If you are using Microsoft's Internet Explorer as your primary browser, you might want to make sure that you are using version 8 and that it is fully patched.
There is a new exploit of Internet Explorer that has been demonstrated, however it seems to only work on older versions of the browser. By updating now, you can protect yourself from this latest risk.
You can get the latest version from Microsoft here.
Tuesday, November 24, 2009
Friday, October 16, 2009
'Mrs. Brady' turns 'cybermom' to help seniors tackle tech - CNN.com
'Mrs. Brady' turns 'cybermom' to help seniors tackle tech - CNN.com
I read this article on CNN and thought it was great. I've done both regular support and pro bono work helping elderly and mentally disabled or injured people keep in touch with their families via the Internet and it's such a great and inexpensive (compared to traditional long-distance phone calls) way to stay in touch.
I always say that "technology should work for you", most people who are intimidated by computers and email usually think that it's complicated, however it can be set up to be as straightforward and easy as making a phone call with a speed-dialer... if someone will just take the time to help them get started it goes from something intimidating to a wonderful way to keep in touch with family and friends, especially when mobility is an issue.
I read this article on CNN and thought it was great. I've done both regular support and pro bono work helping elderly and mentally disabled or injured people keep in touch with their families via the Internet and it's such a great and inexpensive (compared to traditional long-distance phone calls) way to stay in touch.
I always say that "technology should work for you", most people who are intimidated by computers and email usually think that it's complicated, however it can be set up to be as straightforward and easy as making a phone call with a speed-dialer... if someone will just take the time to help them get started it goes from something intimidating to a wonderful way to keep in touch with family and friends, especially when mobility is an issue.
Wednesday, October 14, 2009
Adobe Patches and FaceBook Hacks
Adobe - Security Bulletin APSB09-15 Security Updates Available for Adobe Reader and Acrobat
Both Adobe and Microsoft released critical patches yesterday, and we are seeing widespread exploitation in the wild of the Adobe exploits. In fact, NetworkWorld is reporting that some FaceBook apps have been compromised and are using the Adobe exploit to take over FaceBook users’ computers.
Be sure to hit both Adobe and Microsoft’s sites and update your machine to the current version so that you don’t end up a statistic!
Both Adobe and Microsoft released critical patches yesterday, and we are seeing widespread exploitation in the wild of the Adobe exploits. In fact, NetworkWorld is reporting that some FaceBook apps have been compromised and are using the Adobe exploit to take over FaceBook users’ computers.
Be sure to hit both Adobe and Microsoft’s sites and update your machine to the current version so that you don’t end up a statistic!
Wednesday, August 26, 2009
Order Mac OS X Snow Leopard Today!
Apple - Mac OS X Snow Leopard - The world’s most advanced OS
Just a quick reminder that Apple is releasing Snow Leopard on Friday. If you order today you can have it delivered on Friday and avoid the lines at the Apple store.
Just a quick reminder that Apple is releasing Snow Leopard on Friday. If you order today you can have it delivered on Friday and avoid the lines at the Apple store.
Thursday, July 9, 2009
Ubiquitous Danger - URL Shorteners
Spammers exploiting trust in shortened URLs - SC Magazine US
The above article in SC Magazine describes how malicious coders are taking advantage of the public's trust of URL shortening services like TinyURL and DwarfURL in order to deliver exploits to your machine. Part of the reason this is successful is that security software generally "trusts" the shortened URLs and doesn't block them or warn you about them.
This is actually a great example of how you have to be vigilant in all aspects of your computer use. It is unwise to "trust" anything that is sent to you unless you know exactly what it is and it was something that you were expecting. (I know I am like a broken record with this to my frequent readers, however it is important and true!)
Because useful tools like these URL shorteners can be used to obfuscate malicious links, and because we're getting used to seeing these short URLs on a regular basis, it is a perfect storm for spammers, virus/worm writers, and criminals who want to obtain and exploit personal information, they couldn't ask for a better tool to help them get what they need!
So remember, the next time you get a shortened URL in your email or IM program, think twice before clicking it, you never know where it might lead.
The above article in SC Magazine describes how malicious coders are taking advantage of the public's trust of URL shortening services like TinyURL and DwarfURL in order to deliver exploits to your machine. Part of the reason this is successful is that security software generally "trusts" the shortened URLs and doesn't block them or warn you about them.
This is actually a great example of how you have to be vigilant in all aspects of your computer use. It is unwise to "trust" anything that is sent to you unless you know exactly what it is and it was something that you were expecting. (I know I am like a broken record with this to my frequent readers, however it is important and true!)
Because useful tools like these URL shorteners can be used to obfuscate malicious links, and because we're getting used to seeing these short URLs on a regular basis, it is a perfect storm for spammers, virus/worm writers, and criminals who want to obtain and exploit personal information, they couldn't ask for a better tool to help them get what they need!
So remember, the next time you get a shortened URL in your email or IM program, think twice before clicking it, you never know where it might lead.
Thursday, July 2, 2009
Worm Alert - Waledac
Waledac worm targeting July 4 spam offensive | Security - CNET News
Security firms are warning about a worm that is spreading by fooling people into clicking on links that have to do with the 4th of July. The CNET article above has some details.
Remember that it is never a good idea to open any unexpected links or attachments that are sent to you in email, even if they appear to be from a source you know and trust. It is always safest to delete any unexpected links or attachments, if they are legitimate you can always call the sender and ask them to send them again!
Stay safe this weekend!
Security firms are warning about a worm that is spreading by fooling people into clicking on links that have to do with the 4th of July. The CNET article above has some details.
Remember that it is never a good idea to open any unexpected links or attachments that are sent to you in email, even if they appear to be from a source you know and trust. It is always safest to delete any unexpected links or attachments, if they are legitimate you can always call the sender and ask them to send them again!
Stay safe this weekend!
Tuesday, June 23, 2009
Passwords
Password security is something that is obviously important, yet I'm surprised that even though this is common knowledge, a lot of people don't take enough precautions when it comes to protecting their passwords. In this post I'm hoping to provide some tips that will make it easier to protect your important passwords.
Everyone knows the common places to find passwords; under the keyboard, on a Post-It stuck to the monitor, under the desk blotter, in the desk drawer, and my personal favorite, the list of passwords taped to the front of the laptop (I mean, really, what's the point of putting a password on your laptop if you're going to tape it to the front of it?)
The same people who have "ASK FOR ID" emblazoned on the back of their credit card and who would never even consider writing their ATM pin number on the back of their ATM card don't seem to hesitate a moment when it comes to keeping a list of passwords in their wallet.
My first piece of advice is to come up with one password that is a combination of numbers, letters, and symbols that is next to impossible to guess. Even better, come up with a "passphrase", a passage from a book, an obscure quote, or any phrase that is longer than the traditional password. Passwords and passphrases should be as obscure as possible in general, and if you can come up with one really good password/phrase that you are sure to remember, then you can secure the rest of your passwords easily.
What you need to do is set up an encrypted password database application, if you're a Mac user you already have one (the Keychain) and all that you need to do is set up your password/passphrase on your Mac, open the Keychain, and use the "Secure Notes" section to track your passwords. If you have a PC, you can download several applications that will encrypt files. The one I recommend is Oubliette (the project is no more, but the program is still there for download). Simply install the program and create a new file that is encrypted with your password/phrase. Store all your passwords in this file and you don't have to worry about either losing them or having prying eyes obtain them.
Most modern cell phones also come with a "password keeper" application that stores your passwords in an encrypted database, while this can be convenient, unless you have a tried and true method to back up your cell phone and restore this database if the phone is lost, it's probably not the best place to keep your passwords.
By keeping your passwords in an encrypted file you have the convenience of having them handy and all in one place without the possibility that anyone who wanders into your office can read them off your desk.
Everyone knows the common places to find passwords; under the keyboard, on a Post-It stuck to the monitor, under the desk blotter, in the desk drawer, and my personal favorite, the list of passwords taped to the front of the laptop (I mean, really, what's the point of putting a password on your laptop if you're going to tape it to the front of it?)
The same people who have "ASK FOR ID" emblazoned on the back of their credit card and who would never even consider writing their ATM pin number on the back of their ATM card don't seem to hesitate a moment when it comes to keeping a list of passwords in their wallet.
My first piece of advice is to come up with one password that is a combination of numbers, letters, and symbols that is next to impossible to guess. Even better, come up with a "passphrase", a passage from a book, an obscure quote, or any phrase that is longer than the traditional password. Passwords and passphrases should be as obscure as possible in general, and if you can come up with one really good password/phrase that you are sure to remember, then you can secure the rest of your passwords easily.
What you need to do is set up an encrypted password database application, if you're a Mac user you already have one (the Keychain) and all that you need to do is set up your password/passphrase on your Mac, open the Keychain, and use the "Secure Notes" section to track your passwords. If you have a PC, you can download several applications that will encrypt files. The one I recommend is Oubliette (the project is no more, but the program is still there for download). Simply install the program and create a new file that is encrypted with your password/phrase. Store all your passwords in this file and you don't have to worry about either losing them or having prying eyes obtain them.
Most modern cell phones also come with a "password keeper" application that stores your passwords in an encrypted database, while this can be convenient, unless you have a tried and true method to back up your cell phone and restore this database if the phone is lost, it's probably not the best place to keep your passwords.
By keeping your passwords in an encrypted file you have the convenience of having them handy and all in one place without the possibility that anyone who wanders into your office can read them off your desk.
Monday, June 22, 2009
Optimize Your WiFi
There are a lot of settings in the modern wireless router that most people just ignore. I've mentioned MAC address filtering in a prior article, and today I'd like to discuss the channel setting.
You can think about the channel setting on your router much like a channel setting on an old analog television set or radio. In WiFi you have channels (ranging from 1 to 11), and just like when you are driving a long distance and you get an overlap when you are in between radio stations, if your WiFi is on a channel that is the same or close to a nearby hotspot or router, you will get the same interference that a radio will, receiving two stations at once or switching back and forth between the two. This can affect your bandwidth and connectivity.
So how do you know what channel is best for your WiFi network? Generally you can assume that if there are other wireless networks nearby that you'll need to change this from the default setting. One way to find out what channel is best is to use a free product like NetStumbler (for PC) or iStumbler (for the Mac). Running these will show you the nearby networks and what channels they are on. You will want to choose a channel as far away from the ones that show up on the stumbler as possible, so if you see a lot of folks on channel 6, setting yours to 1 or 11 is a good bet. If there are a lot of people on channels 1 and 2, then go to channel 11.
By setting your WiFi to the right channel you can dramatically improve your network reliability and often times this will resolve "mystery" issues with your wireless network.
You can think about the channel setting on your router much like a channel setting on an old analog television set or radio. In WiFi you have channels (ranging from 1 to 11), and just like when you are driving a long distance and you get an overlap when you are in between radio stations, if your WiFi is on a channel that is the same or close to a nearby hotspot or router, you will get the same interference that a radio will, receiving two stations at once or switching back and forth between the two. This can affect your bandwidth and connectivity.
So how do you know what channel is best for your WiFi network? Generally you can assume that if there are other wireless networks nearby that you'll need to change this from the default setting. One way to find out what channel is best is to use a free product like NetStumbler (for PC) or iStumbler (for the Mac). Running these will show you the nearby networks and what channels they are on. You will want to choose a channel as far away from the ones that show up on the stumbler as possible, so if you see a lot of folks on channel 6, setting yours to 1 or 11 is a good bet. If there are a lot of people on channels 1 and 2, then go to channel 11.
By setting your WiFi to the right channel you can dramatically improve your network reliability and often times this will resolve "mystery" issues with your wireless network.
Friday, June 19, 2009
Beware Fake Twitter Email!
There are a lot of reports of a mass-email worm going around pretending to be a Twitter invite. Articles on this can be found here, here, and here. This has been going on for some time now, and the fact that it hasn't been eradicated yet means that you should be extra cautious in your Internet browsing.
The only real way to protect yourself from this worm is to either not use the web browser version of Twitter (using a client loaded on your computer instead) or by disabling java on your browser (which will affect other, non-Twitter, sites). If you must use Twitter, I'd recommend accessing it via an application on your phone or installing a client (like Tweetdeck) and avoiding using your browser for Twitter access.
As more and more of these social networking sites become popular, it will be very important for the companies and/or individuals who run these sites to be proactive about addressing security issues before their users become infected. This current worm is an example of how important it is to be aware that you can't rely on the services you use to protect you from viruses, worms, and malware, you need to be proactive and careful no matter what system you are accessing.
Lastly, I always tell everyone that I discuss email security with that if you receive an email and you weren't expecting it, don't open it. If it was legitimate you can always contact the sender and ask them to re-send it. Email is not a secure application and there is no way to tell if the person an email appears to be from is actually the party that sent it. When it comes to email, it is always better safe than sorry.
The only real way to protect yourself from this worm is to either not use the web browser version of Twitter (using a client loaded on your computer instead) or by disabling java on your browser (which will affect other, non-Twitter, sites). If you must use Twitter, I'd recommend accessing it via an application on your phone or installing a client (like Tweetdeck) and avoiding using your browser for Twitter access.
As more and more of these social networking sites become popular, it will be very important for the companies and/or individuals who run these sites to be proactive about addressing security issues before their users become infected. This current worm is an example of how important it is to be aware that you can't rely on the services you use to protect you from viruses, worms, and malware, you need to be proactive and careful no matter what system you are accessing.
Lastly, I always tell everyone that I discuss email security with that if you receive an email and you weren't expecting it, don't open it. If it was legitimate you can always contact the sender and ask them to re-send it. Email is not a secure application and there is no way to tell if the person an email appears to be from is actually the party that sent it. When it comes to email, it is always better safe than sorry.
Thursday, June 18, 2009
'Golden Cash' botnet-leasing network uncovered | Security - CNET News
'Golden Cash' botnet-leasing network uncovered | Security - CNET News
I'm often asked (usually after cleaning up a worm or virus) what motivates people to write malicious computer code. Back in the day, writing a computer virus was akin to graffiti; the author did it to gain notoriety and the respect of his peers. However in recent years it has become big business, and this CNET article does a great job of explaining the motivation behind the modern virus writer.
Gaining control of your computer is big business, and this is why it is so important to take the security of your computer and network seriously. Change those default passwords and read up on these other articles to make sure that your network is safe.
I'm often asked (usually after cleaning up a worm or virus) what motivates people to write malicious computer code. Back in the day, writing a computer virus was akin to graffiti; the author did it to gain notoriety and the respect of his peers. However in recent years it has become big business, and this CNET article does a great job of explaining the motivation behind the modern virus writer.
Gaining control of your computer is big business, and this is why it is so important to take the security of your computer and network seriously. Change those default passwords and read up on these other articles to make sure that your network is safe.
Wednesday, June 17, 2009
Google considers request to boost privacy | Security - CNET News
Google considers request to boost privacy | Security - CNET News
The above article on CNET is a good reminder that setting up encryption on your Gmail account is something that you have to do manually or in your settings, it is not on by default.
When you connect to Gmail be sure to either use the secure URL https://www.gmail.com (instead of http://www.gmail.com, note the https), or go into your options and select "Always use https".
It is important to encrypt your email connection, especially when you are on a wireless network. You don't want strangers (or worse) reading your email off the network!
The above article on CNET is a good reminder that setting up encryption on your Gmail account is something that you have to do manually or in your settings, it is not on by default.
When you connect to Gmail be sure to either use the secure URL https://www.gmail.com (instead of http://www.gmail.com, note the https), or go into your options and select "Always use https".
It is important to encrypt your email connection, especially when you are on a wireless network. You don't want strangers (or worse) reading your email off the network!
Thursday, June 11, 2009
Microsoft Updates and Adobe Acrobat Vulnerability
On tuesday we saw Microsoft release several patches to their Operating Systems, and Adobe has released a patch to address a critical vulnerability in its Acrobat Reader program.
With these critical updates needing to be applied, it might be a good time to check and make sure that all your programs are up to date. On a windows machine Windows Update or Microsoft Update will do the trick, and if you used the default settings on your installation of Adobe Reader, it should automatically update as well. If you're on a Mac, you can run the software update from the Apple menu and pull down the new Safari version.
Remember, it's always a good idea to set your computer to auto-update and leave it on overnight every Tuesday... this ensures that you get updates as they come out.
With these critical updates needing to be applied, it might be a good time to check and make sure that all your programs are up to date. On a windows machine Windows Update or Microsoft Update will do the trick, and if you used the default settings on your installation of Adobe Reader, it should automatically update as well. If you're on a Mac, you can run the software update from the Apple menu and pull down the new Safari version.
Remember, it's always a good idea to set your computer to auto-update and leave it on overnight every Tuesday... this ensures that you get updates as they come out.
Tuesday, June 9, 2009
Microsoft Outlook 2007 Update
Microsoft released a new patch today that can have some unexpected consequences on installation. After applying this mandatory patch your Outlook may experience a long delay the first time that it opens as it updates your email archive files.
Microsoft really needs to do a better job in letting their users know about things like this ahead of time. Depending on how many archives you have and how big they are opening Outlook after this patch can take upwards of half an hour... very inconvenient if you were just expecting a quick reboot, ans surely a pain if you expected to start up a patched computer in the morning and get to work.
If you haven't applied the update yet, I recommend setting aside some time to do it and then opening Outlook and letting it run overnight to avoid staring at a "Preparing Outlook for first use" message for half an hour.
Microsoft really needs to do a better job in letting their users know about things like this ahead of time. Depending on how many archives you have and how big they are opening Outlook after this patch can take upwards of half an hour... very inconvenient if you were just expecting a quick reboot, ans surely a pain if you expected to start up a patched computer in the morning and get to work.
If you haven't applied the update yet, I recommend setting aside some time to do it and then opening Outlook and letting it run overnight to avoid staring at a "Preparing Outlook for first use" message for half an hour.
Friday, May 29, 2009
Google Wave Preview
Google Wave Preview
Ok this is too cool. Google Wave is the future of collaboration and communication... you have got to check out the video at the above link.
Basically, Google Wave allows real time collaboration and communication via a web browser. Just think about all the different applications you currently need to collaborate via the web; an application to create the document with (like a word processor), some kind of collaboration application like WebEx or GoToMeeting, a plug-in or third-party application to allow the application to communicate to the collaboration tool, some kind of permission control to provide security, etc... With Google Wave you do all this via your browser, and it all updates in real time.
Mark my words, this application is as big a step forward as email or the Internet. This is huge!
Ok this is too cool. Google Wave is the future of collaboration and communication... you have got to check out the video at the above link.
Basically, Google Wave allows real time collaboration and communication via a web browser. Just think about all the different applications you currently need to collaborate via the web; an application to create the document with (like a word processor), some kind of collaboration application like WebEx or GoToMeeting, a plug-in or third-party application to allow the application to communicate to the collaboration tool, some kind of permission control to provide security, etc... With Google Wave you do all this via your browser, and it all updates in real time.
Mark my words, this application is as big a step forward as email or the Internet. This is huge!
Thursday, May 14, 2009
Google Experiencing Latency, so Internet Experiencing Latency
Google is currently experiencing a lot of latency for some reason, and as many, many sites on the Internet rely on Google for either search or analytics, a lot of websites are loading slow as a result. If you're currently having issues with your Internet connection, this may be the culprit! I'll post more information here as I get it...
Monday, May 4, 2009
PC Maintenance
One of the services that my PC clients most often request is the "tune up". There's actually not a whole lot to PC maintenance, and anyone can do it if they have the inclination and a bit of time to spare.
The first thing I do is open up the computer management console. The easiest way to do this is to right click on the My Computer icon (either on your desktop or on the Start button) and choose "Manage" from the menu. The management console gives you access to all kinds of information about your computer, and at the moment we are interested in the Event Viewer. The viewer lets you look at your computer logs. I usually give the logs a brief glance and make sure that there aren't any glaring issues that need to be addressed. The logs may show a lot of informational alerts, and these are generally fine, we're more concerned about errors (red) and warnings (yellow). If you see a lot of these they could be an indicator that there's a problem, most of the time, if your machine is set up correctly, there will not be many. If you do have a lot of errors or warnings, you may want to look at those and resolve them prior to doing any maintenance.
Once this is done, update your anti-virus and anti-malware scanners and then use them to run a full scan on the system. The next thing to do is to run Microsoft Update and make sure that you have all the patches to date.
Now that your system is patched and clean, reboot it (if it hasn't already been rebooted in the patching process), and then open up the My Computer icon by double clicking on it then right-click on your first hard drive and choose "Properties". Click on the disk cleanup button and check off all the boxes except the compress files box. Unless your hard drive is close to full and you are in dire need of space, compression is just going to slow things down.
This next paragraph is for users running XP and earlier versions of Windows, Vista takes care of defragmenting on its own.
Once you've cleaned out all the junk, click on the "Tools" tab and then choose "Defragment Now". One of the most common misconceptions people have about PCs running XP is that they should be defragmented on a regular basis. In reality, you really only need to defragment your drive when the computer tells you to, and defragmenting more often than that causes unnecessary wear and tear on your hard drive. To find out if your disk needs to be defragmented, have the computer analyze the drive, it will tell you if it requires defragmenting. If it does, remember that you should have at least 25% free space on your hard drive, otherwise it will take a long time to defragment it and it's likely that some files will be too large to successfully defrag.
With the above maintenance performed monthly, you can keep your PC humming along!
The first thing I do is open up the computer management console. The easiest way to do this is to right click on the My Computer icon (either on your desktop or on the Start button) and choose "Manage" from the menu. The management console gives you access to all kinds of information about your computer, and at the moment we are interested in the Event Viewer. The viewer lets you look at your computer logs. I usually give the logs a brief glance and make sure that there aren't any glaring issues that need to be addressed. The logs may show a lot of informational alerts, and these are generally fine, we're more concerned about errors (red) and warnings (yellow). If you see a lot of these they could be an indicator that there's a problem, most of the time, if your machine is set up correctly, there will not be many. If you do have a lot of errors or warnings, you may want to look at those and resolve them prior to doing any maintenance.
Once this is done, update your anti-virus and anti-malware scanners and then use them to run a full scan on the system. The next thing to do is to run Microsoft Update and make sure that you have all the patches to date.
Now that your system is patched and clean, reboot it (if it hasn't already been rebooted in the patching process), and then open up the My Computer icon by double clicking on it then right-click on your first hard drive and choose "Properties". Click on the disk cleanup button and check off all the boxes except the compress files box. Unless your hard drive is close to full and you are in dire need of space, compression is just going to slow things down.
This next paragraph is for users running XP and earlier versions of Windows, Vista takes care of defragmenting on its own.
Once you've cleaned out all the junk, click on the "Tools" tab and then choose "Defragment Now". One of the most common misconceptions people have about PCs running XP is that they should be defragmented on a regular basis. In reality, you really only need to defragment your drive when the computer tells you to, and defragmenting more often than that causes unnecessary wear and tear on your hard drive. To find out if your disk needs to be defragmented, have the computer analyze the drive, it will tell you if it requires defragmenting. If it does, remember that you should have at least 25% free space on your hard drive, otherwise it will take a long time to defragment it and it's likely that some files will be too large to successfully defrag.
With the above maintenance performed monthly, you can keep your PC humming along!
Thursday, April 30, 2009
Adobe Reader Vulnerability
The latest Adobe vulnerability that was announced on Tuesday is now being exploited in the wild. CERT recommends that JavaScript be disabled until Adobe patches the software.
To disable javascript in your Adobe reader software, go to Edit -> Preferences and under Categories select JavaScript. Remove the check from the "Enable Acrobat JavaScript" box.
Once Adobe releases a patch and your system has been updated, you can re-check this box.
To disable javascript in your Adobe reader software, go to Edit -> Preferences and under Categories select JavaScript. Remove the check from the "Enable Acrobat JavaScript" box.
Once Adobe releases a patch and your system has been updated, you can re-check this box.
Tuesday, April 28, 2009
McAfee launches free online cybercrime help center | Security - CNET News
McAfee launches free online cybercrime help center | Security - CNET News
CNET is reporting that Network Associates has announced they are opening a free cybercrime help center. The McAfee Cybercrime Help Center is being touted as a first-stop if you believe that your computer has been compromised by a virus, worm, or other malware.
I'm sure that this tool will be an excellent resource for McAfee to track trends in computer viruses and identity theft schemes, so it's no surprise that it's free, and I'd suspect that they will also be collecting marketing information from people who visit the site and complete their "assessement", however it's nice to see a company working with end-users to identify new threats and potentially track and resolve cybercrime related issues.
While the help center is free, it will be interesting to see if the solutions are entirely free... and what effect this new tool will have in the world of computer security software firms. Personally, I think that this is the first sign of a change in how companies like Network Associates and Symantec approach computer protection... it's obvious to me that user education is the only truly effective tool in the fight against cybercrime. Perhaps we're seeing a shift to a focus on training instead of merely relying on technical prevention?
CNET is reporting that Network Associates has announced they are opening a free cybercrime help center. The McAfee Cybercrime Help Center is being touted as a first-stop if you believe that your computer has been compromised by a virus, worm, or other malware.
I'm sure that this tool will be an excellent resource for McAfee to track trends in computer viruses and identity theft schemes, so it's no surprise that it's free, and I'd suspect that they will also be collecting marketing information from people who visit the site and complete their "assessement", however it's nice to see a company working with end-users to identify new threats and potentially track and resolve cybercrime related issues.
While the help center is free, it will be interesting to see if the solutions are entirely free... and what effect this new tool will have in the world of computer security software firms. Personally, I think that this is the first sign of a change in how companies like Network Associates and Symantec approach computer protection... it's obvious to me that user education is the only truly effective tool in the fight against cybercrime. Perhaps we're seeing a shift to a focus on training instead of merely relying on technical prevention?
Monday, April 27, 2009
Back It Up
In both Vista and OS X it is now extremely easy to create a backup of your files. Additionally, the cost of large external hard drives has dropped so low that even in this economy most people can afford to purchase half a terabyte or more of external drive space. Despite these facts, the percentage of people who back up their home computer is still very, very low.
I think most of my readers would agree that the time to find out that you need to back up your files is not after you've experienced a hardware failure. However those are exactly the circumstances under which many of the users that I interact with on a daily basis will eventually come to this discovery. Every time I sign up a new client I advise them to implement a backup system that, at a minimum, backs up their important files weekly, and only 10% of them take this advice to heart, even after years of continued admonitions regarding the risks of not keeping backups.
So, to keep you from becoming another statistic for me to blog about, here is a quick and easy guide to backing up your computer:
Macintosh OS X
The Leopard version of OS X includes about the simplest backup system in the world, Time Machine. To keep your Mac backed up, all you need to do is buy an external drive (either USB, Firewire, or wireless) and plug it into the Mac. You will be prompted to use this drive for Time Machine. Say yes, and you're done. As long as you connect this drive for a few hours once a week you will have a running backup of your important files.
Vista
The Vista operating system offers the Backup and Restore Center which allows you to configure an automatic backup of your PC. You can access the Backup and Restore Center under your Control Panel. If you've been using your computer without a backup for a long time, I always recommend making a backup image of your whole PC on CD-ROM or DVD prior to setting up your scheduled backups. Luckily the Vista Backup and Restore Center has wizards that make this easy for you; simply select "Back Up Computer" and follow the wizard, once this is done go back into the Backup and Restore Center and select Back Up Files to set up a daily or weekly backup of your PC.
XP and Third Party Vendors
If you have Windows XP, it is easier and more reliable to use a third party application to back up your files. Fortunately, most external hard drives come with some kind of backup software. Be sure to check the packaging for the hard drive that you buy and make sure that the included software is not a trial version! At the very least you can use the included XP backup application (under Start -> Accessories -> System Tools -> Backup) to manually run a backup, having some kind of backup is better than none.
Lastly, I want to advise that a backup of some kind is made a couple of times a year and stored off-site in a safety deposit box, at a friend or relative's house, or uploaded to an online backup service like Upline or Mozy. If a natural disaster occurs, you don't want to lose your backups along with your computer.
Now more than ever most of our important photos, correspondence, music, and financial information are in digital format and it's important that these things are protected from loss.
I think most of my readers would agree that the time to find out that you need to back up your files is not after you've experienced a hardware failure. However those are exactly the circumstances under which many of the users that I interact with on a daily basis will eventually come to this discovery. Every time I sign up a new client I advise them to implement a backup system that, at a minimum, backs up their important files weekly, and only 10% of them take this advice to heart, even after years of continued admonitions regarding the risks of not keeping backups.
So, to keep you from becoming another statistic for me to blog about, here is a quick and easy guide to backing up your computer:
Macintosh OS X
The Leopard version of OS X includes about the simplest backup system in the world, Time Machine. To keep your Mac backed up, all you need to do is buy an external drive (either USB, Firewire, or wireless) and plug it into the Mac. You will be prompted to use this drive for Time Machine. Say yes, and you're done. As long as you connect this drive for a few hours once a week you will have a running backup of your important files.
Vista
The Vista operating system offers the Backup and Restore Center which allows you to configure an automatic backup of your PC. You can access the Backup and Restore Center under your Control Panel. If you've been using your computer without a backup for a long time, I always recommend making a backup image of your whole PC on CD-ROM or DVD prior to setting up your scheduled backups. Luckily the Vista Backup and Restore Center has wizards that make this easy for you; simply select "Back Up Computer" and follow the wizard, once this is done go back into the Backup and Restore Center and select Back Up Files to set up a daily or weekly backup of your PC.
XP and Third Party Vendors
If you have Windows XP, it is easier and more reliable to use a third party application to back up your files. Fortunately, most external hard drives come with some kind of backup software. Be sure to check the packaging for the hard drive that you buy and make sure that the included software is not a trial version! At the very least you can use the included XP backup application (under Start -> Accessories -> System Tools -> Backup) to manually run a backup, having some kind of backup is better than none.
Lastly, I want to advise that a backup of some kind is made a couple of times a year and stored off-site in a safety deposit box, at a friend or relative's house, or uploaded to an online backup service like Upline or Mozy. If a natural disaster occurs, you don't want to lose your backups along with your computer.
Now more than ever most of our important photos, correspondence, music, and financial information are in digital format and it's important that these things are protected from loss.
Thursday, April 23, 2009
Service Accounts
In my experience one of the most difficult security holes to plug is when a domain administrator account is used improperly on a Windows domain. All too often I see a domain administrator account used when software is deployed when a service account should have been established instead.
The modern Windows network running Active Directory will likely outlive many of the applications that are installed on it. Maintaining the directory and all the accounts in the directory can be made far more difficult if it isn't clear what these accounts are being used for. Additionally, if you are relying on just one or two accounts with broad rights on your domain in order to get things done, you are making it very hard to protect your network from disgruntled employees... it's hard to change the password for an account that impacts so many different applications.
It is always a good idea to set up a new service account for every application that requires domain access, and to delegate the minimal rights that account needs. When it is clear which accounts are used for what application, directory maintenance becomes a snap! You immediately know which accounts are still in use, and which accounts can be safely retired once an application is removed from the domain.
While the domain administrator account is "god" of the domain, and it is tempting to just use this type of account to avoid the permissions issues that can happen when a service account needs special rights, it is always a bad idea to use this account for anything other than its intended use, which is administrating the domain. If you can resist the temptation to use this account, and take the time up front to create specific service accounts for your applications, you will actually be saving yourself a lot of time down the line. And you'll have a more secure network to boot!
The modern Windows network running Active Directory will likely outlive many of the applications that are installed on it. Maintaining the directory and all the accounts in the directory can be made far more difficult if it isn't clear what these accounts are being used for. Additionally, if you are relying on just one or two accounts with broad rights on your domain in order to get things done, you are making it very hard to protect your network from disgruntled employees... it's hard to change the password for an account that impacts so many different applications.
It is always a good idea to set up a new service account for every application that requires domain access, and to delegate the minimal rights that account needs. When it is clear which accounts are used for what application, directory maintenance becomes a snap! You immediately know which accounts are still in use, and which accounts can be safely retired once an application is removed from the domain.
While the domain administrator account is "god" of the domain, and it is tempting to just use this type of account to avoid the permissions issues that can happen when a service account needs special rights, it is always a bad idea to use this account for anything other than its intended use, which is administrating the domain. If you can resist the temptation to use this account, and take the time up front to create specific service accounts for your applications, you will actually be saving yourself a lot of time down the line. And you'll have a more secure network to boot!
Wednesday, April 22, 2009
Experts: Malicious program targets Macs - CNN.com
Experts: Malicious program targets Macs - CNN.com
Just a quick reminder that all computers should have anti-virus software installed, and that in the long run it's much cheaper to pay for your software instead of trying to get it for "free"...
Just a quick reminder that all computers should have anti-virus software installed, and that in the long run it's much cheaper to pay for your software instead of trying to get it for "free"...
Tuesday, April 21, 2009
Secure Your Wireless Network... Please!
In this day and age of high anxiety regarding identity theft and credit card abuse one would think that keeping information secure would be a top priority for computer users everywhere. This is why I'm surprised by how many people don't take the time to secure their wireless networks in their home or home office.
In the past I have even gone so far as to demonstrate to my customers just how easy it is to snoop on their Internet activity by sitting in their driveway with my laptop and compiling all the information I can about them (with their permission of course). They are often shocked by just how easy it is for someone to obtain information that they thought was secure via their open wireless network connection.
And that's just the security and privacy aspect of it! I recently had a new client whose Internet had slowed down considerably, she was convinced that she had a virus or some other computer malady. When I came by to investigate I discovered that several people in her complex were freeloading off her open wireless connection, she had become the "free Internet" for the other condos in her area.
There are two things that I recommend everyone do to secure their wireless network, and a third tip if you want to be really secure. The first two steps are easy to implement, and are usually covered in the setup guide for your wireless router or access point:
1) Change the default password and identification (SSID) on your wireless router/access point. I have ever had clients who installed their own wireless network and end up having to call me because some prankster has locked them out of their own network using the default password for their router.
2) Set up some kind of encryption in your network. I prefer to use WPA, however WEP is better than nothing. This accomplishes two things: firstly, it means that in order to connect to your network a password is required, secondly it means that the traffic between your computer and the Internet, printer, and other machines on your network cannot be easily captured and viewed by a third party.
My final, more advanced, tip is to enable MAC address filtering. Every network card has a sort of serial number called a MAC address, and by setting up your router so that it will only accept connections from certain network cards, you have an added layer of security on your network. On a Macintosh running OS X you can find your MAC address by going to System Preferences -> Network -> Airport -> Advanced, the MAC address is the "Airport ID". On a PC, open up a command line (Start -> Run -> cmd) and type in 'ipconfig /all' (no quotes), the MAC address will be the "Physical Address" in the output. You can follow the instructions for your particular wireless router to enable filtering and enter the MAC addresses from all the devices on your network as the only machines allowed to connect.
By securing your network you are not only protecting your personal information, you are also making sure that the Internet bandwidth you pay for is reserved for your use!
In the past I have even gone so far as to demonstrate to my customers just how easy it is to snoop on their Internet activity by sitting in their driveway with my laptop and compiling all the information I can about them (with their permission of course). They are often shocked by just how easy it is for someone to obtain information that they thought was secure via their open wireless network connection.
And that's just the security and privacy aspect of it! I recently had a new client whose Internet had slowed down considerably, she was convinced that she had a virus or some other computer malady. When I came by to investigate I discovered that several people in her complex were freeloading off her open wireless connection, she had become the "free Internet" for the other condos in her area.
There are two things that I recommend everyone do to secure their wireless network, and a third tip if you want to be really secure. The first two steps are easy to implement, and are usually covered in the setup guide for your wireless router or access point:
1) Change the default password and identification (SSID) on your wireless router/access point. I have ever had clients who installed their own wireless network and end up having to call me because some prankster has locked them out of their own network using the default password for their router.
2) Set up some kind of encryption in your network. I prefer to use WPA, however WEP is better than nothing. This accomplishes two things: firstly, it means that in order to connect to your network a password is required, secondly it means that the traffic between your computer and the Internet, printer, and other machines on your network cannot be easily captured and viewed by a third party.
My final, more advanced, tip is to enable MAC address filtering. Every network card has a sort of serial number called a MAC address, and by setting up your router so that it will only accept connections from certain network cards, you have an added layer of security on your network. On a Macintosh running OS X you can find your MAC address by going to System Preferences -> Network -> Airport -> Advanced, the MAC address is the "Airport ID". On a PC, open up a command line (Start -> Run -> cmd) and type in 'ipconfig /all' (no quotes), the MAC address will be the "Physical Address" in the output. You can follow the instructions for your particular wireless router to enable filtering and enter the MAC addresses from all the devices on your network as the only machines allowed to connect.
By securing your network you are not only protecting your personal information, you are also making sure that the Internet bandwidth you pay for is reserved for your use!
Monday, April 20, 2009
IT Support - Customer Service
I have a friend who is a medical doctor, and he often complains that he has to deal with patients who come into his office with symptoms that they have "self-diagnosed" and that nine times out of ten the treatment that they request, or the ailment that they think they have, is not even close to their actual problem.
It may sound obvious that the key to providing excellent I.T. support is knowing what your customer or end-user wants to do and providing them with the tools to do it, however I am surprised at just how often I witness I.T. support personnel treating the symptom instead of the disease.
There is nothing more frustrating to an end-user than going to their I.T. support person and asking for help only to receive "assistance" that doesn't get them where they want to go. Time and time again I witness I.T. support give the user exactly what they asked for, only to have the end-user go away frustrated because what they wanted wasn't what they needed.
Any time I am approached by an end user I am sure to work one specific question into the conversation early on. That question is "What are you trying to do?" My goal in assisting an end-user is to make sure that I understand what they are trying to accomplish, once I am sure we are on the same page for the end result, then we can start discussing the "how".
If more I.T. support personnel would take the time to understand what their end users are trying to accomplish, they could save a lot of frustration on both sides by no longer having to solve "problems" that don't even exist. By keeping the focus on the end result, you can be sure that you and your user are both working towards the same goal.
It may sound obvious that the key to providing excellent I.T. support is knowing what your customer or end-user wants to do and providing them with the tools to do it, however I am surprised at just how often I witness I.T. support personnel treating the symptom instead of the disease.
There is nothing more frustrating to an end-user than going to their I.T. support person and asking for help only to receive "assistance" that doesn't get them where they want to go. Time and time again I witness I.T. support give the user exactly what they asked for, only to have the end-user go away frustrated because what they wanted wasn't what they needed.
Any time I am approached by an end user I am sure to work one specific question into the conversation early on. That question is "What are you trying to do?" My goal in assisting an end-user is to make sure that I understand what they are trying to accomplish, once I am sure we are on the same page for the end result, then we can start discussing the "how".
If more I.T. support personnel would take the time to understand what their end users are trying to accomplish, they could save a lot of frustration on both sides by no longer having to solve "problems" that don't even exist. By keeping the focus on the end result, you can be sure that you and your user are both working towards the same goal.
Saturday, April 18, 2009
Keeping an Inventory - Print it Out!
Just having an inventory is a huge step in the right direction for the small to mid-size organization, however if your network or workstations are down, and you only have a soft copy of your inventory, it won't do you much good. Especially if you need the information to get things back up correctly.
This is why it's very important to keep a hard copy of your inventory up to date, organized, and close at hand. If you print out your inventory database whether it's in a spreadsheet, database, or just a word processor, throw it in a binder, and lock it in your desk, I guarantee you that there will come a day where that binder will be worth its weight in gold!
I would get in the habit of updating the hard copy of your inventory at least once a week, it's usually the last thing I do on Friday. This way you know that at any given time your hard copy is no more than 5 working days (well, 7 if your working days are like mine) off from reality. Of course if you do major deployments or upgrades you should be sure to make an exception to this rule and update early... when big changes happen there is a greater chance of something going wrong, and taking a few minutes to update your inventory could save you a lot of time if this happens.
This is why it's very important to keep a hard copy of your inventory up to date, organized, and close at hand. If you print out your inventory database whether it's in a spreadsheet, database, or just a word processor, throw it in a binder, and lock it in your desk, I guarantee you that there will come a day where that binder will be worth its weight in gold!
I would get in the habit of updating the hard copy of your inventory at least once a week, it's usually the last thing I do on Friday. This way you know that at any given time your hard copy is no more than 5 working days (well, 7 if your working days are like mine) off from reality. Of course if you do major deployments or upgrades you should be sure to make an exception to this rule and update early... when big changes happen there is a greater chance of something going wrong, and taking a few minutes to update your inventory could save you a lot of time if this happens.
Wednesday, April 15, 2009
Microsoft's Patch Tuesday filled with zero-day exploits - Network World
Microsoft's Patch Tuesday filled with zero-day exploits - Network World
Network World has an article about how Microsoft's "patch Tuesday" for this month contained several patches for vulnerabilities that already have exploits in the wild.
The quote from the article that I want to talk about is from Wolfgang Kandek, "That window where you had the luxury of not patching, that is shrinking fast". In my post from last Thursday regarding the Conficker worm, I mentioned that it's a good idea to set your computer to auto-update overnight, and to leave the machine on overnight once a week. If you have a Microsoft machine, I recommend that the night you choose be Tuesday, as most of Microsoft's patches are released on Tuesdays.
Like Mr. Kandek says, the window between vulnerabilities in computer software being discovered and exploits being released is getting smaller and smaller, your best protection is to make sure that you have the latest patches for your software installed.
Network World has an article about how Microsoft's "patch Tuesday" for this month contained several patches for vulnerabilities that already have exploits in the wild.
The quote from the article that I want to talk about is from Wolfgang Kandek, "That window where you had the luxury of not patching, that is shrinking fast". In my post from last Thursday regarding the Conficker worm, I mentioned that it's a good idea to set your computer to auto-update overnight, and to leave the machine on overnight once a week. If you have a Microsoft machine, I recommend that the night you choose be Tuesday, as most of Microsoft's patches are released on Tuesdays.
Like Mr. Kandek says, the window between vulnerabilities in computer software being discovered and exploits being released is getting smaller and smaller, your best protection is to make sure that you have the latest patches for your software installed.
Saturday, April 11, 2009
Keeping an Inventory - Dell Service Tags
On Thursday I talked about the value of an inventory and how it can come in handy if you need to call for service. Most of the companies I work with use Dell workstations and servers. These machines have a service tag, a serial number that the support technician will need in order to access warranty information for the machine. This is another time that you may end up finding yourself crawling under a desk or squeezing between cabinets in your server room to get information in an emergency.
Once again, I have a workaround for you. You can use this Visual Basic Script to pull the service tag from the machine that you're logged into:
----------
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSMBIOS = objWMIService.ExecQuery _
("Select * from Win32_SystemEnclosure")
For Each objSMBIOS in colSMBIOS
Wscript.Echo "Service Tag: " & objSMBIOS.SerialNumber
Next
----------
Simply copy the code between the dashes (do not copy the dashes) and save it to a file called "delltag.vbs". Run this file on the machine where you are trying to get the tag, and it will pop up a window with the service tag information.
Again, it is best to be proactive and do this before you have a problem. If you find yourself with a dead computer or server and you don't have this information handy, you will be getting your hands dirty searching for this information on the machine itself, which, in an emergency, can be more than just an inconvenience, it can be the difference between meeting your service level agreement or missing it!
Once again, I have a workaround for you. You can use this Visual Basic Script to pull the service tag from the machine that you're logged into:
----------
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSMBIOS = objWMIService.ExecQuery _
("Select * from Win32_SystemEnclosure")
For Each objSMBIOS in colSMBIOS
Wscript.Echo "Service Tag: " & objSMBIOS.SerialNumber
Next
----------
Simply copy the code between the dashes (do not copy the dashes) and save it to a file called "delltag.vbs". Run this file on the machine where you are trying to get the tag, and it will pop up a window with the service tag information.
Again, it is best to be proactive and do this before you have a problem. If you find yourself with a dead computer or server and you don't have this information handy, you will be getting your hands dirty searching for this information on the machine itself, which, in an emergency, can be more than just an inconvenience, it can be the difference between meeting your service level agreement or missing it!
Thursday, April 9, 2009
Conficker wakes up, updates via P2P, drops payload | Security - CNET News
Conficker wakes up, updates via P2P, drops payload | Security - CNET News
CNET updated its article about the Conficker worm. This worm has been getting a lot of press lately, and you can find lots of information on it so I'm not going to bore you with the details.
What I do want to do is use this as an illustration of how important it is to keep your computer patched! The patch for the exploit that this worm uses to infect your system came out almost six months ago. If you set your computer to automatically update every night at 3:00am, and then just leave it on overnight once a week, you never have to worry about worms like Conficker that rely on old vulnerabilities to infect your system.
CNET updated its article about the Conficker worm. This worm has been getting a lot of press lately, and you can find lots of information on it so I'm not going to bore you with the details.
What I do want to do is use this as an illustration of how important it is to keep your computer patched! The patch for the exploit that this worm uses to infect your system came out almost six months ago. If you set your computer to automatically update every night at 3:00am, and then just leave it on overnight once a week, you never have to worry about worms like Conficker that rely on old vulnerabilities to infect your system.
Keeping an Inventory - Retrieving Machine Specs
One thing that can be a real pain is having to crawl under a desk, hunt around a server room, or pore through file cabinets in order to find out what the hardware specifications are for your Windows computer. One way to avoid this is to keep a list of all your machines with these specs and service tags handy. Unfortunately, unless you started this list when you first purchased your computer(s), you are dreading all the crawling, hunting, and poring that will be required to compile an initial list.
Fear not! There are a few simple commands that you can run from the comfort of your desk that will allow you to get a lot of this information without having to get out the dust mask. The first two are run from a command line (Start -> Run -> cmd):
systeminfo - This command will return all kinds of useful information, including your OS version, install date, computer model, processor information, amount of memory, domain name, and patches installed.
ipconfig /all - This command will give you information on your network adapters, including your IP address and your network card model.
There is also quite a bit of information that can be found in the graphical interface. By going to your "My Computer" icon, right-clicking on it, and choosing "Manage", you can access the Disk Management applet that will give you all the information about your disk drives (both physical and logical).
With the information from these three places, you can build a pretty good database of what hardware you have installed, which is a very handy thing to have on hand before your computer crashes... especially handy if the hardware is under warranty, as you can call the manufacturer and give them all the information that they need without having to get your hands dirty!
Fear not! There are a few simple commands that you can run from the comfort of your desk that will allow you to get a lot of this information without having to get out the dust mask. The first two are run from a command line (Start -> Run -> cmd):
systeminfo - This command will return all kinds of useful information, including your OS version, install date, computer model, processor information, amount of memory, domain name, and patches installed.
ipconfig /all - This command will give you information on your network adapters, including your IP address and your network card model.
There is also quite a bit of information that can be found in the graphical interface. By going to your "My Computer" icon, right-clicking on it, and choosing "Manage", you can access the Disk Management applet that will give you all the information about your disk drives (both physical and logical).
With the information from these three places, you can build a pretty good database of what hardware you have installed, which is a very handy thing to have on hand before your computer crashes... especially handy if the hardware is under warranty, as you can call the manufacturer and give them all the information that they need without having to get your hands dirty!
Welcome - Starting a Technical Blog
Hello, and welcome. My name is Jonathan, I have been gainfully employed in the I.T. field for thirteen years, however I have been an I.T. enthusiast and hobbyist for most of my life.
I currently run a "boutique" computer consulting firm out of the San Fernando Valley in Los Angeles that handles everything from first-time computer training up to mid-size company deployments and support. I also have a day job doing network security for a manufacturing company.
It is my hope that this blog will be useful to my clients and general readers who are not technical, yet I also hope that it will be a good place for me to share technical information with my colleagues about existing vulnerabilities, I.T. issues, and best practices.
So take a look around, I hope that you find something interesting!
I currently run a "boutique" computer consulting firm out of the San Fernando Valley in Los Angeles that handles everything from first-time computer training up to mid-size company deployments and support. I also have a day job doing network security for a manufacturing company.
It is my hope that this blog will be useful to my clients and general readers who are not technical, yet I also hope that it will be a good place for me to share technical information with my colleagues about existing vulnerabilities, I.T. issues, and best practices.
So take a look around, I hope that you find something interesting!
Subscribe to:
Posts (Atom)
Posts
