Archive

Archive for the ‘security’ Category

Netgear security update

2016-12-26 Comments off

Check your router for a vulnerability by entering the string below into your browser (change [router-address] to the IP address of your router (example: 192.168.1.1)).

http://[router-address]/cgi-bin/;uname$IFS-a

If that page shows anything but an error or an empty page, your router is affected and you need to apply the patch just published by Netgear (link below).

Netgear models impacted by this vulnerability:

R6250

R6400

R6700

R6900

R7000

R7100LG

R7300DST

R7900

R8000

D6220

D6400

http://kb.netgear.com/000036386/CVE-2016-582384

Categories: hardware, networking, security Tags:

Yahoo! Mail security issues.

I’m seeing a lot of issues with Yahoo Mail accounts being compromised, so I’m posting my notes here and will update as I understand the problem better.  An example is when you get e-mail from friends with a single, SPAM URL in the message and it’s sent to 10-15 people (in alpha order) from their Yahoo! Contacts.

I suggest that you NOT check the box ‘keep me signed in’ when you log into Yahoo Mail (highlighted in red rectangle on screen shot below).  From what I can tell, some web sites with malicious content take advantage of cached Yahoo credentials and send mail with these SPAM links to everyone in your Yahoo contact list.

I also recommend using “two factor authentication” wherever possible.  Two factor authentication uses something you know (your password) with something you have (phone number, cell phone).  When accessing a web site, you enter your password (something you know), and then are prompted to enter a code sent to your phone (voice), or your cell (text), which are things you possess.  This is used when resetting passwords on your bank or credit card web sites.

Another option is to consider moving to Google Mail which appears to be more secure, and I know from testing that Google’s two factor authentication is quite comprehensive and I use an Android app on my cell phone to generate a code.

image
Yahoo login – do not

Yahoo Two factor authentication reference links

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now

http://www.pcmag.com/article2/0,2817,2409477,00.asp

Categories: Internet, security Tags: , ,

Computer Backup Recommendations

This is the first in a series of reference articles that answer frequently asked questions from friends, family, and clients.  I will update these articles as required. 
Feel free to let me know if you have any questions or recommendations.

Required hardware and software
    Software – Acronis TrueImage 2012
    Hardware – external hard drive – USB, eSATA, Firewire

Overview
I recommend imaging all PC systems.  Imaging the system is easy, and fast (1GB/min typically).  Imaging software takes a ‘snapshot’ of your computer.  This snapshot can be used to restore your system automatically.  By restore, I mean if your hard drive dies, you can install a new drive (same size or larger), and restore *everything* in one operation – Operating System (Windows), applications, and data.  After the restore, your system will be *exactly* where it was when you performed the backup.

In addition, the image can be used to restore individual files and folders, but more importantly, if your system is compromised due to a virus or system problem, you can restore the entire system back to a known, good state.

Acronis (and other imaging software) can be configured to image your system on a schedule (Friday nights for example).  You can also setup the software to automatically shut down your computer after the backup is completed.  I typically do this monthly on all our computers, setting up the jobs before I got to bed and having the system shut down.

We have three external USB drives – one reserved for my business systems, and two for home systems.  All my backup drives are encrypted (I use Bitlocker).  I recommend selecting a hard drive with enough capacity to hold at least two backup images for all your systems.

Reference links
Rosewill RX-358 V2 BLK (Black) 3.5″ SATA to USB & eSATA Enclosure w/Int.80mm fan
    http://www.newegg.com/Product/Product.aspx?Item=N82E16817173042

Acronis True Image Home 2012 – upgrade and special offers often available from Acronis
http://www.acronis.com/homecomputing/products/trueimage/

Acronis TrueImage Home 2012 from Newegg
http://www.newegg.com/Product/Product.aspx?Item=N82E16832200030

Buffalo Technology AirStation N300 Wireless Router and AP Model WZR-HP-G300NH

2011-08-16 1 comment

My trusty Linksys WRT54G running Tomato firmware appeared to be dying.  My upload speed, as measured by speedtest.net, was in the range of Kbps instead of Mbps.  Download speeds were inconsistent, in the rage of 10 Mbps to 14 Mbps.

I researched a ton of routers, and my criteria was to have two radios, support 802.11N, and QoS.  I also wanted it to support bridging, AP, and act as a repeater.  Devices I considered, included Netgear, Cisco E4200, and the Buffalo N300.

I’m delighted with the Buffalo N300, which I picked up from Amazon for $65.  Setup was very easy.  I didn’t use the automated install software, I just connected to the router directly and configured the router since I was familiar with the DD-WRT software (v24SP2-MULTI (03/21/11) std). 

The router web interface was a bit sluggish initially, but after the initial configuration was completed, and it was running for 15 minutes it became much more responsive.

I haven’t used any of the client connection features, and connected manually.  All our wireless devices connected seamlessly, and one test call on our VoIP phone worked.  I won’t have time to test our Roku and Netflix streaming until the weekend, and will test VoIP calls, including international, later this week.

Initial speedtest.net results below:

Before – Linksys WRT54G

image

After – Buffalo N300

image

Categories: security, technology, Wifi Tags: ,

UPDATE: Google “advanced sign-in security”

2011-02-20 1 comment

When you bump into people at a funeral discussing e-mail security problems, you know it’s a mainstream issue.  A woman we were chatting with just spent the better part of two weeks restoring access to her MSN account after she received a variation of the “Mugged in London” scam.  The result was someone hijacked her account and she had to work through MSN to restore access.

Just like Facebook’s support for SSL, using two factor security for Google is something everyone needs to implement.

The process is detailed on The Official Google Blog – Advanced sign-in security for your Google account

The process is called 2-step verification – this allows you to link your account to your mobile phone, a Mobile application (Google Authenticator on the Android), and printable backup codes that you can keep in your wallet.  In addition, you can have application-specific passwords to supposed access on your smartphone.

If you’re running Google Apps on your smartphone, I recommend doing this all at once – it will eliminate password prompts and confusion later.

The process also provides a summary of Connected Sites, Apps, and Services that have access to your Google Account.  In my case, this includes paulbegley.com access to Blogger, pulsememe.com (Google Reader), google.com (Google Calendar), and tweetdeck (Google Buzz).  I had forgotten about setting up Pulse access to my RSS feeds on Google Reader, but it was a good reminder.

You can revoke or renew access at any time using the 2-step verification process.

UPDATE:  Note that once you enable advanced sign-in security, you may need to generate a new password for third party applications.  I ran into this with Feeddemon, but it was a simple fix:

  1. In Google, sign in and go to My Account.
  2. Click on Using 2-step verification
  3. Go to Application-specific passwords
  4. In the section “Generate new application-specific password”, enter the name of the application (Feeddemon for my example), and click “Generate Password”
  5. A unique password will be generated containing four four character, alpha-numeric characters.  Paste this into the password prompt for your application, and you will be authenticated.
Categories: Android, mobile, security Tags: , ,

User registration

2010-09-05 2 comments

Due to ‘bots registering fake users, I just disabled new user registration.  I’m not sure how I will handle this moving forward, but I want to allow comments, I just don’t want 20 fake accounts created each day.

Stay tuned.

Categories: security Tags:

Stop Paying for Windows Security; Microsoft’s Security Tools Are Good Enough

 

Stop Paying for Windows Security; Microsoft’s Security Tools Are Good Enough

I have been using Microsoft Security Essentials since it was in beta.  It does a good job, with very low overhead, and high rate of accuracy, including malware and Trojans. 

If you use Security Essentials, keep your workstation patched, and use multiple browsers with ad blocking software, you can feel pretty secure running Windows.

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/

Recommended Firefox Add-Ons – AdBlock Plus
https://addons.mozilla.org/en-US/firefox/addon/1865/

Recommended Chrome Extensions – AdBlock v2.0
https://chrome.google.com/extensions/detail/gighmmpiobklfepjocnamgkkbiglidom

 

 

Technorati Tags: ,
Categories: Microsoft, security Tags:

Malware as twitter password reset

Wow.  This caught me by surprise this morning.  The message below (forwarded to Google Mail) looks legit, but if you hover over the link, you see it points to a binary (password.exe) hosted on gameroomhaven.com.

Most of the message is legit.  The links at the bottom of the post are legit, pointing back to twitter.com.  However, the e-mail address in the SPAM is one I only use for a high school alumni site.  Based on that, I started to look at the message more carefully and noted the malware link posing as the password reset URL.

Lesson here, don’t click on links in your e-mail without verifying the source.

Using the Google Mail ‘Show original’ feature (drop down in upper right corner of each message) showed the source code for the message where the malicious URL is obvious. A snippet from the original below:

Hey there.

Can't remember your password, huh?
It happens to the best of us.

Please open this link in your browser:

http://www.gameroomhaven.com/password.exe

This will reset your password.
You can then login and change it to something you'll remember.

image

Technorati Tags: ,
Categories: security Tags: