You were lucky enough to make it through 2011 without a catastrophic failure of a hard drive, data corruption, loss of a notebook computer, etc, but will 2012 be so kind?

If you are like so many people and businesses we work with, you are NOT backing up your data. Maybe it is too much trouble, or too expensive.

Just remember, the most expensive backup is the one you didn’t perform….

Let us help you plan a backup strategy for your company, or even your personal data. Whether it is a single notebook, or a fleet of them, a single server, or 50 virtualized servers, we have a solution for you that will fit in your budget, be easy to maintain and more importantly, easy to recover in the event you do lose data.

We have physical backup systems, such as tape based, removable disk cartridge (RDX), disk based and network based, including full backup servers which can mirror your mission critical data. We also provide multiple cloud based offsite storage solutions which we highly recommend, even if you already have on location, physical backups. Servosity, a local offering and MozyPro.

In addition, we are a Symantec partner and work closely with businesses who rely on Symantec’s Backup Exec and deduplication systems.

Using tape or removable disk storage and need a secure offsite storage provider who will help create a rotation? We can help with that. Our local partner provides a climate and magnetic controlled vault and delivery/pickup services.

End of life for tape or disk media? We partner with another local company, ShredDisk who will dispose of that media in a guaranteed unrecoverable manner.

Call us today at 864.990.4748 or email info@homelandsecureit.com and we will help you with your data situation!

Homeland Secure IT Alert

Secure IT Alert for Thursday, February 2, 2012

If you are running a current version of Apple Mac OS X, 10.6.x or OS X 10.7.x  (Snow Leopard & Lion respectively), then you are vulnerable to exploits that these patches correct.

These security flaws could potentially allow an attacker to execute code on your computer after you visit a malicious web site or download/view affected documents or files, or allow Denial of Service (DoS) or even elevation of privileges.

How do you fix this? Apple has released OS X Security Update 2012-001 and OS X 10.7.3 to fix these security problems – UPDATE ASAP.

The 52 security vulnerabilities affect 27 components that are part of OS X and OS X server.  Some of the affected software includes: Apache, OpenGL, PHP, QuickTime and Time Machine.

A few examples:

Buffer overflow vulnerability in ImageIO – View a malicious image and it could result in a crash of an application, or code to be executed on your computer. The upside is, it would only execute with your privileges.

Buffer overflow vulnerability in CoreAudio – Play a malicious audio file and experience a crash of your system, or execute code with your privileges.

QuickTime vulnerabilities – Six of these babies could mean that if you open a malicious image or video in QT, code could be executed with your privileges.

The full update information can be found at http://support.apple.com/kb/HT5130

Should you require assistance in applying these updates, do not hesitate to call us in the Greenville or Upstate SC area at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert

#LeapIntoIT Kindle Fire Giveaway

It’s that time again!  Time for us to have some fun, and help one of our Upstate, SC friends get something cool to play with.

We’ve given away stuff before, like Trend Micro anti-virus, a wireless IP security camera, a Cisco Flip Mino HD video camera, Microsoft Office 2010, and even a Microsoft X-BOX 360, but this is likely the most exciting thing yet, or at least the 2nd most exciting!

We decided that since it is a Leap Year, we will help one person leap into the tablet computer revolution by giving them one of the hottest little tablets out… The Amazon Kindle Fire!  It is far more than just an eBook Reader, it’s a smokin’ hot tablet too!  So hot, it’s on FIRE! =)

Let’s call it the “Leap Into IT” giveaway!  #LeapIntoIT

Who is eligible?

Anyone who can walk into the Homeland Secure IT office at 104 Mauldin Rd, STE E in Greenville, SC to retrieve the tablet in person. We will NOT SHIP IT. Also, you must not be prohibited by law from participating in any giveaway, and all that legal mumbo-jumbo. Let’s put an age restriction on it too.  You must not be older than, no wait, you must be at least 18 to participate.

Employees of Homeland Secure IT cannot play this silly game because they would never get any work done.

Past winners of Homeland Secure IT giveaways ARE eligible (Andrea, James, Hal, etc)

How do you get involved in this?

There is NO purchase necessary, but there are some things that you will want to do…

• Pass through our initiation process – This is where you tattoo your forehead with the Homeland Secure IT logo. Okay, this is optional.
• Sign up to this blog by hitting the SUBSCRIBE BUTTON over in the right-hand column. You can receive the daily blog posts in email first thing in the morning this way. And you can opt out later (after the contest is over) when you get tired of my yammering…
• Sign up for our SUPER LOW traffic mailing lists HERE … We rarely send anything out, so you won’t be too annoyed. You can unsubscribe from either or both at anytime, AFTER the contest end date.
• Go to our home page at www.HomelandSecureIT.com and hit the Google +1 button & Facebook “like” while you are there.
• Go to our Google business places page and leave a review and rating (hopefully a good one)
• Go to Merchant Circle and leave a review/rating
• Go to Yelp and leave a review/rating
• Go to Yahoo! and leave a review/rating
• LIKE us on facebook HERE …     Follow us on Twitter HERE …

Here is a list of ways to connect:  

http://www.homelandsecureit.com/connect.html

If you connect in a different manner and you feel it is important, email me, or tag me in a post so I can see what you have done and count that as well!

In review, it is up to you to determine how much, or how little you wish to get involved. The more ways you connect, the more chances to get this darn Kindle Fire!

How is the selection made?

Good question! We lay out a grid, with your each name written in it in the parking lot, and we then shoot a gerbil straight into the air, and in whatever grid the gerbil falls into, that’s our winner.

Okay, (maybe) it isn’t like that at all.  No, in fact it is not.

On February 29th, 2012, I’ll take every name/email address from our mailing lists, all the names of those who have reviewed us on Yelp, Google Places, Yahoo! & Merchant Circle, all the mentions on Facebook, Twitter, Linked-In, all the Likes and Follows on Twitter, Facebook, Linked-In, all the Google Plus +1s, and dump them into a spread sheet. Next I go to www.Random.Org and put the number of lines in my spreadsheet as the max number and generate a random number.

Whoever matches that number in the spreadsheet is contacted.

If they are out of the area and cannot get it in person, another number will be selected and the process repeated until we have a winner!

So, with that said… Let’s do this!   Leap Into IT!!!!

Cisco SPA525G2 with 32 button sidecar

One of the best selling phones for the small and medium business (SMB) market is the Cisco SPA525G2 phone. The entire series of SPA phones are affordable, reliable and well suited to SMB use, but the 525 G2 is the current big daddy with its color display, ability to play MP3s from a memory stick, sync to your cell phone via bluetooth, built-in bluetooth for wireless headset usage and so much more.

On every system we sell that includes the SPA 525, we get a few questions like, ‘How do you answer another extension?”, and of course we answer it, but, with such a long list of these “star codes”, I can’t remember them myself.

Cisco Star Codes for SPA525G2 Phones:

• Call Return (*69)—Calls the last caller, regardless which extension.
• Blind Transfer (*98)—Allows the user to transfer a call to another number  without waiting for the other party to pick up.
• Call Back Act (*66)—Periodically redials the last busy number (every 30  seconds by default) until it rings or until the attempt expires (30 min by default), regardless which extension. Only one call back operation can be ordered at a time. A new order automatically cancels the previous order.
• Call Back Deact (*86)—Cancels the last call back operation.
• Call Forward All Act (*72)—Call forwards all inbound calls. Applies to primary extension only.
• Call Forward All Deact (*73)—Cancels call forward all. Applies to primary extension only.
• Call Forward Busy Act (*90)—Call forwards on busy. Applies to primary extension only.
• Call Forward Busy Deact (*91)—Cancels call forward on busy. Applies to primary extension only.
• Call Forward No Answer Act (*92)—Call forwards if no answer. Applies to primary extension only.
• Call Forward No Answer Deact (*93)—Cancels call forward no answer. Applies to primary extension only.
• CW Act (*56)—Enables call waiting. For example, if call waiting is turned off globally, this star code will turn on call waiting until the CW Deact code is entered.
• CW Deact (*57)—Deactivates call waiting. For example, if call waiting is turned on globally, this star code deactivates call waiting until the CW Act code is entered.
• CW Per Call Act (*71)—Enables call waiting for a single call. For example, if  call waiting is turned off globally, this star code will turn on call waiting for that call.
• CW Per Call Deact (*70)—Deactivates call waiting for a single call. For example, if call waiting is turned on globally, this star code deactivates call waiting for that call.
• Block CID Act (*67)—Blocks caller ID on all outbound calls. Applies to all extensions.
• Block CID Deact (*68)—Deactivates caller ID blocking on outbound calls. Applies to all extensions.
• Block CID Per Call (*81)—Blocks caller ID on the next outbound call (on the current call appearance only).
• Block CID Per Call Deact (*82)—Deactivates caller ID blocking on the next outbound call (on the current call appearance only).
• Block ANC Act—Blocks anonymous calls. Applies to all extensions.
• Block ANC Deact—Deactivates anonymous call blocking. Applies to all  extensions.
• DND Act (*78)—Activates Do Not Disturb. Applies to all extensions.
• DND Deact (*79)—Deactivates Do Not Disturb. Applies to all extensions.
• Secure All Call Act (*16)—Defaults to prefer to use encrypted media (voice codecs).
• Secure No Call Act (*17)—Defaults to prefer to use unencrypted media for all outbound calls. Applies to all extensions.
• Secure One Call Act (*18)—Prefers to use encrypted media for the outbound call (on this call appearance only).
• Secure One Call Deact (*19)—Prefers to use unencrypted media for the outbound call (on this call appearance only).
• Paging (*96)—Pages the number called.
• Call Park (*38)—Parks a call on an entered line number.
• Call UnPark Code (*39)—Retrieves a call from an entered line number.
• Call Pickup (*36)—Picks up a call at an entered extension.
• Group Call Pickup (*37)—Picks up a ringing call at a group of extensions.
• Media Loopback Code (*03)—A service provider can set up a test call from an IP media loopback server (the source) to a subscriber’s VoIP device (the mirror). The test call provides statistical reporting on network performance  and audio quality.

Depending on the source’s capabilities, the SP can see packet jitter, loss, and delay (although Media Loopback cannot identify an offending hop). This helps the SP identify an offending hop that could be causing issues in VoIP calls to a subscriber. The test results can also provide audio quality scoring, which lets a SP better understand the subscriber’s experience.

Referral Services Codes—One or more * codes can be configured into this parameter, such as *98, or *97|*98|*123, and so on. The maximum total length is 79 characters.
This parameter applies when the user places the current call on hold (by Hook Flash) and is listening to second dial tone. Each * code (and the following valid target number according to current dial plan) entered on the second dial-tone triggers the Cisco IP phone to perform a blind transfer to a target number that is prepended by the service * code. For example:
a. After the user dials *98, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends a blind REFER  to the holding party with the Refer-To target equals to *98 target_number. This  feature allows the Cisco IP phone to hand off a call to an application server to perform further processing, such as call park. The * codes should not conflict with any of the other vertical service codes internally processed by the Cisco IP phone. You can delete any * code that you do  not want the call server to process.

Feature Dial Services Codes: Tells the Cisco IP phone what to do when the user is  listening to the first or second dial tone.
You can configure one or more * codes into this parameter, such as *72, or *72|*74|*67|*82, and so on. The maximum total length is 79 characters. When the user has a dial tone (first or second dial tone), they can enter a * code (and the  following target number according to current dial plan) to trigger the Cisco IP phone to call the target number prepended by the * code. For example:
a. After the user dials *72, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends an INVITE to *72 target_number as in a normal call. This feature allows the proxy to process features such as call forward (*72) or BLock Caller ID (*67).
You can add a parameter to each * code in Features Dial Services Codes to indicate what tone to play after the * code is entered, such as *72‘c‘|*67‘p‘.

Following is a list of allowed dial tone parameters (note the use of back quotes surrounding the parameter without spaces).

•  ‘c‘ = Cfwd dial tone
•  ‘d‘ = Dial tone
•  ‘m‘ = MWI dial tone
•  ‘o‘ = Outside dial tone
•  ‘p‘ = Prompt dial tone
•  ‘s‘ = Second dial tone
•  ‘x‘ = No tones are place, x is any digit not used above

If no tone parameter is specified, the Cisco IP phone plays the prompt tone by default.
If the * code is not to be followed by a phone number, such as *73 to cancel call forwarding, do not include it in this parameter. In that case, add that * code in the dial plan.

Homeland Secure IT is happy to be a Cisco SMB Select Partner! If we can provide your business VoIP support in the Greenville / Upstate, SC area, please call upon us at 864.990.4748 or email info@homelandsecureit.com

http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf

The danger is that someone so inclined could potentially access your computer through vulnerabilities exposed from old source code, and gain full access to your computer, files and your network.

To sum it up, disabling pcAnywhere is a surefire way to protect yourself and your company.

If you have questions about this or any other security issue in the Greenville or Upstate SC area, please call upon Homeland Secure IT, we can help set your mind at ease.  864.990.4748

National Cyber Alert System

Technical Cyber Security Alert TA12-024A

“Anonymous” DDoS Activity

Original release date: January 24, 2012

Last revised: –

Source: US-CERT

Overview

US-CERT has received information from multiple sources about

coordinated distributed denial-of-service (DDoS) attacks with

targets that included U.S. government agency and entertainment

industry websites. The loosely affiliated collective “Anonymous”

allegedly promoted the attacks in response to the shutdown of the

file hosting site MegaUpload and in protest of proposed U.S.

legislation concerning online trafficking in copyrighted

intellectual property and counterfeit goods (Stop Online Piracy

Act, or SOPA, and Preventing Real Online Threats to Economic

Creativity and Theft of Intellectual Property Act, or PIPA).

I. Description

US-CERT has evidence of two types of DDoS attacks: One using HTTP

GET requests and another using a simple UDP flood.

The Low Orbit Ion Cannon (LOIC) is a denial-of-service attack tool

associated with previous Anonymous activity. US-CERT has reviewed

at least two implementations of LOIC. One variant is written in

JavaScript and is designed to be used from a web browser. An

attacker can access this variant of LOIC on a website and select

targets, specify an optional message, throttle attack traffic, and

monitor attack progress. A binary variant of LOIC includes the

ability to join a botnet to allow nodes to be controlled via IRC or

RSS command channels (the “HiveMind” feature).

The following is a sample of LOIC traffic recorded in a web server

log:

“GET /?id=1327014400570&msg=We%20Are%20Legion! HTTP/1.1″ 200

99406 “hxxp://pastehtml.com/view/blafp1ly1.html” “Mozilla/5.0

(Windows NT 6.1; WOW64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1″

The following sites have been identified in HTTP referrer headers

of suspected LOIC traffic. This list may not be complete. Please do

not visit any of the links as they may still host functioning LOIC

or other malicious code.

“hxxp://3g.bamatea.com/loic.html”

“hxxp://anonymouse.org/cgi-bin/anon-www.cgi/”

“hxxp://chatimpacto.org/Loic/”

“hxxp://cybercrime.hostzi.com/Ym90bmV0/loic/”

“hxxp://event.seeho.co.kr/loic.html”

“hxxp://pastehtml.com/view/bl3weewxq.html”

“hxxp://pastehtml.com/view/bl7qhhp5c.html”

“hxxp://pastehtml.com/view/blafp1ly1.html”

“hxxp://pastehtml.com/view/blakyjwbi.html”

“hxxp://pastehtml.com/view/blal5t64j.html”

“hxxp://pastehtml.com/view/blaoyp0qs.html”

“hxxp://www.lcnongjipeijian.com/loic.html”

“hxxp://www.rotterproxy.info/browse.php/704521df/ccc21Oi8/

vY3liZXJ/jcmltZS5/ob3N0emk/uY29tL1l/tOTBibVY/wL2xvaWM/v/b5/

fnorefer”

“hxxp://www.tandycollection.co.kr/loic.html”

“hxxp://www.zgon.cn/loic.html”

“hxxp://zgon.cn/loic.html”

“hxxp://www.turbytoy.com.ar/admin/archivos/hive.html”

The following are the A records for the referrer sites as of

January, 20, 2012:

3g[.]bamatea[.]com                A    218[.]5[.]113[.]218

cybercrime[.]hostzi[.]com         A    31[.]170[.]161[.]36

event[.]seeho[.]co[.]kr           A    210[.]207[.]87[.]195

chatimpacto[.]org                 A    66[.]96[.]160[.]151

anonymouse[.]org                  A    193[.]200[.]150[.]125

pastehtml[.]com                   A    88[.]90[.]29[.]58

lcnongjipeijian[.]com             A    49[.]247[.]252[.]105

www[.]rotterproxy[.]info          A    208[.]94[.]245[.]131

www[.]tandycollection[.]co[.]kr   A    121[.]254[.]168[.]87

www[.]zgon[.]cn                   A    59[.]54[.]54[.]204

www[.]turbytoy[.]com[.]ar         A    190[.]228[.]29[.]84

The HTTP requests contained an “id” value based on UNIX time and

user-defined “msg” value, for example:

GET /?id=1327014189930&msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20

Other “msg” examples:

msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20

msg=:)

msg=:D

msg=Somos%20Legion!!!

msg=Somos%20legi%C3%B3n!

msg=Stop%20S.O.P.A%20:)%20%E2%99%AB%E2%99%AB HTTP/1.1″ 200 99406

“http://pastehtml.com/view/bl7qhhp5c.html”

msg=We%20Are%20Legion!

msg=gh

msg=open%20megaupload

msg=que%20sepan%20los%20nacidos%20y%20los%20que%20van%20a%20nacer

%20que%20nacimos%20para%20vencer%20y%20no%20para%20ser%20vencidos

msg=stop%20SOPA!!

msg=We%20are%20Anonymous.%20We%20are%20Legion.%20We%20do%20not%20

forgive.%20We%20do%20not%20forget.%20Expect%20us!

The “msg” field can be arbitrarily set by the attacker.

As of January 20, 20012, US-CERT has observed another attack that

consists of UDP packets on ports 25 and 80. The packets contained a

message followed by variable amounts of padding, for example:

66:6c:6f:6f:64:00:00:00:00:00:00:00:00:00 | flood………

Target selection, timing, and other attack activity is often

coordinated through social media sites or online forums.

US-CERT is continuing research efforts and will provide additional

data as it becomes available.

II. Solution

There are a number of mitigation strategies available for dealing

with DDoS attacks, depending on the type of attack as well as the

target network infrastructure. In general, the best practice

defense for mitigating DDoS attacks involves advanced preparation.

* Develop a checklist or Standard Operating Procedure (SOP) to

follow in the event of a DDoS attack. One critical point in a

checklist or SOP is to have contact information for your ISP and

hosting providers. Identify who should be contacted during a

DDoS, what processes should be followed, what information is

needed, and what actions will be taken during the attack with

each entity.

* The ISP or hosting provider may provide DDoS mitigation services.

Ensure your staff is aware of the provisions of your service

level agreement (SLA).

* Maintain contact information for firewall teams, IDS teams,

network teams and ensure that it is current and readily available.

* Identify critical services that must be maintained during an

attack as well as their priority. Services should be prioritized

beforehand to identify what resources can be turned off or

blocked as needed to limit the effects of the attack. Also,

ensure that critical systems have sufficient capacity to

withstand a DDoS attack.

* Have current network diagrams, IT infrastructure details, and

asset inventories. This will assist in determining actions and

priorities as the attack progresses.

* Understand your current environment and have a baseline of daily

network traffic volume, type, and performance. This will allow

staff to better identify the type of attack, the point of attack,

and the attack vector used. Also, identify any existing

bottlenecks and remediation actions if required.

* Harden the configuration settings of your network, operating

systems, and applications by disabling services and applications

not required for a system to perform its intended function.

* Implement a bogon block list at the network boundary.

* Employ service screening on edge routers wherever possible in

order to decrease the load on stateful security devices such as

firewalls.

* Separate or compartmentalize critical services:

* Separate public and private services

* Separate intranet, extranet, and internet services

* Create single purpose servers for each service such as HTTP,

FTP, and DNS

* Review the US-CERT Cyber Security Tip Understanding

Denial-of-Service Attacks.

III. References

* Cyber Security Tip ST04-015 -

<http://www.us-cert.gov/cas/tips/ST04-015.html>

* Anonymous&apos;s response to the seizure of MegaUpload according to

CNN -

<http://money.cnn.com/2012/01/19/technology/megaupload_shutdown/index.htm>

* The Internet Strikes Back #OpMegaupload -

<http://anonops.blogspot.com/2012/01/internet-strikes-back-opmegaupload.html>

* Twitter Post from the author of the JavaScript based LOIC code -

<http://www.twitter.com/#!/mendes_rs>

* Anonymous Operations tweets on Twitter -

<http://twitter.com/#!/anonops>

* @Megaupload Tweets on Twitter -

<http://twitter.com/#!/search?q=%2523Megaupload>

* LOIC DDoS Analysis and Detection -

<http://blog.spiderlabs.com/2011/01/loic-ddos-analysis-and-detection.html>

* Impact of Operation Payback according to CNN -

<http://money.cnn.com/2010/12/08/news/companies/mastercard_wiki/index.htm>

* OperationPayback messages on YouTube -

<http://www.youtube.com/results?search_query=operationpayback>

* The Bogon Reference – Team Cymru -

<http://www.team-cymru.org/Services/Bogons/>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA12-024A.html>

____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with “TA12-024A Feedback INFO#919868″ in

the subject.

____________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

____________________________________________________________________

Produced 2012 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>

____________________________________________________________________

Revision History

January 24, 2012: Initial release

If you require assistance with DDoS or any other security need for your Greenville or Upstate SC business, please call upon us at 864.990.4748 or email info@homelandsecureit.com

Turns out the answer to this is a definitive “YES”.  And you can bet there is a major outcry by civil rights and privacy groups because a judge has ordered a person to provide an unencrypted hard drive as part of an investigation. The story is over on Wired.com and is titled “Judge orders defendant to decrypt laptop“.

What do you think? Is being forced to hand over your data a violation of your Fifth Amendment rights? What if it were a judge ordering a suspected terrorist to do the same?

You found that if you reboot that firewall (pull the plug on the thing since there is no power supply) that YOU get back online right away, but then later that day, someone else on the network is now having trouble accessing websites so you reboot the firewall and all is well, for a while.

What could it be? It MUST be the firewall going bad since that fixes it.

Before jumping to that conclusion and just replacing the device, think back. Has your company grown? Maybe you have added a few new employees, or, maybe you have added tablets or other connected devices.

What could be happening here is that you have added one too many devices to your network and exceeded the number of seats that your firewall appliance supports. When you originally purchased that device, a technician counted the number of computers, servers and connected devices and said “You need a 25 user firewall and it will cost $xxx.xx”, to which you agreed and promptly forgot about.

Now, flash forward to today and your 12 users and a server have grown to 15 users, two servers and many people have iPads or Android tablets or phones, taking you past the 25 user limit.  The last person to connect once you go over the limit will generally be denied access to websites by the firewall, as a warning that you have exceeded the license terms, and it probably won’t “reset” just by turning that computer off, you will have to reboot the firewall to free unused seats up.

So what are you going to do about it? I guess you could tell the employees to stop connecting their personal phones to your network, or you could replace the firewall with a cheap router that has no limitations.

Both will work, but are bad ideas.

The real solution is to correct the licensing issue. Determine how many connected devices you have within your network, and estimate how many you will need for the next year, then talk to a vendor who can provide the proper licenses and apply those for you. Don’t forget to include VoIP and security systems, even copiers and connected printers, as they may require a seat too.

If you are experiencing rapid growth, consider upgrading to an unlimited license.

Just a note – If you have an old device, say 4-5 years old, now may be the time to consider upgrading the entire device to the latest technology at the same time you correct the user limitation!

Should you require help with this, Homeland Secure IT offers sales and support of most major brands of firewalls. We partner with Cisco, WatchGuard, SonicWALL, TrendNet, D-Link, NetGear and more! Call us for more information in the Greenville / Upstate SC area – 864.990.4748 or email info@homelandsecureit.com

It is quoted below  in its entirety but can be found here.

I’ll be posting about the new WatchGuard XTM 33 designed for Small/Medium businesses, and may be ideal for retailers!

Should you wish to purchase a WatchGuard product, receive more information or support, please call us at 864.990.4748 or email info@homelandsecureit.com… We are a WatchGuard partner!

—

Social Media Release:
WatchGuard Lists PCI Pitfalls for Retailers

NEW YORK (January 16, 2012) – WatchGuard Technologies

Highlights / News Facts:

Businesses that process, transmit or store cardholder data must implement security controls as defined by the latest PCI DSS standard. The following are the nine common PCI DSS compliance pitfalls that many retailers fall into and tips to avoid them.

• 1) Faulty firewall installation or configuration
  Many DIY (do it yourself) projects are easy; properly configuring a firewall is not one of them. According to WatchGuard research, a majority of small business security breaches are the result of improperly configured firewalls. Best practice: Use security certified technicians or trained resellers to ensure firewall configurations are proper and up to date; regularly audit firewall configurations as people and IT resources constantly change.
• 2) Relying on vendor supplied defaults for system passwords
  Not only is it critical to change vendor supplied default passwords, be sure to use something other than “password” as a password. According to a recently published research report, the most common passwords are: 1) password, 2) 123456, 3) 12345678, 4) qwerty, 5) abc123, 6) monkey, 7) 1234567, letmein, 9) trustno1, and 10) dragon. Best practice: Change vendor settings and utilize strong passwords.
• 3) Failing to utilize IPS to protect stored cardholder data
  There are multiple ways to help protect stored cardholder data. One key technology that is often overlooked is IPS (intrusion prevention systems). IPS is to hackers as anti-virus is to viruses. IPS keeps hackers out and helps cardholder data stay safe. Best practice: Make sure intrusion prevention systems (IPS) are up and running.
• 4) Not encrypting transmission of cardholder data across open, public networks
  Encryption is a key component to PCI DSS compliance. A common problem occurs in the transmission of credit card data, which is often done in unencrypted email. Best practice: Use encryption everywhere, and especially in email systems where any type of sensitive information may be transmitted.
• 5) Failing to use and regularly update anti-virus software or programs
  Unlike desktop/endpoint anti-virus (AV), gateway anti-virus stops threats right at the entry point of a network. Using gateway AV adds an additional layer of defense at the primary point of attack, and because it functions at the gateway, users see no degradation of performance on their local computer. Best practice: Use gateway AV in addition to endpoint AV for maximum defense in depth.
• 6) Not maintaining secure systems and applications
  Many businesses do a good job at maintaining secure systems, however what is often overlooked in today’s social media business world is application security. Most firewalls are incapable of distinguishing a web application from a website. Because of this, crafty cyber-crooks create web applications as a way to sneak past the firewall and steal cardholder data. Best practice: To gain control over web applications, businesses utilize the latest generation of UTMs and firewalls that include application control.
• 7) Providing access to cardholder data to those who do not need to know
  About 80 percent of security violations happen from within an organization. In order to reduce that figure, businesses should use the “least privilege rule,” which parallels the same concept of “need to know.” Users should be granted the minimum necessary permissions and privileges that are required for them to accomplish their jobs. When employees have access to data that they should not, bad things often result. Best practice: Use RBAC (role based access controls), separation of duties and other forms of “least privilege” to make sure data is restricted to those who absolutely must have access to it.
• Forgetting to track and monitor all access to network resources and cardholder data
  Unfortunately, many businesses take a “fire and forget” approach to network security; once the firewall is set, they forget to check the reports. Many security breaches can me mitigated early on simply by checking reports and logs on a regular basis. Best practice: Establish a routine of checking logs and reports to spot trouble before it blossoms into headline security news.
• 9) Not having an information security policy
  In order to meet PCI compliance, businesses must create an information security policy that is up to date, and that addresses the security requirements as proscribed by PCI DSS. This should also include operational security, system usage, security management and other related policies. Best practice: Get IT, HR and other business stakeholders to regularly review information security policies.

Keywords:

PCI DSS, Network Security, Firewall, Cardholder Data, Passwords, Encryption, IPS, Anti-Virus, Application Control, Next-Generation UTM, Policy

Quote:

• “The PCI DSS standard is a model that many businesses – even non-retailers can look to in order to maintain best security practices,” said Eric Aarrestad, Vice President at WatchGuard Technologies. “The devil is in the details when it comes to security. Hopefully, this quick list helps remind businesses owners and IT management that little things can make a big difference in preventing data loss.”

The instructions for doing so are simply to click on the settings cog at the top of the Google page, then select “Search Settings”.

Next find “Personal results” and select “Do not use personal results”.

This makes the “Hide personal results” the default for your searching pleasure.

Thank you to Melanie Pinola for posting that as I have already had a few people inquire about it!

Homeland Secure IT Alert

Homeland Secure IT Alert for Wednesday, January 11, 2012

Yesterday was Adobe’s first patch day of the new year and the security bulletin describes a total of six vulnerabilities in Adobe Reader and Acrobat X 10.1.1 and older, on both Microsoft Windows and Apple Mac.

The issues that are addressed are considered “critical” in nature and the solution is to download and deploy updates or to allow the Adobe Software Updater to perform the updates for you.

Adobe Reader X 10.1.2

• For Windows
• For Mac

Adobe Acrobat X 10.1.2

• Standard and Pro for Windows
• Pro Extended for Windows
• Pro for Mac

Homeland Secure IT Alert

The email included the following information:

1. This is a company-wide project focused on technically positioning our customer base for advanced HSI products and increased speeds.
2. The communication is handled via a browser message that will alert only those customers with older docsis 1 or 1.1 modems and asking them swap.
3. Replaced at no cost to the customer, including customer owned modems. See sample screenshot image below…
4. The customer will communicate with us via phone at 877.739.0427 or use the browser link to expedite the delivery.
5. All modems will be sent via mail to the mailing address on the account. (again, at no cost to the customer)
6. The modems will be mailed as a self install kit from a central distribution center.

Here’s the link: https://connect.charter.com/replacemodem/

If you have any questions about Charter internet, phone or television, either home or business, please call us at 864.990.4748 or email info@homelandsecureit.com

Hughes probably has the highest market penetration, and those using it have been quick to complain about caps and upload speed.

This is where ViaSat comes in. They revealed their home satellite system at CES and Engadget has a pretty good write-up with a video that tells more about the 12 Mbps down/3 Mbps up service that runs $50.oo per month.

What is left out is what types of data caps they may have.

The Advance Notification outlines 7 bulletins that cover updates from “important” to “critical” in Microsoft Windows (XP / Server 2003 / Vista / Server 2008) and Microsoft Developer Tools & Software.

Most will require a restart, or at least MAY require a restart.

On the Advance Notification page you can find out more about the updates coming your way on January 10th.

If you require assistance with these updates or any other security issue in the Greenville / Upstate SC area please call us at 864.990.4748 or email info@homelandsecureit.com

Apple Safari web browser can be used as an avenue that would allow malicious code on a web site to be run with whatever privileges you have on that computer.

Here’s an actual security bulletin you can read about this:

https://secunia.com/advisories/47237/

Until this is patched for sure, I believe I would not be using the Apple Safari browser on a Windows 7 machine.  Just my two cents.

Well, HP released a fix for that a week or so back… However, they didn’t mention fire issue.

None-the-less, you may wish to consider upgrading.

Should you require assistance applying updates to your devices, servers or computers in the Greenville or Upstate SC area, you can call upon us at 864.990.4748 or email info@homelandsecureit.com

http://technet.microsoft.com/security/bulletin/ms11-dec

Critical Security Bulletins

============================

MS11-100

- Affected Software:

- Windows XP Service Pack 3

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows XP Professional x64 Edition Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Server 2003 Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Server 2003 x64 Edition Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Server 2003 with SP2 for Itanium-based Systems

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Vista Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Vista x64 Edition Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows Server 2008 for 32-bit Systems Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 2.0 Service Pack 2

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 3.5 Service Pack 1

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 4

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for x64-based Systems Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 2.0 Service Pack 2

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 3.5 Service Pack 1

(Windows Server 2008 Server Core installation not affected)

- Microsoft .NET Framework 4

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for Itanium-based Systems Service Pack 2

- Microsoft .NET Framework 1.1 Service Pack 1

- Microsoft .NET Framework 2.0 Service Pack 2

- Microsoft .NET Framework 3.5 Service Pack 1

- Microsoft .NET Framework 4

- Windows 7 for 32-bit Systems only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Windows 7 for 32-bit Systems Service Pack 1 only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Windows 7 for x64-based Systems only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Windows 7 for x64-based Systems Service Pack 1 only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Windows Server 2008 R2 for x64-based Systems only:

- Microsoft .NET Framework 3.5.1

(Windows Server 2008 R2 Server Core installation affected)

- Microsoft .NET Framework 4

- Windows Server 2008 R2 for x64-based Systems Service Pack 1 only:

- Microsoft .NET Framework 3.5.1

(Windows Server 2008 R2 Server Core installation affected)

- Microsoft .NET Framework 4

(Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1 only:

- Microsoft .NET Framework 3.5.1

- Microsoft .NET Framework 4

- Impact: Elevation of Privilege

- Version Number: 1.0

We’re working on new and exciting things that will help us to provide even better computer service & support to Greenville and Upstate area individuals and businesses, as well as bringing on new products as requested by our clients.

Our office will be closed tomorrow, Friday the 30th, and will not reopen until Monday the 3rd of January, 2012. If you need emergency assistance, please call our office or send an email, we will be monitoring voice mail and email and will get back with you ASAP! Most clients have our cell phone numbers and shouldn’t hesitate to call if a need arises.

We wish you, your family and your business many blessings in the coming year!

Also, if you are looking for a great party, come to The Hide-Out in Easley and catch The Dockside Band on New Year’s Eve! We’ll be playing all your favorite tunes.

http://facebook.com/DocksideBand or http://www.TheDocksideBand.com for more info!

More information is available here: http://technet.microsoft.com/security/advisory/2659883

Two notes from that page listed as “Mitigating Factors”:

• By default, IIS is not enabled on any supported Windows operating system
• Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable

Please visit the URL above to find out if your OS and version/s of the .NET Framework are affected. Basically it affects every OS, from Windows XP, Vista, 7, Server 2003, and Server 2008 R2, in 64 and 32 bit flavors, and just about every version of the .NET Framework.

Scroll down to the “Suggested Actions” section and read about “Workarounds” if you are using IIS.

If you are in the Greenville or Upstate, SC area and need assistance with this or any other computer service / support issue, please call us at 864.990.4748 or email info@homelandsecureit.com

‘Twas The Night Before Christmas – Computer Version

I first read this story on a University of Arkansas computer system sometime before 1985 and promptly typed it up and put it on my BBS (Non-Prophet BBS) for people to read. I have sent it in email, and “snail mail” for the last 25 years or so…  I still get a kick out of it.   If anyone knows the author, please contact me so I can give credit and thank them. – John M. Hoyt

‘Twas The Night Before Christmas – Computer Version

‘Twas the night before Christmas, and all through the shop,
The computers were whirring; they never do stop.
The power was on and the temperature right,
In hopes that the input would feed back that night.

The system was ready, the program was coded,
And memory drums had been carefully loaded;
While adding a Christmasy glow to the scene,
The lights on the console, flashed red, white and green.

When out in the hall there arose such a clatter,
The programmer ran to see what was the matter.
Away to the hallway he flew like a flash,
Forgetting his key in his curious dash.
He stood in the hallway and looked all about,
When the door slammed behind him, and he was locked out.

Then, in the computer room what should appear,
But a miniature sleigh and eight tiny reindeer;
And a little old man, who with scarcely a pause,
Chuckled: “My name is Santa…the last name is Claus.”

The computer was startled, confused by the name,
Then it buzzed as it heard the old fellow exclaim:
“This is Dasher and Dancer and Prancer and Vixen,
And Comet and Cupid and Donner and Blitzen.”

With all these odd names, it was puzzled anew;
It hummed and it clanked, and a main circuit blew.
It searched in its memory core, trying to “think”;
Then the multi-line printer went out on the blink.

Unable to do its electronic job,
It said in a voice that was almost a sob:
“Your eyes – how they twinkle – your dimples so merry,
Your cheeks so like roses, your nose like a cherry,

Your smile – all these things, I’ve been programmed to know,
And at data-recall, I am more than so-so;
But your name and your address (computers can’t lie),
Are things that I just cannot identify.

You’ve a jolly old face and a little round belly,
That shakes when you laugh like a bowl full of jelly;
My scanners can see you, but still I insist,
Since you’re not in my program, you cannot exist!”

Old Santa just chuckled a merry “ho, ho”,
And sat down to type out a quick word or so.
The keyboard clack-clattered, its sound sharp and clean,
As Santa fed this “data” into the machine:

“Kids everywhere know me; I come every year;
The presents I bring add to everyone’s cheer;
But you won’t get anything – that’s plain to see;
Too bad your programmers forgot about me.”

Then he faced the machine and said with a shrug,
“Merry Christmas to All,” as he pulled out its plug,
“And to all, a good night!”

 Merry Christmas everyone!!!!

Well, it appears, that someone at the RIAA has been doing a little illegal downloading of their own, though the RIAA claims it was not them.

Here’s more information:

http://torrentfreak.com/riaa-someone-else-is-pirating-through-out-ip-addresses-111221/

So secure those access points, and disable unused network jacks in public locations to keep from receiving a nasty-gram because someone else is using your internet connection to download.

If you need help securing your business or home, we can help in the Greenville / Upstate, SC area. We can even help the RIAA.  Call us at 864.990.4748 or email info@homelandsecureit.com

Patch ‘em up!

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA11-350A

Adobe Updates for Multiple Vulnerabilities

Original release date: December 16, 2011

Last revised: –

Source: US-CERT

Systems Affected

* Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh

* Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh, and UNIX

* Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh

* Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows and Macintosh

Overview

Adobe has released Security Bulletin APSB11-30, which describes

multiple vulnerabilities affecting Adobe Reader and Acrobat.

I. Description

Adobe Security Bulletin APSB11-30 and Adobe Security Advisory

APSA11-04 describe a number of vulnerabilities affecting Adobe

Reader and Acrobat. These vulnerabilities affect Reader and Acrobat

9.4.6 and earlier 9.x versions. These vulnerabilities also affect

Reader X and Acrobat X 10.1.1 and earlier 10.x versions.

An attacker could exploit these vulnerabilities by convincing a

user to open a specially crafted PDF file. The Adobe Reader browser

plug-in, which can automatically open PDF documents hosted on a

website, is available for multiple web browsers and operating

systems.

Adobe Reader X and Adobe Acrobat X will be patched in the next

quarterly update scheduled for January 10, 2012.

Additional details for the U3D memory corruption vulnerability can

be found in US-CERT Vulnerability Note VU#759307.

II. Impact

These vulnerabilities could allow a remote attacker to execute

arbitrary code, write arbitrary files or folders to the file

system, escalate local privileges, or cause a denial of service on

an affected system as the result of a user opening a malicious PDF

file.

III. Solution

Update Reader

Adobe has released updates to address this issue. Users are

encouraged to read Adobe Security Bulletin APSB11-30 and update

vulnerable versions of Adobe Reader and Acrobat.

In addition to updating, please consider the following mitigations.

Disable Flash in Adobe Reader and Acrobat

Disabling Flash in Adobe Reader will mitigate attacks that rely on

Flash content embedded in a PDF file. Disabling 3D & Multimedia

support does not directly address the vulnerability, but it does

provide additional mitigation and results in a more user-friendly

error message instead of a crash. To disable Flash and 3D &

Multimedia support in Adobe Reader 9, delete, rename, or remove

access to these files:

Microsoft Windows

“%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll”

“%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll”

Apple Mac OS X

“/Applications/Adobe Reader 9/Adobe

Reader.app/Contents/Frameworks/AuthPlayLib.bundle”

“/Applications/Adobe Reader 9/Adobe

Reader.app/Contents/Frameworks/Adobe3D.framework”

GNU/Linux (locations may vary among distributions)

“/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so”

“/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so”

File locations may be different for Adobe Acrobat or other Adobe

products that include Flash and 3D & Multimedia support. Disabling

these plugins will reduce functionality and will not protect

against Flash content that is hosted on websites. Depending on the

update schedule for products other than Flash Player, consider

leaving Flash and 3D & Multimedia support disabled unless they are

absolutely required.

Disable JavaScript in Adobe Reader and Acrobat

Disabling JavaScript may prevent some exploits from resulting in

code execution. Acrobat JavaScript can be disabled using the

Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable

Acrobat JavaScript).

Adobe provides a framework to blacklist specific JavaScipt APIs. If

JavaScript must be enabled, this framework may be useful when

specific APIs are known to be vulnerable or used in attacks.

Prevent Internet Explorer from automatically opening PDF files

The installer for Adobe Reader and Acrobat configures Internet

Explorer to automatically open PDF files without any user

interaction. This behavior can be reverted to a safer option that

prompts the user by importing the following as a .REG file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\AcroExch.Document.7]

“EditFlags”=hex:00,00,00,00

Disable the display of PDF files in the web browser

Preventing PDF files from opening inside a web browser will

partially mitigate this vulnerability. If this workaround is

applied, it may also mitigate future vulnerabilities.

To prevent PDF files from automatically being opened in a web

browser, do the following:

1. Open Adobe Acrobat Reader.

2. Open the Edit menu.

3. Choose the Preferences option.

4. Choose the Internet section.

5. Uncheck the “Display PDF in browser” checkbox.

Remove or restrict access to 3difr.x3d

By removing or restricting access to the 3difr.x3d file, Adobe

Reader and Acrobat will fail to render U3D content, which helps to

mitigate this vulnerability. PDF documents that use the PRC format

for 3D content will continue to function on Windows and Linux

platforms.

To disable U3D support in Adobe Reader 9 on Microsoft Windows,

delete or rename this file:

“%ProgramFiles%\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d”

For Apple Mac OS X, delete or rename this directory:

“/Applications/Adobe Reader 9/Adobe

Reader.app/Contents/Frameworks/Adobe3D.framework”

For GNU/Linux, delete or rename this file (locations may vary among

distributions):

“/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d”

File locations may be different for Adobe Acrobat or other Adobe

products or versions.

Do not access PDF files from untrusted sources

Do not open unfamiliar or unexpected PDF files, particularly those

hosted on websites or delivered as email attachments. Please see

Cyber Security Tip ST04-010.

IV. References

* Security update available for Adobe Reader and Acrobat -

<https://www.adobe.com/support/security/bulletins/apsb11-30.html>

* Adobe Reader and Acrobat JavaScript Blacklist Framework -

<http://kb2.adobe.com/cps/504/cpsid_50431.html>

* Adobe Acrobat and Reader U3D memory corruption vulnerability -

<http://www.kb.cert.org/vuls/id/759307>

* Security Advisory for Adobe Reader and Acrobat -

<https://www.adobe.com/support/security/advisories/apsa11-04.html>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA11-350A.html>

____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with “TA11-350A Feedback VU#759307″ in

the subject.

____________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

____________________________________________________________________

Produced 2011 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>

____________________________________________________________________

Revision History

December 16, 2011: Initial release

—–BEGIN PGP SIGNATURE—–

Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf

ymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+

/p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ

lL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO

uuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg

y7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ==

=rKM4

—–END PGP SIGNATURE—–

Merry Christmas from Homeland Secure IT

Christmas is almost upon us!

Hope you have your shopping done by now, and if not, well, it’s not too late to order a notebook, netbook, desktop or tablet computer from Homeland Secure IT!

We offer sales of all major brands of computers and components such as HP, Dell, Lenovo, Toshiba, Acer, NexLink, Asus, Samsung and more. Whether it is a business computer or one for your personal uses, we have something for you or the person on your list you have forgotten about not found the perfect gift for!

Orders placed are generally here at our Greenville office the next business day before lunch at no additional charge!!!!

We will be closing on Friday, December 23rd so our staff can spend time with their families, and we will be in the field on a server deployment on Monday, December 26th, however, we *WILL* be available for emergency calls should you need us!

Microsoft Exchange Server 2010 SP2

As promised, Microsoft released SP2 for Exchange Server 2010 on 2011-12-12, and the SP brings with it a number of features and fixes:

• Incorporates all the changes from Update Rollup 1 through 6 for SP1
• Adds Hybrid Configuration Wizard for ease of managing a deployment between your on site Exchange and your Office 365 Exchange
• Introduces Address Book Policies, which determine the GAL, OAB, room list and address lists that are visible to the mailbox user that is assigned that policy
• New Cross-Site Silent Redirection for Outlook Web App can pass off requests to another server in another Active Directory site, and also permit a single sign-on
• Adds Mini Version of Outlook Web App suited for mobile users (tablets, pads, smart phones, basically anything with a browser)
• Mailbox Replication Service changes permit you to move mailboxes from on-premises to another forest or Outlook.com
• Mailbox Auto-Mapping changes allow you to disable Auto-Mapping to save on resources
• Added five Multi-Valued Custom Attributes which allow you to store additional information for your mail recipient objects
• Litigation Hold prohibits you from disabling or deleting a mailbox that has been placed on “litigation hold”

If you are running an Exchange Server 2010 without the current rollups applied to SP1, updating to SP2 today is a great idea as you can kill multiple birds with one stone!

Should you require assistance in the Greenville or Upstate, SC area please call 864.990.4748 or email info@homelandsecureit.com

Last updated December 13, 2011