Category Archives: ITS

@MiddInfoSec – New Phishing Threat

Information Security has become aware of a new phishing threat with a subject line of “ITS Help-desk”. Please see below for the full content of this attack. Note this email is a hoax and should be deleted from your email. Do not reply to this message and do not click any links in this message. If you have any questions please feel free to contact the help desk at x2200 or forward the message to phishing@middlebury.edu.

phish

Important reminders to spot a phish include:

  1. Read the entire email from start to finish to ensure that the content and language fits with the sender.
  2. Hover your mouse over links to ensure the link directs you to the destination indicated by the email.
  3. Look for miss placed language, such as copyrights or signatures, that do not match the sender.

For additional information on phishing please visit http://go.middlebury.edu/phish

@MiddInfoSec: Guard Your Privacy When Offline or Traveling

Information Security has a New Twitter feed and other new content on their website. Follow us at @MiddInfosec or visit our website at http://go.middlebury.edu/infosec

Planning a spring break vacation? People are frequently more vulnerable when traveling because a break from their regular routine or encounters with unfamiliar situations often result in less cautious behavior. If this sounds like you, or someone you know, these five tips will help you protect yourself and guard your privacy.

  • Track that device! Install a device finder or manager on your mobile device in case it’s lost or stolen. Make sure it has remote wipe capabilities and also protects against malware.
  • Avoid social media announcements about your travel plans. It’s tempting to share your upcoming vacation plans with family and friends, but consider how this might make you an easy target for local or online thieves. While traveling, avoid using social media to “check in” to airports and consider posting those beautiful photos after you return home. Find out how burglars are using your vacation posts to target you in this infographic.
  • Traveling soon? If you’re traveling with a laptop or mobile device, remove or encrypt confidential information. Consider using a laptop or device designated for travel with no personal information, especially when traveling out of the country.
  • Limit personal information stored on devices. Use a tool like Identity Finder to locate your personally identifiable information (e.g., SSN, credit card numbers, or bank accounts) on your computer, then secure or remove that information.

Physically protect yourself and your devices. Use a laptop lock, avoid carrying identification cards, shred sensitive paperwork before you recycle it, and watch out for “shoulder surfers” at the ATM.

Digital Media Bootcamp Update

We’ve added another session to the Digital Media Bootcamp.

Wilson Media Lab

Wilson Media Lab

Quicktime, SnapZ Pro, MPEG Streamclip, Scanners, Plotters and more @ 2:15pm

Date: January 18, 2016

Mack Roark – This workshop will teach you the basic functionality of Apple’s Quicktime, how to use SnapZ Pro to do a screen capture of video, and how to use features of MPEG StreamClip to view and convert video clips. Also included is an overview and demonstration of the scanners, plotter, and capture station located in the Wilson Multimedia Development Lab. You will learn the basics of how to operate these devices and the software associated with them. This is a 2 hour workshop.

Current List of Workshops

Title Date
Quicktime, SnapZ Pro, MPEG Streamclip, Scanners, Plotters and more @ 2:15pm January 18, 2016
Liberal Arts Data Bootcamp – Working with Data @1pm until 4pm January 19, 2016
Liberal Arts Data Bootcamp – Visualizing Data @1pm until 4pm January 20, 2016
Liberal Arts Data Bootcamp – Mapping Data @1pm until 4pm January 21, 2016
Liberal Arts Data Bootcamp – Analyzing Textual Data @1pm until 4pm January 22, 2016
Introduction to Information Literacy @ 2:45pm January 25, 2016
Safe Computing Practices at Middlebury @ 1pm January 25, 2016
Online Identity: Your Story to the World @ 2:45pm January 26, 2016
Online Recording Lab: SANSSpace @ 1pm January 27, 2016
Intro to Audio Literacy @ 3:30pm January 27, 2016
Intro to Visual Literacy and Presentations @ 3:30pm February 3, 2016

Library & Information Technology Services » Post for MiddNotes 2015-10-23 12:15:34

ccam

October is Cybersecurity Awareness Month. Join your colleagues from both the Middlebury and Monterey campuses for a presentation and discussion on critical cybersecurity issues including phishing and cracking.

  • On October 29th at 12:30 Eastern time, Information Security will host a Cybersecurity Roadshow.
  • You can join the discussion in Lib105A on the Middlebury Campus or on PolyCom 710205
  • Central Monterey meeting location TBD.

Please join us for this discussion. It is open to students, faculty, staff and the community. Computer security is the responsibility of us all.

For more information call Information Security at 802-349-5805

The Canvas Pilot

Our current Learning Management System (LMS), Moodle, was adopted back in 2011. Four years later we are reflecting on whether Moodle is still the best LMS to serve the growing needs of Middlebury. This fall we are doing a pilot to evaluate Canvas and determine whether we want to continue with Moodle or move to Canvas. You can learn more about Canvas and Middlebury’s evaluation by following this site – http://sites.middlebury.edu/canvas/

Since it has launched over 1,200 colleges, universities and school districts have adopted Canvas, including many of our peer and neighboring institutions, including Amherst,  Williams, Harvard, Yale, and Dartmouth. It uses modern technology and service management, has a user-centric design, and the features that are common to an LMS are easier to find and use.

Some of the appealing features that are worth exploring are:

What about Moodle?

Middlebury adopted Moodle as its LMS in 2011 after a year-long evaluation (http://sites.middlebury.edu/segue/2011/06/14/moodle-middlebury/). At that time it was decided that we would use Moodle for a minimum of 5 years. At the end of the 5 years we would ask ourselves: Is Moodle still the right LMS for Middlebury? The 5 years will end in August of 2016.

The Canvas evaluation should not be considered as a sign that Middlebury intends to stop using, supporting, or expanding the platform. This is simply an opportunity to consider other options and review our use of Moodle.

Security Notification: Ransomware Delivered Through Phishing Attacks

A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.

A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.

  • Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
  • Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
  • Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
  • Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.

According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.

What you can do to protect yourself:

  • Never open attachments or click links in emails that you do not recognize or trust.
  • Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
  • If you think you have fallen for a phish change your password. then call x2200
  • If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
  • Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
  • Never disable your antivirus software.
  • Send any suspect emails to phishing@middlebury.edu
  • Only download software from known vendor sites.
  • Don’t click on ads in web sites. Visit vendor websites directly.

Sources:

Wireless Network Changes

Greetings!

Over the course of the next several weeks, we will be replacing the wireless networks at Middlebury.

What do I need to do?

Starting March 2nd, please connect to the new secure wireless network named MiddleburyCollege (like midd_secure but better). Middlebury Faculty, Staff and Students will login with your standard Middlebury username and password. Guests will need to create a Middlebury guest account and use it to connect to MiddleburyCollege. This is not a change for change’s sake – we are confident that the end result will be a wireless network that is more convenient and more secure for everyone.

Why are we doing this? What are we trying to achieve?

Some devices have trouble with the current configuration of midd_secure. Midd_secure was created many years ago and wireless standards have since evolved. Additionally, guests have traditionally connected to midd_unplugged, a non-secure network.

It is important that all wireless devices, including those of faculty, staff and students as well as guests, have a way to connect to our network securely, quickly, and easily. Also, as part of our improved security posture, and to comply with all regulations and generally accepted guidelines, devices on our network need to be identified and associated with an individual, for everyone’s benefit.

What will the new configuration look like?

  • Anyone with a Middlebury College username, including faculty, staff, students, etc., will connect to the new wireless network called MiddleburyCollege using their username and password. Guests will also connect to MiddleburyCollege with their guest account name and password, where they will have access to the Internet, but not our internal servers.
  • Guests from other institutions that are also part of the eduroam project will continue to connect to the eduroam network (for Internet access only).
  • Guests and others who do not have a username and password, either because they haven’t created an account or they have forgotten their password, will connect to a new open wireless network created for this purpose, called GuestAccountCreation. No password is required, but connections are limited to intervals of 15 minutes. When they connect, they will be offered links to create a new guest account, reset their guest password, or activate/reset their Middlebury account password.
  • Certain older or residential devices, for technical or procedural reasons, do not support standard security protocols (username and password), and require what’s called a “pre-shared key” instead (a shared password, like Midd-standard has now). For these devices, we are creating a limited-access pre-shared key network called MCPSK. This is only for devices that cannot use MiddleburyCollege. If you suspect this applies to you, please contact us (see “What if I have more questions?” below).

How will we get there? What is the transition schedule?

To reduce the impact of this change, we are planning on a phased implementation that gives people time to transition from one network to another. For performance and capacity reasons, we cannot have more than four different wireless networks at once, so we will introduce new networks on the following schedule:

Now to 3/2 3/2 to 3/09 3/09 to 3/16 3/16 forward
midd_unplugged (transition to midd_secure)
MiddleburyCollege MiddleburyCollege MiddleburyCollege
midd_secure midd_secure (transition to MiddleburyCollege)
MCPSK MCPSK
Midd-standard Midd-standard Midd-standard (transition to MCPSK)
GuestAccountCreation
eduroam eduroam eduroam eduroam (unchanged – for guest access from other institutions)
  1. Anyone currently connecting to midd_unplugged should take a moment now to transition to midd_secure. If you have trouble connecting to midd_secure, please contact the Helpdesk for the password to Midd-standard.
  2. On Monday, March 2nd, midd_unplugged will be removed and we will introduce the new MiddleburyCollege network. From then on, all faculty, staff, and students should connect to MiddleburyCollege, though midd_secure and Midd-standard will continue to work for enough time to allow a smooth transition. We will prepare offices that frequently bring guests to campus to help them get connected to Midd-standard if necessary during this transitional period. In short, midd-unplugged will cease operating on 03/02/2015 – use midd_secure before then, and MiddleburyCollege after.
  3. On Monday, March 9th, all College personnel should be connected to MiddleburyCollege, and we will remove midd_secure to allow for the introduction of the MCPSK network. Starting on this day, anyone who hasn’t been using midd_secure due to incompatibility should first see if they can connect to MiddleburyCollege. If your device doesn’t support it, please contact the Helpdesk so we can connect you to MCPSK. For most devices, switch to MiddleburyCollege before midd_secure goes away on 03/09/2015.
  4. By Monday, March 16th, all individuals who have been using Midd-standard should have moved to another network, so we can remove Midd-standard and add GuestAccountCreation. To recap, switch to either MiddleburyCollege or MCPSK before Midd-standard goes away on 03/16/2015.

Other Frequently Asked Questions:

Are you saying guests will connect to the MiddleburyCollege network? Isn’t that a little weird from a security perspective?

There’s some behind-the-scenes magic there – people with Middlebury Guest accounts will be isolated from the regular Middlebury network and be provided with Internet access only.

Why start by removing midd_unplugged instead of another network?

For starters, it’s slow and insecure, but a good chunk of people keep using it, unaware that that’s the primary reason for their bad experiences. As much as possible during this transition, we want to make life easier for the people who are currently depending on the faster secure networks. We did consider temporarily disabling eduroam instead, since not as many people use it, but it’s part of an agreement with other universities and we want to honor that.

If I’m bringing a guest to campus after March 2nd, how can I make their experience easier?

The best thing to do is direct them to Middguests so they can create an account before they get here. Then, once they arrive on campus, they can immediately connect to MiddleburyCollege with their guest username and password. If they’ve forgotten their account info, once the GuestAccountCreation network is in place, it’ll provide links to help them reset their password or create a new account.

What about College faculty, staff, or students who’ve forgotten their password or don’t have one yet?

The GuestAccountCreation welcome page will also have a link to the password activation/reset page, and the Helpdesk phone number should anyone get stuck.

What if I have more questions?

If you have a technical issue, now or at any time, or if you need access to the limited MCPSK network, please make a ticket or call us at 802.443.2200 so we can assist you. If you have general questions about the plan, please post them here so everyone can see the answers.

Peace and change,

~Zach Schuetz for the Helpdesk

Systems Maintenance Sunday, Feb 8th

During our regular maintenance window this Sunday, February 8th  we have the following activities scheduled:

 

  • Starting at 5am EST the Middlebury website, http://www.middlebury.edu, will be put into a read-only mode for approximately 5 hours for an upgrade. After the upgrade completes the site will be put into full read/write mode.
    • What’s available during this read-only period?: All publicly-accessible content on our website will be available.  Links will continue to work.  Drupal webforms are hosted on another site and can be accessed and edited as normal.
    • What’s not available during the read-only period?:  Commenting on news stories, content that requires logging in before viewing, content editing on the main Middlebury website.

 

  • The hosted Hyperion and Banner applications, including Banner INB and SSB, will be updated and unavailable between 8am and 9am EST. The development environments for those services will be unavailable between 9am and 10am EST.

 

  • Middfiles, which includes Orgs, all Classroom, and home directory folders, will be rebooted and unavailable for approximately 10 minutes starting at 8am EST.

 

  • The Exchange email environment will undergo resource reallocations impacting 8 servers. The email environment is sufficiently redundant that we expect no impact to availability during this maintenance.

 

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College

Middlebury, VT  05753

Wireless Enhancements

We’re working to replace and upgrade many of the existing wireless access points across Middlebury campus. You may see staff or contractors working with cabling and ladders in various buildings over the coming weeks.

We are upgrading to keep with the best wireless technology and address coverage or performance concerns. Along with entire building enhancements including McCardell Bicentennial Hall and Davis Family Library, the model we’re wholesale replacing is pictured here. If you see one of these, know that it will be replaced soon!
ap-61

Thanks for your patience and support as we strive to keep our systems functioning optimally!