System Change - March 2002

CIS Unix system 'Hopper' will be removed from service on Monday April 1, 2002. Hopper went into service in November of 1994 and is currently our oldest (and slowest) system.

Hopper's removal should not impact normal use of the CIS Unix systems. Mail sent to user@hopper.unh.edu will continue to be delivered as before. One of the other CIS Unix systems will take over Hopper's internet address so that users who are hardwired to use hopper.unh.edu will be automatically directed to another system.

Turing, a Dell PowerEdge 6450 server running the Linux operating system, will be available on or around April 1 to take Hopper's place. All the popular applications and services available on Hopper will also be on Turing.

[For programmers: Turing has a different CPU architecture than Hopper, Hypatia, and Alberti, so code compiled from C/C++/Fortran/etc. will not run on Turing. Perl and shell scripts should be fine.]

Questions/comments/suggestions on issues related to Hopper's shutdown or Turing's introduction should be directed to the CIS Unix system administrators: sysman@cisunix.unh.edu

AudioGalaxy/FTP problems - March 15, 2002 CIS has received several reports from clients who are experiencing problems with using AudioGalaxy. This statement explains the situation. A planned network security upgrade documented at http://www.unh.edu/cis/notices/security_updates.html corrected a security problem associated with incorrect implementations of FTP services. AudioGalaxy uses FTP as its transfer mechanism. However, it fails to comply with standard FTP practices and for that reason it does not successfully negotiate its way past the upgraded UNH Internet security systems.

This is the same issue that caused the problem with QVT-FTP as documented at the above URL. These programs fail to comply with recommended best practices, and therefore are not compatible with the UNH’s security architecture. Recent upgrades to that architecture prevented these applications from establishing connections, as these upgrades prevent certain historic FTP exploits. Any program that fails to implement the standard FTP protocol can create network traffic that appears to be very similar to these exploits.

The upgrades, while necessary, were delayed as long as possible to enable the UNH user community to migrate to an alternative FTP program. However, recent malicious activities that threatened the UNH network required that the upgrade be completed and finalized. While AudioGalaxy was not specifically targeted when these upgrades were implemented, services for this product cannot be restored as long as the product has the problematic implementation of FTP.

Effective February 28, 2002, an upgrade to network security will occur. The QVTTerm FTP client will no longer work as it uses random port connections for data transfer (see the February publication of Signals). All current users of QVT FTP should switch over to WS_FTP LE, a user friendly alternative that is compatible with the new configuration. For a step-by-step walk-through installation of WS FTP LE, please visit http://www.unh.edu/tech-services/wsftpinst.html. FTP clients such as Dream Weaver, Fetch, and Front Page already are compatible. The Telnet component of QVTTerm is not impacted. Please call the Help Desk Call and Dispatch Center at 2-4242 if you have any questions or concerns.