Kabloooieeeeeeee! Mac battery meltdown...
Could your Apple Mac Macbook, Macbook Pro or Macbook Air be a ticking timebomb? According to one researcher, yes.
An interesting article over on PHYSORG.com states that a researcher with Accuvant Labs will be demonstrating an exploit on current Mac models that could result in a battery pack actually exploding if the vulnerability is leveraged by hackers.
It seems that the issue at the heart of this matter is a firmware password that, if known, could be used by someone with malicious intent to change parameters inside the Mac fairly easily.
This will be an interesting one to watch develop over time due to the nature of firmware updates. A large majority of electronics from your A/V system remote control to the computer in your car can receive updates in various ways. Smartphones can get updates OTA (Over The Air), automatically, and so do many internet attached appliances like VoIP, IP Surveillance and Security systems.
At the time I write this, I am unaware of an actual exploit in the wild for the Apple Mac products, however, after the upcoming demonstration to a group of ”black hat” hackers, if un-addressed by Apple, we could see something out there in the next few weeks.
We don't just sell D-Link products, we know how to make them work within your environment!
Everyone is familiar with Cisco products, but not everyone may realize there are alternatives which can affect your bottom line drastically while providing an identical feature set and experience.
D-Link is a leader in the field and their products can often times go head-to-head with Cisco.
D-Link offers:
- Wireless network equipment, like access points, managed wireless switches for large scale deployments, and cloud managed systems. D-Link offers a solution for your small office or your large university campus and everything in between. Need wireless roaming of VoIP systems or to connect buildings and networks together wirelessly? They’ve got that covered.
- SAN – Network storage systems that can use your existing LAN infrastructure and compete nicely with NAS (Network Attached Storage). These work with VMWare and other virtual environments, as well as with applications like ProTools!
- Firewalls and routers, for the small or medium business to the large enterprise.
- Switches, from a single inexpensive switch to managed to stackable for your enterprise that can have a master replaced without taking the entire stack down. 10/100, gigabit, even 10GBE.
Homeland Secure IT Alert
Homeland Secure IT Alert for Wednesday, July 21st, 2011
The United States Computer Emergency Readiness Team has issued their recommendations for protection against network intrusions. I have included the entire document below, but the most current version of the document can be found here. Please keep in mind that these recommendations are not related to any one platform. These are “Best Practices” regardless of whether your business uses Microsoft, Linux or Mac OS X or whether your organization relies upon cloud computing instead of localized servers.
—
National Cyber Alert System
Technical Cyber Security Alert TA11-200A
Security Recommendations to Prevent Cyber Intrusions
Original release date: July 19, 2011
Last revised: –
Source: US-CERT
Overview
US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.
Recommendations
- Deploy a Host Intrusion Detection System (HIDS) to help block and identify common attacks.
- Use an application proxy in front of web servers to filter out malicious requests.
- Ensure that the “
allow URL_fopen” is disabled on the web server to help limit PHP vulnerabilities from remote file inclusion attacks. - Limit the use of dynamic SQL code by using prepared statements, queries with parameters, or stored procedures whenever possible. Information on SQL injections is available at http://www.us-cert.gov/reading_room/sql200901.pdf.
- Follow the best practices for secure coding and input validation; use the secure coding guidelines available at:https://www.owasp.org/index.php/Top_10_2010 and https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/305-BSI.html.
- Review US-CERT documentation regarding distributed denial-of-service attacks: http://www.us-cert.gov/cas/tips/ST04-015.html andhttp://www.us-cert.gov/reading_room/DNS-recursion033006.pdf.
- Disable active scripting support in email attachments unless required to perform daily duties.
- Consider adding the following measures to your password and account protection plan.
- Use a two factor authentication method for accessing privileged root level accounts.
- Use minimum password length of 15 characters for administrator accounts.
- Require the use of alphanumeric passwords and symbols.
- Enable password history limits to prevent the reuse of previous passwords.
- Prevent the use of personal information as password such as phone numbers and dates of birth.
- Require recurring password changes every 60-90 days.
- Deploy NTLMv2 as the minimum authentication method and disable the use of LAN Managed passwords.
- Use minimum password length of 8 characters for standard users.
- Disable local machine credential caching if not required through the use of Group Policy Object (GPO). For more information on this topic see Microsoft Support articles 306992 and 555631.
- Deploy a secure password storage policy that provides password encryption.
- If an administrator account is compromised, change the password immediately to prevent continued exploitation. Changes to administrator account passwords should only be made from systems that are verified to be clean and free from malware.
- Implement guidance and policy to restrict the use of personal equipment for processing or accessing official data or systems (e.g., working from home or using a personal device while at the office).
- Develop policies to carefully limit the use of all removable media devices, except where there is a documented valid business case for its use. These business cases should be approved by the organization with guidelines for there use.
- Implement guidance and policies to limit the use of social networking services at work, such as personal email, instant messaging, Facebook, Twitter, etc., except where there is a valid approved business case for its use.
- Adhere to network security best practices. See http://www.cert.org/governance/ for more information.
- Implement recurrent training to educate users about the dangers involved in opening unsolicited emails and clicking on links or attachments from unknown sources. Refer to NIST SP 800-50 for additional guidance.
- Require users to complete the agency’s “acceptable use policy” training course (to include social engineering sites and non-work related uses) on a recurring basis.
- Ensure that all systems have up-to-date patches from reliable sources. Remember to scan or hash validate for viruses or modifications as part of the update process.
Feedback can be directed to US-CERT.
Produced 2011 by US-CERT, a government organization. Terms of use
Last updated July 20, 2011
—
Should your Greenville or Upstate SC based business or organization require assistance with this, please contact us at 864.990.4748 or email info@homelandsecureit.com. We offer firewalls and security appliances from our partners such as Cisco, WatchGuard, SonicWALL, and more!
Homeland Secure IT Alert
Kensington Security Lock
Last week I wrote about hard drive encryption which could protect your data in the event your notebook, desktop or even a server were to be stolen… Odd that I mentioned one particular organization, Spartanburg Regional Medical Center, which had suffered two computer losses as of the date of that posting, because yesterday found SRMC back in the news with the report of a third lost computer…
This time, someone walked away with a desktop computer from a patient room. While the organization insists that the unit contained medical information, I personally have my doubts. It was a full desktop computer, valued at 2000 dollars (We sell typical business computers with a full 3 year warranty for $749 each) according to the police report. The point of contact indicated that this desktop was used to communicate with a remote server, where the real work took place. But, being in this business, you know that people save data to the local machine instead of the remote server, a LOT. And if nothing was taking place locally, why didn’t they just have a less expensive thin client instead of a full-blown desktop?
So how can you secure a piece of equipment from theft?
In reality, you cannot entirely prevent something from being stolen. If someone is intent on taking an item, they are going to find a way to do it, but computer theft can be reduced dramatically with simple & inexpensive devices. Most modern office equipment has a special slot called a “Kensington Security Slot” (also known as the “K-Slot”) that can be used to tether the device to a stationary object.
A quick look at my desk is a great example of what can be secured. My desktop computer, both monitors, an external hard drive and even my Cisco IP Phone are all equipped with the familiar Kensington slot. I looked further and found servers, desktops, a printer, monitors, an LCD projector, a netbook computer, firewalls, routers and switches with the same lock slot.
K-Slot on Desktop
There is a Kensington Slot device to suit every application. Let’s say you have a mobile cart with a desktop computer, monitor, keyboard and mouse. You can put together a Kensington security solution that will secure to the cart, with bolts/screws, then lock into the desktop tower and the monitor, along with a clamp that holds the keyboard and mouse cables. Preventing even a mouse from being stolen easily.
If you would like to discuss how your equipment can be physically secured at your Greenville or Upstate, SC location, please call us at 864.990.4748 or email info@homelandsecureit.com – A small investment now, can prevent large losses later.
If you represent SRMC or another Upstate health-care provider, we need to talk. As a favor to the medical community, and everyone served by them, Homeland Secure IT is willing to provide Kensington Security products at a steeply reduced price from retail. Call me today and let’s discuss what we can do to get those computers locked down!
The Spartanburg Regional Healthcare System notebook that was stolen from an employee’s car this year has caused concern for many individuals who’s records were contained on that device. (Story Here)
What can you do to protect your data from prying eyes in the event your notebook or even a desktop computer is stolen? Easy, you can utilize disk or file encryption… In many cases, it is available to you absolutely free of charge.
One form of encryption that you may already have, if you are using Windows Vista or 7 Ultimate or Enterprise (or Server 2008 or Server 2008 R2) is to use BitLocker drive encryption. This is built into those operating system versions and gives you the choice of three different authentication mechanisms, including a mode that requires a USB key to be in place before the data can be accessed.
Some people have opted for TrueCrypt, an open source encryption package that works with Microsoft Windows 7, Windows Vista and Windows XP, as well as Mac OS X and Linux. It has the capability to create a virtual encrypted disk that resides inside a file on the hard drive, which it mounts as a normal system disk, or to encrypt an entire partition or hard drive, including the Windows boot partition.
There are countless methods to protect your data, from the two listed above, to a plethora of commercial products in software and even hardware form. Some would argue that a “free” tool such as TrueCrypt could not be as robust as XYZ commercial offering, and while that argument has some validity, one thing is for certain; A system protected with *any* type of encryption is 100% more secure than an unprotected system.
Should you wish to talk to someone about options available to you or your business, please call us and arrange for a free, no obligation consultation here in the Greenville / Upstate, SC area. 864.990.4748 or info@homelandsecureit.com
Toshiba Thrive Android Tablet
If you are one of the many looking for an alternative to the iPad and can’t bring yourself to like Windows based tablets, Toshiba may have the device for you.
The Toshiba Thrive 16GB tablet is a brand new product featuring:
- Android 3.1 Honeycomb (Yes, it has Flash!)
- 16GB storage, 1GB DDR2 memory
- 10.1″ Display with 1080p resolution (1280×800)
- NVidia ULP GeForce graphics for fast graphics
- Stereo speakers w/Toshiba sound enhancements SRS Premium Voice Suite
- Dual cameras – 5megapixel on the back (720p capture) and 2megapixel front facing with microphone
- Expansion ports! HDMI to allow connection to your big screen or a projector for presentations, full size SD card slot, USB 2.0 (Both full sized and mini!), docking connector and a stereo headphone jack
- 802.11b/g/n Wi-Fi and Bluetooth 3.0 + HS
It also has a rubberized finish that helps you keep your grip and a replaceable battery!
There are a growing number of Android based tablets, but this one could very well be the best of the bunch (so far)…
To purchase this tablet, call us at 864.990.4748 or email info@homelandsecureit.com – We are a Toshiba partner here in Greenville / Upstate, SC.
If you would like to discuss how this product or any other tablet may work within your business, please call us…
Yes, we’re going to do it again….
We’re going to give away something! Watch here for more info.
To be eligible, you will have to subscribe to this blog, our mailing list or our FB page *AND* be able to pick up whatever trinket it is in person… We’re not shipping it out =) (So it would be best if you were in the Upstate or Greenville SC area…
Take Basic Connectivity to a New Level
The Cisco® RV 120W Wireless-N VPN Firewall combines highly secure connectivity – to the Internet as well as from other locations and remote workers – with a high-speed, 802.11n wireless access point, a 4-port switch, an intuitive, browser-based device manager, and support for the Cisco FindIT Network Discovery Utility, all at a very affordable price. Its combination of high performance, business-class features and top-quality user experience takes basic connectivity to a new level.
Cisco RV 120W Wireless-N VPN Firewall
Product Overview
• High-speed, standards-based 802.11n wireless connectivity to help employees stay productive while away from their desks
• Integrated 4-port 10/100 switch with quality of service (QoS) support for enhanced voice, video and data traffic
• Support for separate “virtual” networks enables you to control access to sensitive information and to set up highly secure wireless guest access
• IP Security (IPsec) VPN support with hardware acceleration to deliver highly secure, high-performance connections to multiple locations and traveling employees
• Support for static routing, Routing Information Protocol (RIP) versions 1 and 2, and inter-VLAN routing to enable flexible connection sharing
• Proven stateful packet inspection (SPI) firewall, plus advanced wireless security to help keep business assets safe
• Simplified configuration through an intuitive, browser-based device manager
• Support for the Cisco FindIT Network Discovery Utility
Figure 2. Back Panel of the Cisco RV 120W
Figure 3. Typical Configuration
Table 1. Product Specifications
Wireless LAN Specifications
Table 2. Wireless LAN Specifications
Table 3. Table 3 System Specifications
Table 4. Configuration Requirements
| Feature | Description |
| Network adapter | PC with network adapter and Ethernet cable |
| Web-based configuration | Web browser |
Okay, you have all seen the discussions on the Greenville News “Best of the Upstate” voting that is going on. Many people feel it is “rigged”, or that a business can “buy a vote” by paying a certain amount of money (apparently that number is $850 dollars) in order to get their actual business name listed in a category… Every other business has to be written in manually by selecting “other” at the time of voting.
How it is handled, we don’t have a clue. What if someone types “Homeland Secure IT”, is it the same as “Homeland Secure IT, LLC”, or if they expand with “Homeland Secure IT in Greenville”. Does someone actually get those tallied correctly? Again, unknown.
We don’t know who gets to vote, if a bot could vote 10,000 times or if only one vote per IP is allowed (meaning 10 people at one company couldn’t vote, only one could because they share an IP address).
Currently, it is handled in Zoomerang poll format, which does work, but it is lacking many features. Now, more my two cents on how it should be handled.
First of all, eliminate the “sponsored” listing, do not allow anyone to pay any amount of money to be listed as a favorite.
Have a dedicated website which displays categories, such as: Restaurants, Bars, Business Services, etc.
You click on a category, and it expands, such as Restaurants expands into: Mexican, Chinese, Sushi, BBQ.
Anyone voting can write-in who they want, and as places begin to populate, only the top 5 are displayed, with the actual number of votes beside them.
For the top level category, the place of business with the most votes in that category is listed as #1, totaled across all sub-categories (Because some places maybe listed in more than one sub-category).
What about voting? Who gets to vote? Making it per IP address is not right, that keeps multiple people at a single business from voting, or even more than one family member sharing a connection. How about per VERIFIED email address? Sure, some people have multiple email addresses, but that’s okay.
Now how about how often? I say ONCE per VERIFIED email address. And someone votes twice, only accept the most recent, because people DO change their mind.
Run the contest once per year, open voting for a two week period, and the running tally remains up for a year, so people can see just how close business #2 was from being #1.
Who would code this? One of the many awesome web design firms in the Upstate. Who would host it? Doesn’t matter. Wouldn’t it be possible for the web host or the developer to manipulate the results? Sure, but unlikely, and you know what? It would still be more “transparent” than the way it is currently being handled.
Just my two cents…..
nexVortex SIP Trunking for Business
If you are currently using a SIP trunking provider for your business, have a look at what nexVortex has to offer. Compare it to your current provider and see how they stack up!
Homeland Secure IT became a partner with nexVortex after researching many other providers… We needed a reliable provider who could offer the features our clients needed at a price they could afford. We found that the quality of service and the feature set offered by nexVortex fit the bill, as did their pricing!
For instance, the nexVortex Business Elite Plan offers unlimited concurrent calls, 5000 minutes of outbound (US continental & Canada), 5 DID telephone numbers, E911 and disaster recovery for only $100/month. That is everything most of the businesses we work with require, though they do have a Business Pro Plan that is even less expensive at $40/month, and that has 2000 minutes of outbound calls, unlimited concurrent calls, E911 and one telephone number.
Need 50 DIDs? How about 100, or 1000? nexVortex can provide that too, saving you lots of money in the process in many cases!
If you would like more information in the Greenville or Upstate, SC area, please call 864.990.4748 or email info@homelandsecureit.com. If you are outside of our area, that’s okay, click on the nexVortex logo and you can find everything you need on their website.
Unable to use SIP trunking due to an old phone system? We can help with that! We are have a solution that is right for your business! Please call or email today!
