SysBlog - Div III Networks - “what’s happening in our local ether”

There are currently two ways (web addresses) for getting to the Groupwise Web client: gwweb.smith.edu and gwwebs.smith.edu (notice the “s” on gwweb - it stands for secure!). While they both work fine, you’ll notice three important differences at gwwebs.smith.edu.

1. It is somewhat slower to bring up the initial page
2. It will ask you to accept a “certificate” before you connect the first time (Tell it to accept “permanently”)
3. Your web browser will show that you have a “secure connection” (just like purchasing an item on Amazon.com)

What a secure connection (or SSL) means to you is that your connection is encrypted. This means your username and password are encrypted before leaving your computer and flying across the internet where any “bad guy” could be sniffing for them.

In the future, ONLY encrypted connections will be allowed to Groupwise Web, but right now, it’s your choice. Because we STRONGLY feel that passing your password in clear text is a VERY BAD IDEA, we are changing the link on the Science Center home page to go to the secure connection. It’s a minor inconvenience that could protect the security of everything you do on the internet.

If you’ve got questions, let us know!

• Comments Off

Background - Changes in FTP

FTP is a file transfer program that allows you to copy files between computers that support the protocol. In the Science Center, we currently have FTP working on “websci” (our webserver) and “science” (the Novell server that provides your H: drive).

FTP is an insecure service; it passes everything you type, including your username and password in cleartext over the internet. We’ve known this for years of course, but for various reasons could not quite justify shutting off the services. However today there are secure alternatives to FTP, so you can replace it without any problem. For that reason, beginning on June 1, 2007, we will disable all unencrypted/unsecured ftp services on websci and science.

How does this affect you? Probably many of you have never used FTP and can continue that! For those of you who do use it, here are your alternatives:

FTP on websci

If you currently use FUGU (on the Macintosh), you should be all set. Fugu uses only the Secure FTP protocol (SFTP). Another common Mac FTP client is Fetch. Fetch will use Secure FTP if directed.

If you now use WS_FTP on windows, you will need to quit using that and switch to a secure shell file transfer client. One is already located in your Start menu under “Programs/Internet/Secure Shell File Transfer.” The program is very similar to WS_FTP: you connect to the remote computer using your username and password, then you drag and drop files between the two windows. An very similar alternative is to use CoreFTP (see below under “FTP on science”).

If you use Macromedia Dreamweaver to edit your webpages, it already supports SFTP so you may need to do nothing, or simply edit your server configuration. CATS can help walk you through the steps if you need help.

If you use Macromedia Contribute, it also supports SFTP. Again we can help you with that if it’s not already setup correctly. Older versions of Contribute may not support SFTP; in that case we advise an upgrade.

FTP on science

The easiest method of moving files to/from Science is to skip FTP altogether and go to the science web page, click on Web Services (at the top) and read about NetStorage and NetDrive! Really, if you need to copy files to and from, say your home PC, and SCIENCE, you should use the above programs; they are much better (and more secure) than FTP.

If you must use FTP, we have enabled an SSL-encrypted FTP on Science, and have a free client called “coreFTP” available on the “software downloads” page on the science website. Instructions are on the webpage, but we are also available to help configure coreFTP. Note: coreFTP can also be used as an SFTP client with “websci”.

• Comments Off