Homeland Secure IT Alert

Secure IT Alert for Thursday, February 2, 2012

If you are running a current version of Apple Mac OS X, 10.6.x or OS X 10.7.x  (Snow Leopard & Lion respectively), then you are vulnerable to exploits that these patches correct.

These security flaws could potentially allow an attacker to execute code on your computer after you visit a malicious web site or download/view affected documents or files, or allow Denial of Service (DoS) or even elevation of privileges.

How do you fix this? Apple has released OS X Security Update 2012-001 and OS X 10.7.3 to fix these security problems – UPDATE ASAP.

The 52 security vulnerabilities affect 27 components that are part of OS X and OS X server.  Some of the affected software includes: Apache, OpenGL, PHP, QuickTime and Time Machine.

A few examples:

Buffer overflow vulnerability in ImageIO – View a malicious image and it could result in a crash of an application, or code to be executed on your computer. The upside is, it would only execute with your privileges.

Buffer overflow vulnerability in CoreAudio – Play a malicious audio file and experience a crash of your system, or execute code with your privileges.

QuickTime vulnerabilities – Six of these babies could mean that if you open a malicious image or video in QT, code could be executed with your privileges.

The full update information can be found at http://support.apple.com/kb/HT5130

Should you require assistance in applying these updates, do not hesitate to call us in the Greenville or Upstate SC area at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert

#LeapIntoIT Kindle Fire Giveaway

It’s that time again!  Time for us to have some fun, and help one of our Upstate, SC friends get something cool to play with.

We’ve given away stuff before, like Trend Micro anti-virus, a wireless IP security camera, a Cisco Flip Mino HD video camera, Microsoft Office 2010, and even a Microsoft X-BOX 360, but this is likely the most exciting thing yet, or at least the 2nd most exciting!

We decided that since it is a Leap Year, we will help one person leap into the tablet computer revolution by giving them one of the hottest little tablets out… The Amazon Kindle Fire!  It is far more than just an eBook Reader, it’s a smokin’ hot tablet too!  So hot, it’s on FIRE! =)

Let’s call it the “Leap Into IT” giveaway!  #LeapIntoIT

Who is eligible?

Anyone who can walk into the Homeland Secure IT office at 104 Mauldin Rd, STE E in Greenville, SC to retrieve the tablet in person. We will NOT SHIP IT. Also, you must not be prohibited by law from participating in any giveaway, and all that legal mumbo-jumbo. Let’s put an age restriction on it too.  You must not be older than, no wait, you must be at least 18 to participate.

Employees of Homeland Secure IT cannot play this silly game because they would never get any work done.

Past winners of Homeland Secure IT giveaways ARE eligible (Andrea, James, Hal, etc)

How do you get involved in this?

There is NO purchase necessary, but there are some things that you will want to do…

• Pass through our initiation process – This is where you tattoo your forehead with the Homeland Secure IT logo. Okay, this is optional.
• Sign up to this blog by hitting the SUBSCRIBE BUTTON over in the right-hand column. You can receive the daily blog posts in email first thing in the morning this way. And you can opt out later (after the contest is over) when you get tired of my yammering…
• Sign up for our SUPER LOW traffic mailing lists HERE … We rarely send anything out, so you won’t be too annoyed. You can unsubscribe from either or both at anytime, AFTER the contest end date.
• Go to our home page at www.HomelandSecureIT.com and hit the Google +1 button & Facebook “like” while you are there.
• Go to our Google business places page and leave a review and rating (hopefully a good one)
• Go to Merchant Circle and leave a review/rating
• Go to Yelp and leave a review/rating
• Go to Yahoo! and leave a review/rating
• LIKE us on facebook HERE …     Follow us on Twitter HERE …

Here is a list of ways to connect:  

http://www.homelandsecureit.com/connect.html

If you connect in a different manner and you feel it is important, email me, or tag me in a post so I can see what you have done and count that as well!

In review, it is up to you to determine how much, or how little you wish to get involved. The more ways you connect, the more chances to get this darn Kindle Fire!

How is the selection made?

Good question! We lay out a grid, with your each name written in it in the parking lot, and we then shoot a gerbil straight into the air, and in whatever grid the gerbil falls into, that’s our winner.

Okay, (maybe) it isn’t like that at all.  No, in fact it is not.

On February 29th, 2012, I’ll take every name/email address from our mailing lists, all the names of those who have reviewed us on Yelp, Google Places, Yahoo! & Merchant Circle, all the mentions on Facebook, Twitter, Linked-In, all the Likes and Follows on Twitter, Facebook, Linked-In, all the Google Plus +1s, and dump them into a spread sheet. Next I go to www.Random.Org and put the number of lines in my spreadsheet as the max number and generate a random number.

Whoever matches that number in the spreadsheet is contacted.

If they are out of the area and cannot get it in person, another number will be selected and the process repeated until we have a winner!

So, with that said… Let’s do this!   Leap Into IT!!!!

Cisco SPA525G2 with 32 button sidecar

One of the best selling phones for the small and medium business (SMB) market is the Cisco SPA525G2 phone. The entire series of SPA phones are affordable, reliable and well suited to SMB use, but the 525 G2 is the current big daddy with its color display, ability to play MP3s from a memory stick, sync to your cell phone via bluetooth, built-in bluetooth for wireless headset usage and so much more.

On every system we sell that includes the SPA 525, we get a few questions like, ‘How do you answer another extension?”, and of course we answer it, but, with such a long list of these “star codes”, I can’t remember them myself.

Cisco Star Codes for SPA525G2 Phones:

• Call Return (*69)—Calls the last caller, regardless which extension.
• Blind Transfer (*98)—Allows the user to transfer a call to another number  without waiting for the other party to pick up.
• Call Back Act (*66)—Periodically redials the last busy number (every 30  seconds by default) until it rings or until the attempt expires (30 min by default), regardless which extension. Only one call back operation can be ordered at a time. A new order automatically cancels the previous order.
• Call Back Deact (*86)—Cancels the last call back operation.
• Call Forward All Act (*72)—Call forwards all inbound calls. Applies to primary extension only.
• Call Forward All Deact (*73)—Cancels call forward all. Applies to primary extension only.
• Call Forward Busy Act (*90)—Call forwards on busy. Applies to primary extension only.
• Call Forward Busy Deact (*91)—Cancels call forward on busy. Applies to primary extension only.
• Call Forward No Answer Act (*92)—Call forwards if no answer. Applies to primary extension only.
• Call Forward No Answer Deact (*93)—Cancels call forward no answer. Applies to primary extension only.
• CW Act (*56)—Enables call waiting. For example, if call waiting is turned off globally, this star code will turn on call waiting until the CW Deact code is entered.
• CW Deact (*57)—Deactivates call waiting. For example, if call waiting is turned on globally, this star code deactivates call waiting until the CW Act code is entered.
• CW Per Call Act (*71)—Enables call waiting for a single call. For example, if  call waiting is turned off globally, this star code will turn on call waiting for that call.
• CW Per Call Deact (*70)—Deactivates call waiting for a single call. For example, if call waiting is turned on globally, this star code deactivates call waiting for that call.
• Block CID Act (*67)—Blocks caller ID on all outbound calls. Applies to all extensions.
• Block CID Deact (*68)—Deactivates caller ID blocking on outbound calls. Applies to all extensions.
• Block CID Per Call (*81)—Blocks caller ID on the next outbound call (on the current call appearance only).
• Block CID Per Call Deact (*82)—Deactivates caller ID blocking on the next outbound call (on the current call appearance only).
• Block ANC Act—Blocks anonymous calls. Applies to all extensions.
• Block ANC Deact—Deactivates anonymous call blocking. Applies to all  extensions.
• DND Act (*78)—Activates Do Not Disturb. Applies to all extensions.
• DND Deact (*79)—Deactivates Do Not Disturb. Applies to all extensions.
• Secure All Call Act (*16)—Defaults to prefer to use encrypted media (voice codecs).
• Secure No Call Act (*17)—Defaults to prefer to use unencrypted media for all outbound calls. Applies to all extensions.
• Secure One Call Act (*18)—Prefers to use encrypted media for the outbound call (on this call appearance only).
• Secure One Call Deact (*19)—Prefers to use unencrypted media for the outbound call (on this call appearance only).
• Paging (*96)—Pages the number called.
• Call Park (*38)—Parks a call on an entered line number.
• Call UnPark Code (*39)—Retrieves a call from an entered line number.
• Call Pickup (*36)—Picks up a call at an entered extension.
• Group Call Pickup (*37)—Picks up a ringing call at a group of extensions.
• Media Loopback Code (*03)—A service provider can set up a test call from an IP media loopback server (the source) to a subscriber’s VoIP device (the mirror). The test call provides statistical reporting on network performance  and audio quality.

Depending on the source’s capabilities, the SP can see packet jitter, loss, and delay (although Media Loopback cannot identify an offending hop). This helps the SP identify an offending hop that could be causing issues in VoIP calls to a subscriber. The test results can also provide audio quality scoring, which lets a SP better understand the subscriber’s experience.

Referral Services Codes—One or more * codes can be configured into this parameter, such as *98, or *97|*98|*123, and so on. The maximum total length is 79 characters.
This parameter applies when the user places the current call on hold (by Hook Flash) and is listening to second dial tone. Each * code (and the following valid target number according to current dial plan) entered on the second dial-tone triggers the Cisco IP phone to perform a blind transfer to a target number that is prepended by the service * code. For example:
a. After the user dials *98, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends a blind REFER  to the holding party with the Refer-To target equals to *98 target_number. This  feature allows the Cisco IP phone to hand off a call to an application server to perform further processing, such as call park. The * codes should not conflict with any of the other vertical service codes internally processed by the Cisco IP phone. You can delete any * code that you do  not want the call server to process.

Feature Dial Services Codes: Tells the Cisco IP phone what to do when the user is  listening to the first or second dial tone.
You can configure one or more * codes into this parameter, such as *72, or *72|*74|*67|*82, and so on. The maximum total length is 79 characters. When the user has a dial tone (first or second dial tone), they can enter a * code (and the  following target number according to current dial plan) to trigger the Cisco IP phone to call the target number prepended by the * code. For example:
a. After the user dials *72, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends an INVITE to *72 target_number as in a normal call. This feature allows the proxy to process features such as call forward (*72) or BLock Caller ID (*67).
You can add a parameter to each * code in Features Dial Services Codes to indicate what tone to play after the * code is entered, such as *72‘c‘|*67‘p‘.

Following is a list of allowed dial tone parameters (note the use of back quotes surrounding the parameter without spaces).

•  ‘c‘ = Cfwd dial tone
•  ‘d‘ = Dial tone
•  ‘m‘ = MWI dial tone
•  ‘o‘ = Outside dial tone
•  ‘p‘ = Prompt dial tone
•  ‘s‘ = Second dial tone
•  ‘x‘ = No tones are place, x is any digit not used above

If no tone parameter is specified, the Cisco IP phone plays the prompt tone by default.
If the * code is not to be followed by a phone number, such as *73 to cancel call forwarding, do not include it in this parameter. In that case, add that * code in the dial plan.

Homeland Secure IT is happy to be a Cisco SMB Select Partner! If we can provide your business VoIP support in the Greenville / Upstate, SC area, please call upon us at 864.990.4748 or email info@homelandsecureit.com

If you are using pcAnywhere to remotely access your computer, you probably want to go read the “pcAnywhere Security Recommendations” posted by Symantec.

http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf

The danger is that someone so inclined could potentially access your computer through vulnerabilities exposed from old source code, and gain full access to your computer, files and your network.

To sum it up, disabling pcAnywhere is a surefire way to protect yourself and your company.

If you have questions about this or any other security issue in the Greenville or Upstate SC area, please call upon Homeland Secure IT, we can help set your mind at ease.  864.990.4748

So you have been cruising along at your business for years and all has been great, but now, out of the blue, people on your network are having trouble viewing websites.

You found that if you reboot that firewall (pull the plug on the thing since there is no power supply) that YOU get back online right away, but then later that day, someone else on the network is now having trouble accessing websites so you reboot the firewall and all is well, for a while.

What could it be? It MUST be the firewall going bad since that fixes it.

Before jumping to that conclusion and just replacing the device, think back. Has your company grown? Maybe you have added a few new employees, or, maybe you have added tablets or other connected devices.

What could be happening here is that you have added one too many devices to your network and exceeded the number of seats that your firewall appliance supports. When you originally purchased that device, a technician counted the number of computers, servers and connected devices and said “You need a 25 user firewall and it will cost $xxx.xx”, to which you agreed and promptly forgot about.

Now, flash forward to today and your 12 users and a server have grown to 15 users, two servers and many people have iPads or Android tablets or phones, taking you past the 25 user limit.  The last person to connect once you go over the limit will generally be denied access to websites by the firewall, as a warning that you have exceeded the license terms, and it probably won’t “reset” just by turning that computer off, you will have to reboot the firewall to free unused seats up.

So what are you going to do about it? I guess you could tell the employees to stop connecting their personal phones to your network, or you could replace the firewall with a cheap router that has no limitations.

Both will work, but are bad ideas.

The real solution is to correct the licensing issue. Determine how many connected devices you have within your network, and estimate how many you will need for the next year, then talk to a vendor who can provide the proper licenses and apply those for you. Don’t forget to include VoIP and security systems, even copiers and connected printers, as they may require a seat too.

If you are experiencing rapid growth, consider upgrading to an unlimited license.

Just a note – If you have an old device, say 4-5 years old, now may be the time to consider upgrading the entire device to the latest technology at the same time you correct the user limitation!

Should you require help with this, Homeland Secure IT offers sales and support of most major brands of firewalls. We partner with Cisco, WatchGuard, SonicWALL, TrendNet, D-Link, NetGear and more! Call us for more information in the Greenville / Upstate SC area – 864.990.4748 or email info@homelandsecureit.com

Remember the flaw that was announced around the beginning of December 2011, where hackers could possibly cause HP printers to burst into flames?

Well, HP released a fix for that a week or so back… However, they didn’t mention fire issue.

None-the-less, you may wish to consider upgrading.

Should you require assistance applying updates to your devices, servers or computers in the Greenville or Upstate SC area, you can call upon us at 864.990.4748 or email info@homelandsecureit.com

Everyone here at Homeland Secure IT would like to thank you for another year of friendship and support…   2011 was awesome and 2012 is going to be even better!

We’re working on new and exciting things that will help us to provide even better computer service & support to Greenville and Upstate area individuals and businesses, as well as bringing on new products as requested by our clients.

Our office will be closed tomorrow, Friday the 30th, and will not reopen until Monday the 3rd of January, 2012. If you need emergency assistance, please call our office or send an email, we will be monitoring voice mail and email and will get back with you ASAP! Most clients have our cell phone numbers and shouldn’t hesitate to call if a need arises.

We wish you, your family and your business many blessings in the coming year!

Also, if you are looking for a great party, come to The Hide-Out in Easley and catch The Dockside Band on New Year’s Eve! We’ll be playing all your favorite tunes.

http://facebook.com/DocksideBand or http://www.TheDocksideBand.com for more info!

Microsoft Exchange Server 2010 SP2

As promised, Microsoft released SP2 for Exchange Server 2010 on 2011-12-12, and the SP brings with it a number of features and fixes:

• Incorporates all the changes from Update Rollup 1 through 6 for SP1
• Adds Hybrid Configuration Wizard for ease of managing a deployment between your on site Exchange and your Office 365 Exchange
• Introduces Address Book Policies, which determine the GAL, OAB, room list and address lists that are visible to the mailbox user that is assigned that policy
• New Cross-Site Silent Redirection for Outlook Web App can pass off requests to another server in another Active Directory site, and also permit a single sign-on
• Adds Mini Version of Outlook Web App suited for mobile users (tablets, pads, smart phones, basically anything with a browser)
• Mailbox Replication Service changes permit you to move mailboxes from on-premises to another forest or Outlook.com
• Mailbox Auto-Mapping changes allow you to disable Auto-Mapping to save on resources
• Added five Multi-Valued Custom Attributes which allow you to store additional information for your mail recipient objects
• Litigation Hold prohibits you from disabling or deleting a mailbox that has been placed on “litigation hold”

If you are running an Exchange Server 2010 without the current rollups applied to SP1, updating to SP2 today is a great idea as you can kill multiple birds with one stone!

Should you require assistance in the Greenville or Upstate, SC area please call 864.990.4748 or email info@homelandsecureit.com

This came in email from our Charter rep and may be of interest to you if you have not already seen this:

Charter Ups Broadband Speeds Again, Bumps Top Tier to 100 Mbps –

DiGeronimo says DSL is Basically Archaic

Original Publication Date: 12/1/2011

Original News Source: Multichannel News

By Todd Spangler — Multichannel News, 12/1/2011 3:00:00 PM

Looking to kick more sand in the face of DSL, Charter Communications is increasing connection speeds of its three top broadband tiers — Express, Plus and Ultra, which will now provide downloads of up to 100 Megabits per second — at no additional cost for subscribers.

The speed boosts are the MSO’s fourth in the last three years. The faster speeds will take effect in markets with DOCSIS 3.0 technology deployed, which represents approximately 95% of Charter’s service area.

“As customers share multiple devices on a single connection, we want to send a very strong message: DSL is basically archaic,” said Rich DiGeronimo, Charter’s senior vice president of product and strategy.

Charter is increasing Internet Express downstream speeds from 12 Mbps to up to 15 Mbps, and increasing upstream speeds from 1 Mbps to up to 3 Mbps. Internet Plus downstream speeds are being increased from 18 Mbps to up to 30 Mbps, and upstream speeds are being increased from 2 Mbps to up to 4 Mbps.

In addition, Charter’s fastest residential offering is increasing from 60 Mbps to 100 Mbps — with Ultra100 providing 100 Mbps downstream and 5 Mbps upstream. Charter’s Internet Lite tier will remain 3 Mbps down.

The midlevel Plus tier, at 30/4, is now faster than the fastest AT&T U-verse Internet service available. Charter’s footprint overlap with AT&T is 60%, although U-verse is not available in all of those areas.

“We believe we have an advantage in this space,” DiGeronimo said. “The thirst for speed is only growing.”

Charter is offering Express for $19.99 per month for 12 months to new customers, Plus for $29.99 per month. Ultra100 is $40 more per month than the Express tier.

“We’re not asking for more money. It’s really about differentiation,” DiGeronimo said. About 90% of Charter’s broadband customers take either Express and Plus service.

Charter’s broadband services are subject to different usage thresholds. Customers with Lite and Express tiers are allotted at 100 Gigabytes of bandwidth usage per month, while those on the Plus and Max services have a threshold of 250 GB per month. The Ultra100 tier will be capped at 500 GB per month; previously, the Ultra60 tier did not have a maximum usage limit. Charter currently does not charge overage fees for those who exceed the thresholds; however, users’ accounts may be suspended for repeated violations.

Charter also is increasing speeds for business customers, bumping up commercial Internet speeds at no cost for two of its most popular services, Charter Business Internet Essentials16 and 25. The speed increase will take place in approximately 95% of Charter’s service areas nationwide.

Specifically, the speed increases are: Internet Essetials16, with download speeds of 16 megabits per second (Mbps) and upload speeds of 2 Mbps, will increase to up to 20 Mbps download and up to 3 Mbps upload; and Internet Essentials25, with download speeds of 25 Mbps and upload speeds of 3 Mbps, will increase to up to 30 Mbps download and up to 4 Mbps upload — which the MSO notes is at least 6 times faster than 5 Mbps DSL service and 20 times faster than T1 lines. Charter’s fastest commercial offerings, Pro50 and Pro100, remain the same, providing up to 50 Mbps download/5 Mbps upload and up to 100 Mbps download/5 Mbps upload, respectively.

—

Homeland Secure IT loves Charter! We help Greenville & Upstate South Carolina individuals & businesses get connected with high speed internet all the time and Charter, especially Charter Business, has the highest customer satisfaction of any of the ISPs we work with. If you are feeling the need for speed, email us at info@homelandsecureit.com or call 864.990.4748 and we can assist you in the search for the best service and the best price!

An Early Christmas for Ryan

We love to give things away! From Cisco Flip cameras to X-Box 360 game consoles and everything in between…

Our November giveaway was a copy of Trend Micro Titanium Internet Security 2012 and the randomizer picked Ryan Montgomery…

You may know Ryan from Twitter as @MontyPhotoArt, but if you don’t know him at all, you should take  moment to look at his work, he’s one heck of a photographer!  Here’s his facebook page: https://www.facebook.com/RyanMontgomeryPhotos

If you didn’t win this time, there will be plenty of other free stuff! The more you connect with us, the more “entries” you get to our little games.

Actually, everyone is a winner.  We’re discounting Trend Micro Internet Security 2012 from the normal retail of 49.99 to only 30.00 because we want everyone to be protected!!!!  If you want this awesome anti-virus for your computers because you will only settle for the best, then come on down and pick up your copy. I doubt we will be able to offer this rate much longer though, so hurry! When our vendor realizes they have been charging too little and raise their rates back up, we will have to follow suit. We have about 50 copies in stock currently.

This deal is only good at our 104 Mauldin Rd, STE E, Greenville, SC office. At this price we can’t ship it to you…

Need anti-virus for your business? Trend Micro and Homeland can help you out as we offer protection for one computer or a thousand, including servers, Microsoft Exchange mail servers and more!  864.990.4748 or info@homelandsecureit.com for more information.