Monthly Archives : February 2011

Malware Terminology

The Information Technology world has a definite jargon of its own, which can be confusing to both the end users and (sometimes) to the IT people themselves. One of our biggest problems these days is Malware (mal meaning “bad”) infections on our users’ computers. In the interests of making the problem a little clearer, here is a basic (if not necessarily complete) dictionary of terms, in plain English.

Adware: Advertising-supported software. This is software that automatically plays, downloads or displays advertisements to a computer. A classic example would be a “helper toolbar” that causes advertising pop-ups on your screen.

Backdoor: Some spyware can install a credential and password that make unauthorized and unexpected entry into a computer possible by an outside user, who can then plant more malware and/or harvest available data.

Bot: A piece of software designed to grant an outside user complete control of your computer at will. A computer affected by bots is called a zombie, and “armies” of like-infected machines can be used to launch simultaneous attacks on other systems, or send out spam email messages.

Browser Hijacker: Code that replaces search pages, home pages or error pages with its own, allowing further browsing to be redirected to wherever it wants you to go (as opposed to where you wanted to go).

Rootkit: Code designed to gain root-access to your computer and manipulate it into allowing viruses or spyware to install and operate, while hiding from anti-virus scanners by appearing to be a part of the operating system.

Spyware: Differing from viruses in that they are not out to wreck your system, but to gain from it – controlling functions or accessing data for financial gain. Spyware might include keystroke loggers, backdoors, or browser hijackers, among other things.

Trojan: A disguise for malicious software, which may be brought into your computer as something apparently safe, but which can drop one or more harmful programs once inside. For example, an image file might contain code that operates only when the image is viewed, which installs backdoors, bots or viruses at that time, but which is otherwise inert.

Virus: A self-replicating program, intended to cause damage in computers. Pretty much pure vandalism, there is generally no gain for the perpetrators…

Worm: A program that looks for holes in your computer’s security, to get itself inside your computer where it can drop its payload (viruses or spyware). It is not, itself, either a virus or spyware, but may be thought of as something like a trojan. It scans IP addresses, opportunistically looking for entry points to exploit.

Setting up VPN On Your iPad/iPhone

If you are interested in setting up a Cisco IPSec VPN connection on your iPad, I have detailed some instructions on doing so.

  1. On the iPad itself, go to Settings > General > Network >VPN > Add VPN Configuration.
  2. On the tabs listed, select the IPSec tab from the connection types. Note that  you see a Cisco logo present here.
  3. Now you can enter you information as provided by your network admin:
    • Description: “Work VPN” (this can be whatever you would like)
    • Server: vpn.mydomain.com (ask your IT administrator if you are not sure)
    • Account: Your network login account
    • Password: Your network login password
    • Group Name: myvpn (ask network admin
    • Secret: ******* (once again ask your network admin)

4. Now you should be able to click save up in the corner and we are almost there.

5. You should now be able to go into Settings > General > Network > VPN  and slide the VPN switch to on. Once connected, you can use your favorite RDP client and remote your network PCs.

 

Adding Exchange Account to iPhone, iPad, or iPod Touch

  1. To add an Exchange account to your Mobile device, go to Settings > Mail, Contacts, Calendars > Add Account > Microsoft Exchange.
  2. Then, enter your email address, domain, username, password, and a description. The description just describes the account, for example “Brett’s Account.” If you do not know your domain, ask your network administrator.
  3. Your mobile device will now try and retrieve the connection settings by itself using Autodiscovery. Most of the time this will fail and you will be prompted with the following screen. When you are, you need to enter the mail servers address (e.g. mail.mydomain.com). Again if you do not know this, contact your network administrator.
  4. The next screen allows you to choose which items you would like to synchronize. Most of the time you want to leave the default which is Mail, Contacts, and Calendars. To adjust additional settings, you need to go back into Settings > Mail, Contacts, Calendars.

Google Cloud Connect

Do you use Microsoft Office and want to try Google Docs? Do you use both Google Docs and Microsoft Office? Would you like to backup and access your Office files from anywhere? Well now you can with a new service that Google has launched called Google Cloud Connect.

What this program does is it allows users to backup and share their documents that have been created with the Microsoft Office Products and use them on Google Docs. Google Cloud Connect supports Word, Excel, and PowerPoint documents in the 2003-2010 versions of Microsoft Office.

It is fairly simple to setup. All you need to do is download a little plug-in for Microsoft Office and have a Google Docs account. A little toolbar is installed and it is as simple as selecting the sync button and it will sync it up to the cloud.

Check out the video below!

[youtube]http://www.youtube.com/watch?v=H12teRzulW0[/youtube]

Adding Public Folder Calendars to Your Outlook Profile

Here is a simple walk through on how to add public calendars to your outlook profile.

Within your outlook, go to the bottom left corner and click on the Folder List button (figure A). This will bring up additional folders that you do not normally see (Figure B).

If you expand public folders, you will see all of the public folders for your organization. These are all hosted on the Exchange server. If you would like to add a calendar to your profile you would browse down to the calendar and add it to your favorites.

In this case, you would expand Public Folders > All Public Folders > Calendars. Inside the calendars folder is the list of available calendars. Right click the calendar you want and select add to favorites. You will see the ‘add to favorites’ dialogue, and you just click add.

Once you have added the calendar to your favorites, you should be able to go to your calendars and the calendar you just added to your favorites should be listed under “other calendars.”

You should be able to repeat this process for any other public folder calendars that you want to add to your outlook profile.

Google Apps not Quite Comparable to Exchange

Recently I was asked to perform a migration of a few users from their current Exchange Server 2003/2007 environment over to Google Apps.  Although the migration process was fairly simple to execute, users quickly found that there were a few things lacking in the Google Apps offering.

I had users that were accustomed to the collaboration features that were very easy in Exchange, like contact and calendar sharing, which are not so easily done in Google Apps.  Google Apps now provides an API to help accomplish contact sharing, however, I’m not a developer and neither are any of my users.  That being said, I don’t think this is a viable option for us.  The good news is that this API is relatively new, and maybe someone will develop something that is useful for sharing contacts – something that is easy for me and my users to implement.

The calendar sharing was much better, but also lacks an important function.  When using the Outlook plugin (which allows you to use Outlook as your Google Apps client), the only way for a user to see another user’s calendar would be to grant full access to the calendar being shared.  If the user does not have full access, they can only see free/busy information and not the appointments on the calendar.

As I said earlier, the migration process went really well, and there are several very good options for executing the migration.  However, my users leveraged the power of Outlook and Exchange were left a little disappointed with Google Apps.  If you have very simple email and calendaring needs, and are a smaller business operation, Google Apps may be just fine.  If you are looking for an alternative for your in-house Exchange server, you might be happier looking into Microsoft’s Hosted Exchange solution.

Mac Users Beware Of Malware

Do you think your Mac is immune to malware infections? If you said Yes, you would be wrong. Although there may not be as much malware for a Mac as there is for Windows, you should still not be caught sleeping.

According to the Security firm Sophos, from November 2nd to November 16th 2010, their Sophos Anti-Virus for Mac Home Edition collected some 50,000 malware reports (This is based on an approximate 150,000 users).

Note that some of the above mentioned malware will just not run on a Mac, but there are some that will. For instance the DNS Changer and OSX/Jahlav are some specific examples of infections that you want to remove from you system right away. Some people make take this lightly as they have the idea stuck in their head that their Mac cannot be infected….but guess what it can.

My recommendation to anyone that owns a computer or mobile device is to protect yourself. Any device connected to the internet whether it be 3G, Wi-Fi, or on your LAN can be infected.  Hopefully you do the right thing and I don’t have to say I told you so.

Certain Key Words in Searches Attract Malware

Have you ever gone on the web and searched for “free stuff?” I know I have quite a bit, and did not realize the risk I was putting myself in. According to a study done by McAfee released in September of 2010, your chances of being directed to a malicious site are greatly increased when you use the word “free” while searching for music, movies, and other digital content.

In the report, it notes that you are 300 percent more likely to land on a malicious site if you search for free music ringtones. Also, the report states that searching for artists lyrics puts you at twice the risk than searching for “ringtones” for the same artists (first five pages of results).

Including the word “MP3” within your search immediately puts you at risk of reaching malicious sites. According to McAfee, there has been a 40 percent increase in the number of sites that host malicious MP3 files.

In order to protect yourself from these types of issues, it is recommended to not use the word “free” in your searches related to digital media, keep your antivirus up to date, don’t click on suspicious links, and use your best judgment when not sure about the safety of certain websites.

(Credit: McAfee)

Try Google Pack!

As I was browsing around on Google the other day, I noticed a neat little tool they have called Google Pack, which essentially downloads and installs some of the most basic applications that you may typically need on your PC. See below for the list of apps.

Now generally I would use most of these applications on my own PC, but there are some I do not typically use. For instance, I do my best to stay away from using any types of toolbars as they cause problems more often than not. What you could do in this case for Firefox is install it and then disable the toolbar.

Google Pack is a customizable download complete with a web browser, office applications (Google Apps), antivirus (avast), Photo editor (Picasa), Skype, Google Earth, Adobe Reader, Google Talk, and RealPlayer. All of these software applications are optional.

I would personally use this software just for the ease of installing these apps from one location to save time.

Google One Pass

Google has announced their One Pass payment system, which allows publishers to set their own terms for their individually created content. It allows end users to purchase something once and then view it across multiple devices. To me this sounds really intriguing considering I despise buying the same thing for multiple devices, so let’s dig in.

For publishers, there is a small onetime fee to get going and the setup is minimal. It also allows for each publisher to setup a more personalized approach to selling their content. Publishers can control how users pay, and even set their own prices. For example, you could create a subscription based model where you pay $5 for one month of access to your content, or you could give users a set number of free visits or views to your content. Google One Pass is power by Google Checkout, so your payment and e-commerce needs are covered and there is no need to implement a third party system.

If you are looking at getting something on the internet and you want to have more control over how it is sold or marketed this sounds like a very interesting idea. The reason being, that some of the other sites with app stores charge outrageous fees to post your content to sell. I believe Apple charges something around 30%. Check out Google’s video and FAQ that I have included below.

[youtube]http://www.youtube.com/watch?v=qiz_2c_QpOQ[/youtube]

FAQ

Q: Who sets the price of Google One Pass content?
Publishers decide the price and terms of the content they choose to sell through Google One Pass.

Q: Who determines the terms for access to content available through Google One Pass?
Partners determine the duration and extent of access to their content. For instance, this may include setting a one-week or 30-day limit on the accessibility of a given article.

Q: Who determines what content is accessed through Google One Pass?
Partners have total control over what content is accessed through Google One Pass and what content is free to users.

Q: How is Google One Pass implemented?
Publishers will continue to host their own content. They will upload the list of the content they want to monetise into the Google interface. Publishers will need to add a small amount of code to their website, but development effort is minimal.

Q: Why is Google launching Google One Pass?
Google cares a lot about helping high quality content thrive online and about the future of journalism. That’s also why we built things like First Click FreeFast Flip and Living Stories.

Q: Will Google One Pass allow users to read existing subscriptions on all their devices?
Google One Pass will enable users to access content on connected, browser-enabled devices and from mobile apps where the mobile OS terms permit publishers to access the web via the app for Google One Pass transaction or authentication services.

Q: Where is Google One Pass available today?
Google One Pass is currently available in France, Germany, Spain, the UK, and the US and Canada. Publishers in any country where Google Checkout is available can implement Google One Pass.

Q: What types of content can Google One Pass support?
Google One Pass is currently intended for periodicals, such as news and magazines, but is a flexible payment system that can be used for many other types of content.