on links arriving via email, as there is now a concern that there will be a rise in phishing related to this event.

3. NEVER REUSE YOUR Champlain College PASSWORD for external web sites or Internet services. If you reuse a password at multiple locations when the password is compromised at one site the miscreants then can gain access to all sites where you’ve used that password. The best policy is to always use different passwords for different accounts.

4. CREATE STRONG PASSWORDS OR PASSPHRASES. The Wikipedia Guidelines for Strong Passwords [3] is a good starting point.

5. USE INFORMATION THAT IS NOT EASILY GUESSED. When providing password hints use information that is not easily guessed or discovered. For example, if your hint is “dog’s name” and you mention your dog on social networking sites miscreants can discover that information.