3

Begin using IPv6 whether your ISP is ready for it or not by using a “Tunnel Broker”

So now that we are reaching the end of the IPv4 addresses, what’s next?

You don’t have to sit back and wait for your ISP to provide you with IPv6, you can play with IPv6 today using a “Tunnel Broker”.

How does that work? Hurricane Electric is one example of a tunnel broker who allows you to use IPv6 via tunneling through the traditional IPv4 network from an IPv6 configured host or router to one of the Hurricane Electric IPv6 tunnel routers.

What do you need? A IPv6 capable router/firewall or IPv6 capable host. That’s it.

What if your router doesn’t support IPv6? It may be flashable to run one of the Open Source offerings such as OpenWRT or DD-WRT , or you could invest less than 100 dollars and purchase a compatible device.

You’ve got the hardware, now what? Go to the Hurricane Electric site or another Tunnel Broker, create your tunnel and you should be able to get it going in a short period of time.

Next point some hosts from your domain to your new IPv6 IPs and give it a try!  Now you’re ready for World IPv6 day!

While this is fun and gives you an opportunity to work with the “new” technology, I would not recommend this as your long term solution, nor would I recommend it for a corporate or even business network solution.

If you have a Greenville / Upstate business that you need to prepare for an IPv6 deployment, please contact us at 864.990.4748 or email info@homelandsecureit.com – We can help pave the way to a smooth transition.

Secure IT Alert: Potential Microsoft Windows SMB vulnerability discovered

Secure IT Alert Header

Homeland Secure IT Alert

Homeland Secure IT Alert for Thursday, February 17, 2011

I’m posting this verbatim from the WatchGuard security blog…

Yesterday, a gray hat going by the alias Cupidon-3005 posted details about a zero day Windows SMB vulnerability that could potentially allow attackers to gain control of fully patched Windows Server 2003 and XP computers. Microsoft is currently investigating this surprise release, but hasn’t had time to post an early Security Advisory about the issue yet, let alone deliver a patch.

Specifically, the vulnerability involves a buffer overflow flaw within the SMB component’s mrxsmb.sys file. By sending a specially crafted browser election request packet containing an overly long server name, an attacker could exploit this flaw to either crash your computer, or execute code on it, potentially gaining complete control of your PC.

Since Microsoft just learned of this flaw on the 15th, they haven’t had time to release a patch yet. However, your WatchGuard firewall can help. By default, our appliances block SMB and broadcast traffic (the exploit leverages broadcast requests), which prevents Internet-based attackers from leveraging this flaw against you (assuming you haven’t opened SMB ports, which you should never do). That said, worms quite regularly rely on SMB vulnerabilities to help them automatically spread within networks, once they infect the first victim. So in general, I consider SMB vulnerabilities high risk. I’ll continue to monitor Microsoft’s investigation into this flaw, and will post updates when they release any workaround or patch. Corey Nachreiner, CISSP

Homeland Secure IT is a Greenville / Upstate SC reseller and partner with WatchGuard – If you would like more information about their security appliances, please call us at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

2

Microsoft Office alternatives OpenOffice.org & LibreOffice battle it out in a steel cage

Posted today on InfoWorld is an interesting article about two competitors to Microsoft Office. (See “Open office dilemma: OpenOffice.org vs. LibreOffice“)

While you have probably heard of OpenOffice.org, or the previous incarnation of it (StarOffice), a new alternative open source office suite is called LibraOffice, and it is being brought to you by the developers OpenOffice.org. Confused? Well, it’s that same old story… People work for a big company (Oracle) and this big company starts doing something they don’t dig, so they jump ship and start their own project. Tah-Dah! LibreOffice is born.

Are either OpenOffice or LibreOffice good candidates to eliminate your dependency on Microsoft Office?

In a nutshell, if your company requires absolute compatibility with all Microsoft Office documents, and you require a standardized interface that new people can come to your business use without any type of learning curve, then you already know what I am going to say. Stick with Microsoft Office!

If you run a small operation, or even a home office, then maybe one of these two offerings can work for you. They do offer the important features of Microsoft Office, such as word processing and spreadsheets, there are versions available for your Microsoft Windows systems, Apple Mac OSX, Linux, etc. And the price is outstanding…  Maybe if they don’t offer EVERY feature you need, then you could make the sacrifice.

InfoWorld’s article compares the two offerings and may give you some insight to help you determine if either of them are right for you. Of course, you can always download them both and try them for yourself if you have time to do that.

Should your Greenville / Upstate, SC business require Microsoft Office, we can help you with that! We can sell a single license or hundreds! Call us at 864.990.4748 or email info@homelandsecureit.com

Oh my… No post today on my blog? What is the world coming to????

For all 3 of you reading this blog… I apologize from the bottom of my heart for not posting something entertaining, witty or even boring today.

Wait a tick…  I just posted this, so that means I DID post something. Bah! I can’t even procrastinate correctly, as I was going to do this tomorrow.

Off to the George Clinton performance in a few… He should rock out The Handlebar!  Haven’t seen him in about 20 years. He was kinda old then, so he’s really old now, still I just bet he’s so high you can’t get over it… So low you can’t get under it.

See you tomorrow for something computer or tech related, I promise. In fact, no, it’s not a promise, it’s a threat.

1

How long will your computer last? It’s all about the MTBF! Or is it?

Kablooieeee

A common question that computer sales, repair, service and support people hear is, “How long will this computer last me?”

The most common answer is, “It depends…”

Just what does it depend on? The quality of the product is of the highest importance, but even a very reliable device can have a shortened life if not maintained properly and it is very dependent upon the environment it is subjected to.

For instance, a typical business desktop workstation could have a lifespan of 3-5 years in a “typical” office environment. But take the temperature of the room it is in up a few degrees, or expose that same computer to dirt in the air, which coats internal parts and affects how well heat is dispersed and you could have a machine that lives half as long. Power issues are another killer of desktop computers. Failure to use a surge suppressor or UPS could allow harmful voltage spikes and sags to damage components.

This is exactly why you hear “It depends” so frequently. No two locations are the same, and even offices in the same building are different.

Let’s look at what MTBF means exactly.  MTBF is the common abbreviation for “Mean Time Between Failures” and is indicative of how reliable a product is. The higher the MTBF, the more reliable the device is.

MTBF is measured in hours, such as the hard drive from a two year old Apple Mac Book that is on my desk… Its MTBF is rated at 300,000 hours, which should be, what? 34 years? WOW! That’s amazing! In reality that MTBF is a theoretical number, meaning that if all goes well, the drive should live a long happy life. Well all did not go well, the drive is dead in a tiny fraction of the MTBF.

One thing to keep in mind is that business class computers almost always contain components which have a higher MTBF than their consumer counterparts. Business class computers also have 3 year warranties available, and sometimes longer, because the manufacturer understands that they used the best parts that were available for the money. Give a business class computer consideration if you are looking to replace an important workstation or notebook in the future.

One thing I can say is, regardless, be sure to backup your systems! Use either a physical backup like a USB drive, flash drive, or even better, something like our Servosity Online Backup Solution (free trial!) to protect your data. Going by MTBF is like saying that you will live 78 years because everyone in your family did. Don’t count on it.

So how long will that computer last you? It depends….

If you need assistance in selecting a new computer or repair of an existing one for your Greenville or Upstate business, please call upon us as we offer a wide selection of Seneca Data / Nexlink, HP, Dell, Toshiba, Samsung, Acer, Lenova and more! 864.990.4748 or email info@homelandsecureit.com

Secure IT Alert: Adobe releases Acrobat, Coldfusion, Reader, Shockwave and Flash updates #security #adobe

Secure IT Alert Header

Homeland Secure IT Alert

Secure IT Alert for Friday, February 11th, 2011

Adobe has beat out Microsoft for the number of vulnerabilities addressed on Patch Tuesday with the unleashing of a plethora of patches for their Acrobat, Reader, Coldfusion, Shockwave Player and Flash Player.

Reader’s updates are considered CRITICAL and there 29 holes that are plugged… Shockwave comes in second with 21 CRITICAL vulnerabilities fixed, followed by Flash with 13 CRITICAL. These are for Windows, Mac OSX, Linux and Solaris.

The 5 Coldfusion vulnerabilities affect the security of Microsoft Windows, Mac OSX and Unix. Though this update is labeled as only “IMPORTANT”, I wouldn’t skip it!

The long and short of this is – Update! Also be sure to keep your anti-virus / anti-malware current.

If you are in the Greenville / Upstate, SC area and need assistance, please email info@homelandsecureit.com or call 864.990.4748

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

Don’t Forget A Screen Privacy Filter for Your Electronic Medical Record Computers EMR / EHR

Up until May of 2010, I rarely visited a doctor, but all that changed when a little old lady passed out or fell asleep and slammed into my car one morning. As a result, I saw way too many doctors.

PrivacyFilter

Example of a Privacy Filter in Place

During these visits, I was asked about the security of Electronic Medical Records and discussed that at length with doctors, clients, friends and my family. Fast forward to today and I am seeing more and more smaller clinics switching to EMR / EHR and some are doing a fantastic job of protecting themselves and their clients from the threats that exist.

What surprised me is that for all the anti-virus, anti-malware, firewalls and security devices, setting screens to time-out and lock, implementing strict password policies and the like, one simple thing is missing from many of these computers and servers.

A privacy filter for the screen… These fairly inexpensive will keep someone who is not directly in line with the monitor from viewing the display.

3M makes a fantastic assortment of these filters to fit your notebook, tablet, desktop LCD, even your smart phone!  I would recommend one be placed on every computer used for patient information.

For more information about these privacy filters, please call us at 864.990.4748 or email info@homelandsecureit.com

Secure IT Alert: Microsoft Unleashes a Slew of Updates for Windows & Windows Server & IIS FTP

Secure IT Alert Header

Homeland Secure IT Alert

Secure IT Alert for Wednesday, February 9th, 2011


The February 2011 Patch Tuesday was not boring…   Updates include something for everyone.  Basically every current Microsoft Windows OS version was addressed.

The big one was the IE Update that fixed four code execution holes in the popular web browser.

In addition to fixing thumbnail and font vulnerabilities which mainly affect desktop users, several updates are very important for your servers.

Windows Server has an Active Directory DoS potential, elevation of privileges vulnerabilities from Client/Server Run-time SubSystem (CSRSS), LSASS, Kerberos  & multiple kernel related issues and an Information Disclosure Vulnerability from scripting engines… Most of these are for XP & Windows Server 2003 but the scripting issue affects Windows 7 & Server 2008 R2 only.

As with most of these, Server Core is not affected.

Please apply the appropriate patches ASAP.  Windows Update should be run, or if you are using WSUS, it should handle this for you.

But wait, there’s more!

Microsoft Visio 2002, 2003 and 2007 are vulnerable to code execution… More information is available in the MS11-008 Security Bulletin. This does not affect Visio 2010 or Visio 2007/2010 Viewer.

The Windows IIS FTP service running on Windows Vista, Windows 7, Server 2008 and Server 2008 R2 suffers from a buffer overflow vulnerability which if exploited could cause a DoS (Denial of Service) or worse, allow an attacker to obtain full control of the server. This one is likely the most severe of the updates and should be addressed immediately!

Should you require assistance, or have questions, please call us at 864.990.4748 or email info@homelandsecureit.com. We offer Microsoft Support in Greenville and Upstate, SC.

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

2

Safe Browsing from Public Wi-Fi Hotspots is possible with a VPN

Security Padlock

Secure your Wi-Fi Connection with a VPN

WSPA’s Amy Wood (@TVAmy) had a great segment on last night (2011-02-07) in which she had Doug Cone (@nullvariable) a local web/graphics “devsigner” discussing the dangers of using public Wi-Fi. You can find that story here.

He demonstrated a tool which allows even the most novice of “hackers” to see a list of others who are using any given open wireless access point. He did this at a coffee shop and then went around and scared the bejeebus out of people by showing them how much information was at his fingertips.

In a discussion on Facebook the other day with Doug and Russell Tripp (@RussellTripp), I suggested that those two get together and product a video showing the same information in depth and then explaining how to protect yourself from this all-too-real security threat. I believe they may be doing that as a follow-up to the WSPA story and will post that information here as a reply when that becomes a reality.

In the mean time, I thought I give some info about one tool that is both readily available and super-affordable that you can use to secure your connection when using a public Wi-Fi hotspot. That tool is a VPN, or Virtual Private Network. Yes, the same VPN technology that has been around for a very long time and used in businesses and larger corporations, and it is so easy, a caveman could do it. (I’m sure a lawsuit is forthcoming for my use of that slogan)

A VPN connection established to your home will allow you to connect to the open wireless network of your choice, build a “tunnel” to your home connection, and then send all traffic through the wireless network through the encrypted tunnel, providing a very secure transport.

All that is needed is a VPN capable router or firewall at your home. But wait, you say you can’t afford a Cisco ASA 5505 (or WatchGuard or SonicWALL security appliance). That’s okay, you don’t need one.

You may already have a compatible home router that can be setup with the free DD-WRT (the website http://www.dd-wrt.com has a list of compatible routers) which provides VPN capability to your 40 dollar Linksys or similar device!

The setup is pretty straight-forward once the device end is ready. Connecting takes only seconds.

The VPN is not just for Microsoft Windows, but also Apple Mac OSX, iPad, linux, freebsd, solaris, etc. Most smartphones including Android, iPhone, Windows Mobile and Blackberry should have the ability to utilize your VPN too.

If you don’t have a compatible router, you could optionally use OpenVPN on your PC, and last but not least, you could use the OpenVPN HOSTED service. The hosted solution comes with a price tag, but for many it may be worth it to protect their privacy.

If you are fortunate enough to work for a company with a VPN already in place, you could probably use that as an option, assuming the IT policy permits you to do so.

Should you require assistance in Greenville or the Upstate for your personal or business VPN needs, we are partners with Cisco, WatchGuard, SonicWALL, ZyXEL and have a solution that is right for you. Call 864.990.4748 or email info@homelandsecureit.com.

Business Printer Repair vs. Printer Replacement

HP 4000 Printer Parts Diagram

Printer Part Diagram

It is Monday morning and you went to print your first batch of papers for the week but that didn’t go so well. Paper has been jammed in the printer, or maybe not even picked up out of the paper tray.

What to do? Should you either replace that beast or call a printer repair technician?

Replacing the printer is going to cost a good bit of money, but will generally result in a quicker solution since your favorite office supply store may have a suitable printer in stock. Of course if you need special trays, like an envelope feeder for instance, you may be in for a wait while that is ordered in.

Many times a service provider can repair a printer by fixing a jam or clearing an error and you could be back to printing as quickly as they come and work their magic. Others, you may find yourself waiting as the printer is taken to the shop, diagnosed, parts ordered if not in stock and subsequently replaced and the printer returned to your business.

On the positive side for replacing a printer:

  • New device, may operate years without further issue
  • Possible better toner usage, saving you money over the life of the printer
  • Could use less energy
  • Possible faster printing
  • Additional features, such as networking, duplex, color
  • May be in stock / instant gratification
  • Can depreciate it

On the negative side of replacement

  • Old printer ends up in landfill if not recycled (not a green thing to do)
  • May require changes to your document configurations / printer driver setups
  • May not work properly with older Windows XP OS  due to lack of drivers (rare)
  • May not interface the same way (Parallel / USB / LAN)
  • Some custom software requires a specific printer be used
  • Repair may have been cheaper

Whether you repair or replace is likely going to be based on the bottom line, just how much it will cost you, or optionally, how long it will take to complete the repair (downtime).

If you can afford the downtime, I would suggest calling a service technician to at least evaluate the potential for fixing the issue with your current printer. Some repairs are as simple as pulling a misfed/torn paper out of the machine, or unblocking a sensor. It would be a shame to chunk an otherwise functional printer in the garbage.

When should you replace? If you are working with a 150 dollar printer that you picked up from an office supply house and you don’t have a closet full of ink for that model, replace it.

If you have a 4 year old HP office laser printer with two input trays that has served you well. This is a great candidate for repair. So are any printers with multiple input trays, high capacity trays, high speed throughput, duplexing, collating or other special features.

Should you have questions, we repair / service and sell HP, Dell, Ricoh, Brother, Lexmark, Samsung and Oki Business printers in the Greenville & Upstate SC area. Please call 864.990.4748 or email info@homelandsecureit.com