Category : Internet

DDOS Attack: Mirai botnet hacks devices with default passwords

miraiWeak default usernames and passwords spawned the massive DDOS attack against internet connected cameras and DVRs. Most botnets use infected PCs to generate an attack. This botnet, Mirai, was of a different breed, specifically programmed to scan the internet searching for poorly secured products, and proceeding to try redundantly obvious and easily guessed passwords. When a poorly secured device was found the botnet attempted to log into the product with a login similar to “admin” and a password with some derivative of “12345”.

The botnet’s maker released the source code, which is programmed to try a list of over 60 password and username combinations. This list gained the botnet access to over 380,000 devices. Mirai also took down the website of security researcher Brian Krebs last month in a DDOS attack.

Unfortunately this could become a bigger problem, as devices connected to the internet, such as cameras and DVRs are not created with security in mind. Passwords are not required to be changed once installed, and on a hunch I can assume that most users are not using their strongest password for their DVR. Security researchers have noticed an upward trend in DDOS attacks, as botnets continue to attack poorly secured devices and infect the devices with malware.

Krebs went online and looked up default usernames and passwords and matched them to devices, creating a list of possibly susceptible devices to the Mirai botnet. Check it out and change your passwords.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.techconnect.com 

 

 

Security Alert – Hide your IP Address

ipaddress

IP address is the identifier that allows information to be sent between devices on a network. It contains location information and makes devices accessible for communication. IP addresses are mathematically assigned by the Internet Assigned Names Authority (bet you didn’t know that!). This might be fine and dandy news for the non-technical, but odds are you still have no idea why hiding your IP address is advised. Since your IP has location information, it can be used to discern your physical location. The accuracy of determining your location via IP address information is actually extremely accurate. Another reason to hide your IP is the increase in cyberattacks as of late. IP addresses can often be used to target attacks.

You can also hide your IP with the goal of watching blocked content in your region.

Changing your IP can be done, but this is a more detailed process. Hiding it is a much easier option.

A Virtual Private Network creates an encrypted tunnel between your device and the service’s server rather than connecting to a website directly, adding a layer of protection. The VPN allows you to connect to the internet as normal and retrieve the information but through the tunnel created. This ensures that your web traffic cannot be intercepted, and furthermore anyone looking at the IP will only see the IP address of the VPN.

What you can also do is use a series of computers that are distributed across the globe. Rather than a request made between two points, your computer will send out layered requests that are each encrypted. You will be relayed from Tor node to Tor node before exiting the network and reaching the desired destination. Each node only knows the previous jump and the last jump. This method of Tor will make your movements much harder to track, making you much less susceptible to attack. In order to complete this method, download the Tor Browser, or talk to your IT professionals.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

Find out how fast your internet connection really is!

Full speed ahead

Many of us give little appreciation  to our internet connection until a problem arises, and then we are quick to realize how much the internet provides for us each and every day. It powers your computer, smart television, entertainment systems, tablets, phones, and most importantly connections you to the outside world. I mean what would we even do to entertain ourselves without the internet? How would we communicate? These are questions many of us only talk about in the abstract, because we rely so heavily on internet it would be too difficult to find out the answers to these questions without immobilizing ourselves. The internet has become increasingly fast, according to a study conducted by the Federal Communications Commission (FCC), the average US household went from a speed of 10 Megabits per second (Mbps) in March 2011 to 31 Mbps in September 2014. In 2015 the FCC took such statistics and re-defined the minimum download speed from 4 Mbps to  25Mbps, a big jump for broadband connection.  The FCC is the one who is also attempting to increase internet speeds for all households, but the real mover and shaker is competition. Local Internet Service Providers (ISPs) such as Google have pushed big name companies to raise speeds while keeping costs affordable. Verizon FiOS, one of the only fiber-to-the-home-only increased it’s minimum speed from 25Mbps to 50 Mbps. There are some lucky cities as well that have gigabit internet status, meaning ISPs in such cities provide 1 gigabit per second, 1000X better than 1Mbps speeds and 40X the FCC qualification for broadband. The increase is due in part to fiber optic lines such as  Google’s dark fiber that is already in place in large cities even though it is not ready for use, as well as newer DOCSIS 3.1 that will make it easier for cable companies to get on board with faster speeds.

So, how fast is my connection then? 

Despite innovations, and the reliance on speedy internet connection, the average speed is nowhere near the industry top technology capabilities. Researchers at PCMag helped us out by examining the Fastest ISPs in the United States using a tool named Speedtest. The data is then used in comparison to other ISPs in a formula PCMag calls the Internet Speed Index, which basically comprises of a number that pits ISP to ISP.

They encourage you to do the same and click the link, www.pcmag.com to test your own internet connection speed. Once you hit the page, scroll down to Begin Test to find out how your connection compares to others.

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

Two-Factor Authentication Evaluation Guide

Two-factor Authentication is a type of multi-factor authentication that provides identification of users using a combination of two different components. These components are often something the user knows, possesses, or something that is inseparable from the user. This Guide has been adapted from Duo Security, and illustrates what to consider when deciding upon a vendor for Two-factor Authentication for your company.WP17

Security

 

In order to enforce this extra layer of protection it is important to consider the factors involved. Security and ease of implementation should be of first priority. The vendor in which provides your two-factor authentication should be secure by design. The cloud based service should use multiple, independent PCI DSS Level 1 and ISO 27001-certified, SAS 70 Type II-audited service providers and is split across multiple geographic regions, service providers and power grids for seamless failover. This ensures that you have a reliable vendor that has an infrastructure that is fully scalable and elastic enough to be able to accommodate any number of users. You should be able to add users as you need them without issue. The vendor should also be backed by a strong service level agreement and the service should offer 24/7 operational coverage.

Cloud-based authentication services are easy to use and tend not to require installation of hardware. Selecting a vendor with drop-in integrations for all major VPNs, Unix, and MS remote access points. Something to look for is deployment. The two-factor authentication process is best implemented when it leverages a platform users already have, such as cell phones. Make sure the service you employ works with landlines and tokens to save your IT administrator from having to manage tokens.

Usability

Usability and convenience are a major part of making two-factor authentication a productive solution. A vendor that keeps a lot of “clutter” such as extra steps gets in the way of the login path and makes for a large and unneeded distraction. Allowing users to easily enroll themselves and set their preferred devices to use for authentication makes the login process easier. This should be met by a vendor that supports a wide range of authentication methods including push to mobiles app, passcode and phone call back.

Administration

When choosing the ideal vendor, make sure the administrative needs are met. For instance, consider if the solution allows for visibility insight into user access of your network. Authentication logs should be provided for auditing and reporting. Systems that provide a centralized admin interface give a consolidated view of how the two-factor authentication is working, and allows for better maintenance. It would be best if the system managed the physical tokens rather than forcing you to manage such items. In addition if you are looking for a cost effective solution, cloud hosted vendors have the lowest costs and least amount of hassle because the infrastructure, upgrades and maintenance are all managed by the vendor.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://hosteddocs.emediausa.com/duo-security-twofactor-evaluation-guide.pdf

Cyber Security Threats – Proactive Rather Than Reactive

Word Press PhotosSecurity executives have increasingly urged firms to utilize prevention, encouraging a plan that encompasses Information Technology and business units in order to ensure cyber security.

Why might you ask? As a mere observation, most firms have accepted hackers as a viable threat that will eventually infiltrate their network. Rather than focus on preventative measures, companies have taken to the opposite, strengthening their reactive forces and mitigating the damage a hacker can do once inside. Although important, focus needs to be on cyber security and data breach prevention in addition to recovery after the fact. This change of mindset ensures significant progress can be made to prevent threats, making better use of time and resources for your company.

John Davis, CSO of Palo Alto Networks’ federal division, suggests “Call for a comprehensive risk analysis, mapping out the different segments of the network and examining the needs of the enterprise along with the security concerns.” He encourages information technology teams and cybersecurity teams to work together for a higher level of performance. Prevention tactics bring together these two forces in a more collective manner.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.networkworld.com/article/3039955/security/why-cios-to-be-proactive-not-reactive-to-cybersecurity-threats.html?token=%23tk.NWWNLE_nlt_networkworld_security_alert_2016-03-02&idg_eid=b0bd995e2814d7f58c50105dd3327c12&utm_source=Sailthru&utm_medium=email&utm_campaign=NWW%20Security%20Alert%202016-03-02&utm_term=networkworld_security_alert#tk.NWW_nlt_networkworld_security_alert_2016-03-02

Wireless Networks Not Available After Windows 8.1 Upgrade to Windows 10

Once you upgrade from Windows 8.1 to Windows 10, there are no listed wireless networks available even if your wireless network adapter is functioning correctly. Restarting the computer or trying to reinstall the wireless network adapter does not address the problem. This issue can also prevent your wired Ethernet from functioning correctly as well, whether the connections are made through a built-in Ethernet adapter or a USB Ethernet adapter.

One known issue is the unsupported VPN software from Windows 8.1 that is not upgraded correctly to Windows 10. It occurs if older VPN software is installed on Windows 8.1 and is present when the older software version contains a filter driver (the Deterministic Network Enhancer).

It is crucial to follow these steps carefully to resolve the problem. Failing to do so can consequentially lead to serious problems if you modify the registry incorrectly.  Back up the registry for restoration before you modify in case you run into problems.

AUTOMATIC FIX

  1. Download the Toubleshooter.
  2. When you are prompted, click Open.

Note If you receive a security prompt, select Yes to start the troubleshooter.

  1. In the Window that opens, follow the instructions to run the troubleshooter.

MANUAL FIX

  1. Open the administrative Command Prompt window.
  2. Run the following commands:

command

This issue is set to occur when older versions of the Cisco VPN client and SonicWall Global VPN client are utilized. You can contact your VPN vendor to attain supported software for Windows 10.

The Top Website Builders of 2015

Website Under Construction

Small business sometime skip the process of making their own customized website and rely solely on social media for their online presence. However, there are many advantages for having your own website, even if you do not have a big business. Having your own legitimate website solidifies your online existence and adds a substantial agree of credibility.  Your own site and URL allows you to possess greater control of your image on the internet. Luckily, there are many site builders in this day of age to help, even if you have little technical knowledge. Big businesses can spend up to thousands of dollars creating their websites; however, you can utilize the products included below to turn your small or sole-proprietor business into something increasingly more profitable, as a website can offer many money-making options.

Using simple drag and drop interfaces, you build everything yourself. You can include social share buttons, photos, blogs, and media players.

The first step to building a website is getting an address for it. Many site builders can register a domain name for you using the provider’s domain. For example: yourbusiness.sitebuilder.com. You can also use another domain you have acquired from a third party, but you will have to pay the site builder.  All the templates are available on these products. Some, such as Squarespace and Weebly, have templates that automatically reformat for mobile viewing. They all range in the creative freedom you possess with building the site, from restricting you to placing page objects in certain areas to more flexibility on the appearance.

Take a look at the featured website builders below. They all provide the ability to create and edit photo galleries, profiting from the site with shopping options, and tools that connect you to social media.

Weebly $8.00

Has the clearest interface out of all the site builders. Free accounts, site stats, and downloadable source code.

DudaOne $5.99

Strong mobile creation, easy to use, and has Web storefront capabilities.

Wix $4.08

Commerce capabilities and design freedom, but you have to pay for any site stats.

Squarespace $8.99

Full commerce support and looks great on mobile as well as desktop browsers.

GoDaddy Website Builder $5.99

Offers a basic yet easy to use website builder.

Jimdo $7.50

Lets you build a website for free or with a low yearly fee.

Webs $5.99

Easy to use but lacks capabilities offered by competitors such as Squarespace and Weebly.

Yola $8.33

Easy to use and loaded with site widgets.

 

 

Small Business Web Hosts for 2015

web hostsWe all live in a very connected world. If you do not already have a website for your business, take the chance to consider the advantages of the internet and the possibilities it provides for marketing yourself. Don’t miss out on the potentially lucrative opportunities that may present itself because your name is discoverable on the internet. Although creating a website can take months, a Web hosting service is your most valuable tool in getting started with your website.

Web hosts can get increasingly expensive, but depending on the features needed for your website, you can always compare and contrast the different options you have available to you. For small business owners, you will want a dedicated server or VPS hosting. A dedicated server will be more than $100 per month. It’s costly, but the advantage is having your website living in a server by itself. You would need to handle the firewalls and maintenance yourself, unless you get a managed server, which of course costs more. However, if you want to save some money, VPS hosting is another option, and you can get one for about $20 to $30 a month. If you build your website in a VPS environment, you do not share resources with other sites that are on the same server the way you would with shared hosting. Your site actually lives in a server area that has its own storage, RAM, monthly data transfers, and operating system.

When considering the costs of a web host, it is a better idea to wait until you know what features you need before committing to an annual plan. You may want to shop for a web host that has unlimited monthly data transfer and email, the choice between solid state or traditional hard drive storage, and customer support 24/7. If you are selling a product, get a web host that offers a Secure Sockets Layer certificate, which encrypts the data between the customer’s browser and web host to protect purchasing information. Depending on the company you go with, it could be free of charge or up to $100.

Don’t forget the importance of site uptime. Once your site is down, your clients and customers will have difficulty reaching you or accessing your products and services.  Although all sites can potentially suffer from ups and downs, it’s essential to choose a web host that does an excellent job at keeping sites up and running.

Take a look at these featured Web hosts and decide which is best for you.

InMotion Web Hosting $7.99

Pros: Easily import WordPress Blogs, offers free web-building tools, unlimited email, great customer service and 90-day money-back guarantee.

Cons: Basic web builder makes sites look visually dated and you need to create separate logins for all add-ons.

Dreamhost Web Hosting $10.95

Pros: Many security features, extensive domain management, unlimited data transfers per month, cloud storage plans and money-back guarantee.

Cons: No site builder, has high setup fee with monthly plans, long wait with customer service chat, and lacks Windows based dedicated servers.

HostGator Web Hosting $8.95

Pros:  Offers shared and dedicated Web hosting plans, Weebly site-building software and great customer service.

Cons: No one-step WordPress import and lacking security in email.

Hostwinds Web Hosting $4.50

Pros: Linux or Windows-based server option, unlimited email and monthly data transfers, great VPS hosting plans, and Minecraft server hosting.

Cons: No managed WordPress Hosting and hard time find cancellation option.

GoDaddy Web Hosting $3.49

Pros: Windows and Linux based servers, 24/7 customer service, email is tightly integrated into Microsoft apps.

Cons: You need to pay for the website builder and complicated WordPress setup.

1&1 Web Hosting $5.99

Pros: Easy-to-use tools for website building, free domain transfers, and no set-up fee.

Cons: Competitors have longer money-back guarantee and Website Builder Plus tier is required to add code for templates.

Bluehost Web Hosting $5.99

Pros: Great range of Web hosting options, usefull add-ons, backup tools, one-step integration with CloudFlare, easy to use interface, and offers Weebly software.

Cons: No monthly shared hosting and persistent upselling.

HostMonster Web Hosting $6.95

Pros: Great customer service, Weebly software, useful add-ons, and free domain transfer

Cons: Pricey options, no monthly hosting plans, and lack managed WordPress

SiteGround Web Hosting $9.95

Pros: Integrates with CloudFlare, Automatic backups, excellent support material and great customer service.

Cons: Not a lot of storage and bandwidth, no month-to-month shared hosting and no Windows server option.

Vermont Telephone Company boasts its gigabit internet service is live

In recent light of Google’s announcements of fiber service in several cities, it is reported by the Wall Street journal that Vermont Telephone Company is offering gigabit internet service to its customers at a price of $35 per month. Currently they report there are about 600 people subscribed. Just to compare, Google is offering the same service in select cities for $70 per month. We will see how long the small company can sustain charging so little for such a fast internet pipe.

The good news for everyone is that there is competition in this area which will hopefully continue to push the boundaries of your home internet speed as well as bring down the prices.

MP3 Rocket – Video Conversion

Have you ever wanted to convert a video file but weren’t sure what tool to use? MP3 Rocket is a fast video to MP2 Converter. This software quickly and easily converts video to MP3, MP4, MPG, FLV and MOV. It also includes HD video or audio formats if you want. Is there a video on Youtube you wished you could have an MP3 file of? This tool will search the internet and find items based on your search and quickly download and convert the file for you. Pretty nifty! http://downloads.zdnet.com/product/2071-75337655/