We are applying security update to EOAS Email system. It will be in maintenance mode till ~11:45am July 14th.
Thanks for understanding.
We are applying security update to EOAS Email system. It will be in maintenance mode till ~11:45am July 14th.
Thanks for understanding.
Update March 10th: In the case you can't get connection for your email software, please do the following: check if webmail works. If it does, remove the email account and re-add it the in email software on all of the devices that you use.
Update 12pm March 9th. All Email services are back online. Please reset your pwd @ https://exchange2.eoas.ubc.ca
Update 9am March 9th. Waiting to have UBC's Email relays reconfigured for the final step. Then we are back to email-normal.
Update 12pm March 8th. New email server is live @ https://exchange2.eoas.ubc.ca with all data accessible. We are now waiting for Security Assessment from UBC IT. Once complete we will require everyone to log in once into https://exchange2.eoas.ubc.ca and reset their password.
As some of you may have heard in the news, attacks are occurring worldwide against Exchange servers and as such, all Exchange servers at UBC must be patched to protect against recent vulnerabilities identified by Microsoft.
As a security precaution, we will be taking our Exchange email server offline for a period of time beginning at 9pm tonight while the server is being patched and assessed. When the email service resumes, you will be prompted to reset your password.
We will keep you updated on any further action that may impact your access to email.
Thank you for your patience on this matter.
We would like to post some useful links for UBC Workday roll-out now that system is live.
Go-Live Checklist for Nov. 2 - https://irp.ubc.ca/sites/integrated-renewal.ubc.ca/files/images/Go-Live%20Checklist.pdf
Quick Reference Guide with Job Aids https://blogs.ubc.ca/ubcworkdayjobaids/
Delegating Tasks and Functions, step by step https://blogs.ubc.ca/ubcworkdayjobaids/archives/655
Translation Tool to convert Speed Charts/PGs to Worktags: https://finance.ubc.ca/tools/private/peoplesoft-chartfield-workday-fdm-worktags
Integrated Service Centre (Workday Help Desk) https://isc.ubc.ca/
Link and passcode to today's recording of today's demo:
Topic: Workday Overview: EOAS
Faculty and staff should be aware of these changes:
please register your CWL with:
Name, position, cwl name and software required
The new Exchange server includes a feature that you can use to change your password. You can access that feature by first going to your Exchange account using a web browser and visiting https://exchange.eoas.ubc.ca.
For instructions please follow the steps in this short YouTube video:
Useful guidelines for identifying Phishing => https://bit.ly/2NcPKSF
On Wednesday, May 30th at 9:00 am (PST), we will be updating our links so that course material is no longer served from arda.eos.ubc.ca.
If you have been accessing and posting course data on arda.eos.ubc.ca, please update your settings to use the new server koseu.eoas.ubc.ca. The location of your course files and the directory structure will remain the same. Your user name and password will be the same that you use when accessing your EOAS email account, i.e., to access course material on koseu.eoas.ubc.ca you will use the same user name and password as https://exchange.eoas.ubc.ca.
The operating system and applications on arda.eos.ubc.ca have been serving the department for many years. Over the last 18 months we have been working to identify replacement applications or move existing services to new homes so we can decommission arda.eos.ubc.ca. Moving course material from arda.eos.ubc.ca brings us one step closer to that goal.
This change does not impact or have any relation to Canvas (http://lthub.ubc.ca/guides/canvas/).
If your web pages refer to “arda.eos.ubc.ca”, there is a possibility they will need to be updated. Prior to the move and after the move occurs, we will scan the existing pages for outdated links and update pages as we discover them. However, automated tools are not perfect and some links may go undetected, if you discover a broken link please email email@example.com and we will prioritize those fixes in the queue.
We will be monitoring the help desk closely for the week and prioritizing any requests that come in requesting help as it relates to this change – if you have a question or identify a problem, email firstname.lastname@example.org and we will prioritize your request.
The files on arda.eos.ubc.ca will remain where they are for at least 30 days, however to avoid anyone accidently updating the old location after May 29th, we will block access to those files. In other words, if you try to access your files at the old location, access will be denied.
“Well, we’ll not risk another frontal assault. That rabbit’s dynamite” ~ Monty Python and the Holy Grail
A friendly reminder that the UBC’s campus license for Oracle MySQL Enterprise is expiring on April 30, 2018.
Please switch to another database product If you are still using Oracle MySQL Enterprise and don’t have any other license arrangement with Oracle. An option is MySQL Community Edition.
If you require further information, please visit the IT Service Catalogue (https://it.ubc.ca/services/web-servers-storage/database-administration-services/oracle-mysql *).
If you have any questions or concerns, please contact us on our webform (http://web.it.ubc.ca/forms/dba *)
Yesterday, a faculty member at UBC received a phone call at home from someone pretending to be a staff member from UBC IT offering to help check and update their computer. This is an example of a “Windows Tech Support” scam, where the cybercriminal is hoping to install malware onto your computer.
Please be vigilant when you receive unexpected phone calls from a number you do not recognize. EOAS IT and UBC IT will never phone you at home to provide check-ups and upgrades on your computer without reason.
If you receive a phone call from either UBC IT or EOAS IT that you did not expect, please refer that caller to your EOAS IT (Compstaff).
An update has been made to the mailing list application in the my.eos.ubc.ca portal:
There are still some outstanding features to be added:
The department's mail server has gone offline. The problem is being investigated.
Kanboard (track.eoas.ubc.ca), has been upgraded to the latest stable release, version 1.0.43). A list of the new features and fixes can be found at https://kanboard.net/news/version-1.0.43.
The helpdesk.eoas.ubc.ca web site was down due to problems with a battery in a UPS unit. The site's certificate has been renewed and several updates applied to the server.
A new development web site has been set up at dev.eoas.ubc.ca. This site is intended to support ongoing development in a safe area that will not conflict with our production web sites. This site is not world-accessible, interested parties from off-campus must first use the University's myvpn.ubc.ca service (and eos context), to connect to the internal University network.
On-campus locations in the Department of Earth, Ocean and Atmospheric sciences should already have access.
The migration is complete and we are running on one mail system again, the webmail interface at (webmail.eos.ubc.ca aka. “SquirrelMail”), is no longer capable of sending new email messages.
You can still log into the old interface, but if you attempt to send an email from there it will go undelivered. The old webmail interface has been kept active in order to provide a comparison point for anyone concerned about whether or not the migration process was successful -- in other words, if you completed the migration and thought something was missing, you could go back to the webmail.eos.ubc.ca interface and check.
Eventually, we will take down the old interface and retire that system, for now the system is still working, but it will not send any email messages. If you need a web-based interface to send email, please use the new system at https://exchange.eoas.ubc.ca.
If you have any questions or concerns, please contact us through the EOAS Help Desk by email at email@example.com or by visiting https://helpdesk.eoas.ubc.ca, click the New Ticket > Create A Ticket link.
The UBC mail relay service was directing some mail traffic to two unused mail servers that have been retired (earth.eos.ubc.ca and pika.eos.ubc.ca). The problem was fixed by UBC IT and the fix took hold at roughly 3:30 pm today. Some mailing list traffic and individual messages failed to deliver as a result of the problem.
The log file for www.eoas.ubc.ca was registering a number of autodiscover.xml missing entries:
The problem was traced to hub.eoas.ubc.ca, the autodiscover entries were entered with an upper-case "A", i.e., Autodiscover/Autodiscover.xml. The file has been updated and changes checked into git.
The help desk now contains a Recent changes section where up-to-date information on changes to the my.eos.ubc.ca web site will be published.
PDF 2.0 is an emerging standard created by Adobe Systems. The prior format, version 1.7, has been in place since 2008 so the new standard will bring sweeping changes. The new standard should be finalized in the first half of 2016.
The new standard will not directly impact anyone until Adobe and other vendors began to update and release new versions of their products, it is impossible to predict how and when compatibility challenges will emerge. When compatiblity becomes an issue, the EOAS IT approach is to address the immediate need, then begin a process and plan how to avoid compatbility being an issue in the futre.
The immediate need is usually as simple as "I need to read this document", and in a case like this we will usually opt to convert the document to a format that can be accessed so you can get on with your work quickly. The person helping you may opt to immediately upgrade or change your computer, perhaps you are dealing with a project where there will be a lot of documents and the problem might occur again and again very soon.
The long-term solution is to provide you with the application or tools necessary to avoid the same problem happening again. It starts with a request to the help desk, after the initial problem is reported and addressed, the EOAS IT team can evaluate our options, balance our priorities, and try to assess the potential impact to come up with a plan. The challenge is for us to balance priorities and manage the expectations of our user community so everyone is satisfied.
You can learn more about PDF 2.0 from the PDF Association's web site at https://www.pdfa.org/what-will-pdf-2-0-bring/
Please note that ArsTechnica, The Guardian, and several other news sites are hightlighting a new security threat that leverages a trick of character encoding to fool people into thinking they are clicking on a link to Apple's web site when the link is potentially another (malicious), web site. You can read the articles at:
If you own an Apple computer, you wil llikely receive periodic email from Apple.com. Please exercise caution when visiting any link that appears to be Apple.com and avoid downloading files or documents from Apple unless you are certain of the source.
Major browser vendors are working on a fix that will mitigate this particular attack vector.
If you believe you have been the victim of a phishing attack, please contact EOAS IT via email at firstname.lastname@example.org or by visiting our web site at https://helpdesk.eoas.ubc.ca.
If you are using a standalone version of Matlab and you need to renew your license:
If you experience any problems , please contact the help desk at email@example.com or through the help desk web site at helpdesk.eoas.ubc.ca.
Dear UBC Survey Tool user,
If you missed the UBC Survey Tool Community Engagement event on Wednesday, November 30, 2016, here is the link to the recorded session.
For the latest updates, please visit the UBC Survey Tool Updates page.
If you have any questions or concerns, please contact firstname.lastname@example.org or email@example.com.
Ransomware can be localized to target individual users or systems, or expanded to larger groups and even organizationally focused with the intent of paralyzing an organization. Recently, there have been a number of ransomware attacks that exploit unpatched vulnerabilities on servers connected to the internet, resulting in an attack against the entire organization,impacting all operations; in higher education this affected the ability to teach and do research. Some examples include the University of Calgary, San Francisco Municipal Transportation Agency, Hollywood Presbyterian Medical Centre, and Carleton University.
Below are some similarities and recommended solutions we have been able to draw between these recent organizational attacks:
1. Vulnerabilities are exploited to gain an initial foothold
We strongly encourage everyone to patch all networked systems; focus first on all internet facing servers, paying special attention to java-based servers as they are frequently targeted. If you require assistance in patching your servers, please contact your department’s IT Administrator. If you are unable to patch your server or get help from your department, please contact firstname.lastname@example.org.
2. Keyloggers are installed to steal administrative credentials, which are used to map network shares and deploy ransomware
For critical accounts that have control over multiple servers/systems (e.g. root, Administrator, etc.), use a privileged account manager that checks in and out the account, changing passwords for each usage. Privileged accounts should have limited access to only those who need it and used only when necessary. These accounts must not be used for checking email or web browsing or any other user related activity.
Anti-malware software must also be installed and kept up-to-date on all operating systems, such as Windows, Mac, and Linux.
3. Ransomware encrypts critical files needed for research, teaching or administrative activities.
Use network file shares that are backed up regularly (e.g Home Drive, Teamshare, or Workspace) for the storage of critical files. Keep backups off-line and accessible only via specific privileged accounts that have restricted usage.
In addition to the above recommendations, we strongly encourage everyone to review and ensure they have the latest patches for their servers.
November 23rd, UBC will begin blocking incoming network traffic from off campus for a range of network services.
This change will not impact email, web, SFTP, or the Department’s ownCloud service.
The majority of the services that will be blocked are no longer in use or were considered insecure for some time. One example of a service that will be blocked from off campus is print.
In this example, if you were printing from home to a printer here on campus in your office, after tomorrow’s change you will no longer be able to print directly to your office printer from home unless you establish a secure connection using UBC’s myDNS service and your account is configured for access.
A detailed article has been posted at the EOAS Help Desk knowledge base, this article is available to anyone who has already migrated, you can find this article by searching for "ports blocked at the UBC border"
If you require an exemption, for example if you are working with an external government institution that requires access to on campus resources using a service such as Remote Desktop Protocol (RDP), and you have not already contacted EOAS IT or UBC IT – contact us NOW, otherwise your connection may be interrupted.
If you have any questions or concerns, please submit a request through the my.eos.ubc.ca portal, or if you have migrated, you can email the EOAS IT Help Desk at email@example.com.
A number of people are reporting receiving emails from American Express with the Subject line: Please activate your Personal Security Key
These emails look legitimate but should be ignored. If you are an American Express card holder and have doubts about a communication coming from what looks like American Express, or believe you may have responded to one of these emails with your information, your best course of action is to contact American Express using the phone number on the back of the Credit Card.
A screen shot is included below.
As you may be aware, there was a recent denial of service (DDoS) attack that targeted DNS services offered by DynDNS (dyn.com), which resulted in sites and services interrupted for large companies including Paypal, Netflix, and Airbnb. According to press information, the botnet behind the attack leveraged flaws in a brand of smart cameras and DVRs (arstechnica.com/information-technology/2016/10/inside-the-machine-uprising-how-cameras-dvrs-took-down-parts-of-the-internet/).
The code used to exploit the flaw is now in the public domain. UBC and other institutions and companies are experiencing an increase of malicious traffic. The malicious traffic is targeting the University’s DNS servers and our networks are being scanned for insecure devices on port 23/TCP and 2323/TCP. In response, on November 2, 2016, the University will be blocking inbound traffic specific to ports 23 and 2323 for all UBC networks. Port 23/TCP is used by the application telnet (www.packetu.com/2012/04/17/whats-wrong-with-telnet/), and port 2323/TCP is designated as part of the 3d-nfsd protocol, however many vendors use that port as an alternative to port 23/TCP. I don’t expect this change will impact anyone in our department. If you use telnet or port 2323/TCP to access services on campus from an off campus location, you will need to start using UBC’s myVPN service.
If you are not sure how to use UBC’s myVPN service, please contact firstname.lastname@example.org or come drop-in to EOAS Main 113 and we can talk about what needs to be done.
A vulnerability called the DirtyCOW has been disclosed for all Linux systems. The vulnerability is especially problematic for multi-user systems, which allows local-user accounts to gain escalated privileges for the affected system.
This vulnerability has been assigned CVE-2016-5195. We recommend applying the latest patches to your Linux machine. A bulletin has also been created for this: http://bulletins.it.ubc.ca/archives/28072
For more information on this vulnerability, please review the following links:
Dropbox® recently confirmed that 68 million email addresses and password information were stolen from their database. UBC IT has received the list of credentials that were identified as associated with this breach. The IT Service Centre has sent out the notification below to these users yesterday.
From: UBC IT ITSC - Do Not Reply
Subject: 2012 Dropbox® Data Breach
This email was sent from an unmonitored mailbox. Please do not reply to it
Dear <email address>,
As you might have heard, Dropbox® recently confirmed that 68 million email addresses and password information were stolen from their database.
UBC IT has been notified that your UBC email address was identified as part of the list of credentials associated with this breach.
If you use the same password for “Dropbox” as you do for your CWL account or other UBC accounts, please reset your password(s) immediately and use a different password going forward to ensure the safety of your data and any UBC electronic information.
You can change your CWL password at myaccount . ubc . ca (this is a non-clickable link, please type this in your address bar without the spaces)
If you have any questions, please contact the UBC IT Service Centre at it . ubc . ca/helpdesk (this is a non-clickable link, please type this in your address bar without the spaces).
Manager, Service Centre
Information Technology | Engage. Envision. Enable.
The University of British Columbia
A bulletin has also been posted about this notification: hxxp://bulletins.it.ubc.ca/archives/28064. If you have been impacted by this breach, please update your password immediately.
Associate Director, Information Security Management, UBC
All Services back up and running as of 8:45pm. Happy Mailing!
UBC and the Faculty of Science has partnered with OnTheHub.com to offer faculty and staff access to Microsoft produces under an educational license.
You can use your CWL user name and password to access your free Windows 10 Education entitlement (and other products), by going to the Imagine Premium web site. Items such as Windows 10 Education (32/64 bit), are free of charge; you can download a Windows 10 Education DVD to upgrade your Windows 10 Home or earlier Windows operating system.
Faculty and staff are encouraged to take advantage of this offer as part of our ongoing effort to encourage everyone to encrypt their hard drive data. If you require help or have any questions, please email email@example.com.
Adobe will be hosting a Digital Campus Workshop for staff and faculty at UBC Point Grey campus on Thursday, October 13, 2016. The workshop will feature special presentations from Adobe and peer institutions from BC. Participants will receive tips on how to transform the way they communicate to their audience and will have the opportunity to share ideas and learn from colleagues on how they are using Adobe products.
Date: Thursday, October 13, 2016
Location: Michael Smith Laboratories (2185 East Mall), 101 Multipurpose Room
Time: 1pm to 5pm
Snacks and refreshments will be provided.
To learn more about the event and to RSVP, please click here. Please feel to forward this invitation to other staff and faculty that might be interested in attending this event.
On Friday, September 9, from 8:00 p.m. until 9:00 p.m. (PST), there will be one or more brief outages of IMAP service and web-based email interface for the new mail environment.
The web-based interface, https://exchange.eoas.ubc.ca, will be restarted to make several adjustments to the settings. It requires anywhere from three to five minutes for the web server to properly close connections and restart, if you attempt to access the web page during the restart you may get a "page not found" message.**
We have been gathering data this week as more and more people migrate to the new environment. The IMAP settings, which the majority of our community use to connect, has received the greatest scrutiny and so we will be making adjustments there for performance and load. During the maintenance window, you may receive an error message when attempting to access a folder. If you see an error I suggest something the kids these days call Netflax, it delivers entertainment content via the FaceGoogle Tubes that cover the entire planet in something called the IntraWeb Highway.
Once the maintenance window is complete and you have finished a marathon session of Stranger Things, if you find either the web-based interface or IMAP are not working, please contact us by emailing firstname.lastname@example.org.
Have a very happy Friday!
** Did you know that Chrome contains a hidden game? The next time you receive the "Unable to connect to the Internet" error in Chrome and see a T-Rex standing there, try clicking the space bar. The T-Rex will bounce and the game will begin.
The outgoing mail server, ssmtp.eos.ubc.ca, went offline earlier this morning and those people who are on the old email server could not send email. As of 9:15 AM this morning, September 8th, the outgoing mail service has been restored for anyone using the old mail server.
The new mail server, exchange.eoas.ubc.ca, was unaffected.
A new article has been posted to the knoweldge base that explains how to add your EOAS account to your iOS, i.e., iPhone or iPad, device.
Dear Colleagues, I am emailing you to announcement that the Department of Earth, Ocean and Atmospheric Sciences now offers a file synchronization and sharing platform called ownCloud. Many of you are familiar with ownCloud and possibly have your own server or use ownCloud somewhere else. The widespread demand for ownCloud, coupled with the challenges of using UBC's Workspace solution has prompted me to offer a service for everyone in the department that is managed by EOAS IT. If you have your own server running ownCloud this will not affect your server, however you may want to discuss a migration to this server. To access the department's ownCloud server you need to migrate your email account as per the announcement made earlier this week (referenced at https://helpdesk.eoas.ubc.ca/news/posts/new-email-system-launch). Once you have your EOAS user name and password and have completed the migration process, you can access ownCloud at https://owncloud.eoas.ubc.ca. This service is a direct response to requests made by you, our user community. Over the next few days additional information will be posted on our knowledge base web site with steps to install the ownCloud desktop client on Windows, Mac, and Linux operating systems. If you have any questions or concerns about this service, please contact us at email@example.com or email me directly at firstname.lastname@example.org. Thank you, Tom Yerex. "Wax on, wax off." ~ Pat Morita as Mr. Miyagi in The Karate Kid (1984)