Homeland Secure IT Alert
Homeland Secure IT Alert for Wednesday, January 11, 2012
Yesterday was Adobe’s first patch day of the new year and the security bulletin describes a total of six vulnerabilities in Adobe Reader and Acrobat X 10.1.1 and older, on both Microsoft Windows and Apple Mac.
The issues that are addressed are considered “critical” in nature and the solution is to download and deploy updates or to allow the Adobe Software Updater to perform the updates for you.
Adobe Reader X 10.1.2
Adobe Acrobat X 10.1.2
Homeland Secure IT Alert
I’ve written a number of blog posts about the RIAA, and how people have been wrongfully accused of stealing (pirating) by the RIAA, and law suits threatened.
Well, it appears, that someone at the RIAA has been doing a little illegal downloading of their own, though the RIAA claims it was not them.
Here’s more information:
http://torrentfreak.com/riaa-someone-else-is-pirating-through-out-ip-addresses-111221/
So secure those access points, and disable unused network jacks in public locations to keep from receiving a nasty-gram because someone else is using your internet connection to download.
If you need help securing your business or home, we can help in the Greenville / Upstate, SC area. We can even help the RIAA. Call us at 864.990.4748 or email info@homelandsecureit.com
One of the newsletters I read regularly had a link to this video… So I figured it would be a great password to use…
Data from Star Trek TNG emulates Picard’s voice with a very long password.
I just read an interesting blog post over on http://www.baekdal.com/tips/password-security-usability which gives a good case for not using random letters, numbers, case and special characters… The writer claims the password of “this is fun” would take about 2500 years to hack.
Most business security policies require passwords that are a minimum of 8 characters, with upper and lower case, numbers and special characters, and on top of that, they require you to change your password every so many days. Yes, very annoying, and people find not-so-creative ways to circumvent the password changes. For instance, if your password is “Fubar#70″, when prompted to do so, you may enter “Fubar#71″ the next time, and just keep incrementing it.
But, if this person is right, and an 11 character, all lower case password would take hundreds of years to hack, then maybe businesses should rethink their security policies regarding passwords?
Three simple words like “pass the gravy” would be far more secure than your “Fubar#70″, in fact go to this URL and give it a try… http://howsecureismypassword.net/
For the record, all my passwords are “p455w0rd” because I know nobody will ever guess that.
Secure your Wi-Fi Connection with a VPN
WSPA’s Amy Wood (@TVAmy) had a great segment on last night (2011-02-07) in which she had Doug Cone (@nullvariable) a local web/graphics “devsigner” discussing the dangers of using public Wi-Fi. You can find that story here.
He demonstrated a tool which allows even the most novice of “hackers” to see a list of others who are using any given open wireless access point. He did this at a coffee shop and then went around and scared the bejeebus out of people by showing them how much information was at his fingertips.
In a discussion on Facebook the other day with Doug and Russell Tripp (@RussellTripp), I suggested that those two get together and product a video showing the same information in depth and then explaining how to protect yourself from this all-too-real security threat. I believe they may be doing that as a follow-up to the WSPA story and will post that information here as a reply when that becomes a reality.
In the mean time, I thought I give some info about one tool that is both readily available and super-affordable that you can use to secure your connection when using a public Wi-Fi hotspot. That tool is a VPN, or Virtual Private Network. Yes, the same VPN technology that has been around for a very long time and used in businesses and larger corporations, and it is so easy, a caveman could do it. (I’m sure a lawsuit is forthcoming for my use of that slogan)
A VPN connection established to your home will allow you to connect to the open wireless network of your choice, build a “tunnel” to your home connection, and then send all traffic through the wireless network through the encrypted tunnel, providing a very secure transport.
All that is needed is a VPN capable router or firewall at your home. But wait, you say you can’t afford a Cisco ASA 5505 (or WatchGuard or SonicWALL security appliance). That’s okay, you don’t need one.
You may already have a compatible home router that can be setup with the free DD-WRT (the website http://www.dd-wrt.com has a list of compatible routers) which provides VPN capability to your 40 dollar Linksys or similar device!
The setup is pretty straight-forward once the device end is ready. Connecting takes only seconds.
The VPN is not just for Microsoft Windows, but also Apple Mac OSX, iPad, linux, freebsd, solaris, etc. Most smartphones including Android, iPhone, Windows Mobile and Blackberry should have the ability to utilize your VPN too.
If you don’t have a compatible router, you could optionally use OpenVPN on your PC, and last but not least, you could use the OpenVPN HOSTED service. The hosted solution comes with a price tag, but for many it may be worth it to protect their privacy.
If you are fortunate enough to work for a company with a VPN already in place, you could probably use that as an option, assuming the IT policy permits you to do so.
Should you require assistance in Greenville or the Upstate for your personal or business VPN needs, we are partners with Cisco, WatchGuard, SonicWALL, ZyXEL and have a solution that is right for you. Call 864.990.4748 or email info@homelandsecureit.com.
Do you have a SIP Voice over IP system in use at your business? Then you may want to take a couple minutes to read this…
It seems that many of these systems are being setup without any consideration for security at all. Leaving the potential for a malicious person to do things such as attack your system by sending a DoS flood to it, or even to make phone calls from your VoIP system! (This is referred to as “Toll Fraud”)
So how do you protect yourself? The best thing to do is to cut off access to your VoIP server via a firewall. If you don’t need access to something, disable it.
Try not to put your VoIP system in the DMZ (De-Militarized Zone) that offers no protection.
The most obvious way into your system is via the web configuration, usually on port 80. If that is wide open and default passwords are in use, a person could log into your box, add extensions, voice mail, etc. So be sure to change your default passwords and disable access to the machine from outside, unless you NEED access from outside, and then if that is the case, setup your firewall to allow connections ONLY from specific IP addresses you use.
The standard SIP port of 5060 is another gaping hole. If you must have SIP open to the outside world, consider changing the port from the default to something else so it doesn’t easily show up on the radar of people who might be doing port scans. You could also set your firewall to only allow connections from known outside IP addresses.
Either of those options can help prevent a SIP flood which could make your VoIP system unusable.
The SIP extensions probably have default passwords when you create those, depending upon which VoIP system you are using. Do not be tempted to use easy passwords…
One of the best ways to protect your SIP VoIP system is to use a VPN connection from any location that will be connecting to your main site. Cisco SPA 525g phones have the capability built-in to connect via VPN, making them a great phone to deploy to those who work out of their home.
If you would like further information, please call 864.990.4748 or email info@homelandsecureit.com. We sell Cisco, Polycom, Digium and other VoIP systems, phones and components, and offer consultation, installation and service in the Greenville / Upstate SC area.
Just saw where another computer user in Greenville could have avoided a nightmare. They posted their computer was toast. Bad hard drive according to some geeky type people that looked at it. The computer is back to running, but their data is GONE.
Homeland Secure IT offers many backup solutions that can protect you from this scenario, but our favorite is Servosity Online Backup, which runs on your computer, regardless of the operating system of that computer (Server, Workstation, Notebook, etc) and quietly backs up your data to a secure server located “in the cloud”.
It is affordable, it is reliable, and the president of Servosity is an Upstate SC native. What more could you ask for?
If you would like to try this awesome online backup service, we offer a FREE trial, just call 864.990.4748 or email info@homelandsecureit.com for additional details or get setup for a trial.
Please do it before it is too late. Losing your pictures, music, documents, etc is a painful experience, and potentially devastating. The cost of recovering hard drives can be in the thousands!
