by Mike Wilson
Posted on 2018-01-13 00:27:10
As you may have seen in the news, last week the technology world was shaken by the disclosure of two vulnerabilities in modern processors, known as Meltdown and Spectre. These vulnerabilities are unusual, in that they target the CPU directly, which means that the operating system is not the source of the problem. In other words, any server, PC, mobile, or embedded device running an affected processor is vulnerable and will need to be patched.
Though these vulnerabilities are unusual in some ways, Meltdown and Spectre are similar to other vulnerabilities in the ways that they can be exploited. To exploit these vulnerabilities, an attacker must execute malicious code on a vulnerable system, via such means as an email attachment, browser plugin, or document macro. This means that normal digital hygiene practices apply very well to this situation.
To eliminate your exposure to these vulnerabilities, be sure to stay current on security patches for all network connected devices; including servers, PCs, and also network printers, firewalls, etc. Patches have already been released by Microsoft for Windows 10, and by Apple for Mac OS and iOS. Microsoft will be releasing patches very soon for the other supported versions of Windows, and other vendors are already rolling out patches, as well.
In addition to operating system updates, PC and Server hardware manufacturers have released their own patches that cannot be installed via typical operating system update procedures. These updates can be obtained via the manufacturer’s website and installed manually. Some manufacturers have their own automatic update mechanisms. For example, if you have a Dell PC running the Dell Command Update client, then you will automatically receive a notification when a BIOS update is available.
If you have any questions or concerns about your network security, please don’t hesitate to email us at firstname.lastname@example.org or call us at 541-342-5531.
by Scotty McConnell
Posted on 2017-10-16 23:53:55
Researchers in the UK have successfully broken the previously unbreakable WPA2 Wi-Fi security protocol.
This is a major announcement because the WPA2 protocol is used in almost every Wi-Fi network, meaning countless computers, smartphones, “internet of things” devices, and others are vulnerable to attack.
Feynman Group has the following proactive suggestions for our customers and partners to avoid exploitation:
- This particular security risk is only available to the Wi-Fi coverage area. A potential hacker must be within range of your wireless network to take any action.
- Where possible, connect to the network using a network (Ethernet) cable instead of wireless.
- If you have Wi-Fi installed at your home or office, check with the manufacturer to see if/when an update may be available.
- Websites which are secured with HTTPS (such as Google.com) are generally still secure even when browsing over a public / vulnerable network.
- Some Wi-Fi vendors have already provided patches for this security issue, and many others will follow in the coming weeks.
For more information or further assistance, please reach out to our technical support team at email@example.com or call (541) 342-5531.
Feynman Group, Inc.
by Mike Wilson
Posted on 2016-10-25 23:54:47
On Friday, October 21, 2016, Internet performance management company Dyn suffered a series of three distributed denial of service (DDoS) attacks, beginning at about 4:00 AM Pacific time and concluding at about 1:00 PM. The attack involving tens of millions of IP addresses affected users’ abilities to access the websites of many of Dyn’s customers, such as Twitter, Reddit, Spotify, Etsy, and others. Experts believe the attack was targeted at Dyn with one source of traffic sourcing from devices infected by the Mirai botnet.
What is a DDoS attack?
A DDoS attack is when an overwhelming amount of web traffic is directed at an online service (such as a website) in an attempt to make the service unavailable to legitimate users. In this case, tens of millions of IP addresses flooded Dyn’s Managed DNS infrastructure with requests, causing Dyn’s customers’ sites to either fail to load or load very slowly. In other words, many users attempting to do their morning scan through Twitter were disappointed when Twitter did not load.
What is DNS?
Note that the following has been simplified for the sake of simple explanation.
The domain name system (DNS) is what’s responsible for converting a domain name into its associated IP address when a website is accessed. Think of it this way: if the IP address is a set of GPS coordinates (latitude and longitude) for a business, the domain name is the street address (123 Street Ave).
When any URL is typed into the address bar of the web browser, a request is sent to a DNS server (many actually) to translate the URL into its IP address, which is then sent back to the browser, telling it how to access the website at the specified URL.
The incident on the 21st occurred when a large number of devices (many infected by the Mirai botnet) attempted to make too many requests to Dyn’s DNS servers, and the overloaded servers could not send back information to fulfill any requests.
It’s important to note that DNS hosting (the service provided by Dyn in this case) differs from website hosting. The latter generally refers to the location on a web server where a website’s files are stored.
What is Mirai?
Mirai is a new type of malware that targets “Internet of Things” or smart-devices – things like CCTV cameras, DVRs, the Nest smart-thermostat, even Internet-connected cars and refrigerators. Mirai is able to take control of such devices and use them to flood a target with traffic. When millions of infected devices are directed toward a single target in a DDoS attack, it’s enough to bring the target down across the web for both legitimate and malicious users.
How can I keep my smart-devices safe?
- Be selective with which smart-devices you use. Not all devices are created equally when it comes to security. Research before you buy, and always opt for the most secure devices, even if they cost more.
- If possible, disconnect your smart devices from an internet connection when you’re not actively using them. If there is not an option to disconnect your device from the internet, make sure it is powered off and not in a “standby” state.
- Keep your devices up to date with the most current software.
- Always use strong passwords. Some devices such as webcams and CCTVs use default passwords and settings, making them especially attractive targets for malware. Read your manual or do a Google search on how to change the passwords for these devices.
- If your smart device has been infected by Mirai, you may be able to clean it by rebooting the device, however this action alone will not protect your device from being re-infected.
- Disable WPS connection on your wireless router, and make sure your Wi-Fi network is password protected.
- Contact Feynman Group if you have any security concerns and we will work with you to implement solutions relevant to your specific needs.
Does a DDoS attack pose a threat to my website?
If you’re concerned about the resiliency of your hosting environment, contact Feynman Group to discuss whether or not changes to your current situation may be necessary.
Note, Feynman Group, Inc. is not affiliated with and does not endorse any of the websites, articles, or authors referenced in this post.
by Mike Wilson
Posted on 2015-04-02 22:30:20
The clock is ticking for those still using Windows Server 2003. As a matter of fact, the literal clock is ticking on Microsoft’s website as they count down to July 14th, 2015, the day Microsoft will cease to support any version of the popular Windows Server 2003 server operating system.
What exactly does this mean? Consider your other devices. Most likely, your computer prompts you periodically to install updates for various reasons; bug fixes, stability improvements, and security updates are some common cases. Mobile phones are similar. Apple releases minor iOS updates every few months, and even individual apps get updates frequently (glancing at my phone, I see Twitter was updated March 28th noting, “This update includes minor improvements”). All of these regular updates are made by the developers at their respective companies in an effort to continually improve their software and keep users safe from security exploits.
Unfortunately, software companies can only continue to update older versions of their products for so long before it’s no longer viable to do so, forcing users to migrate to more modern versions. Just as this is the case now with Windows Server 2003, the very same scenario occurred with Windows XP when Microsoft terminated support for the computer OS in April 2014 (though XP had a valiant 13-year run).
It is highly recommended that all present Windows Server 2003 users migrate to a current version before July 14th, 2015 in order to protect their infrastructure. Continuing to use Windows Server 2003 puts your data at serious risk. The lack of security patches paints a big bulls-eye on these machines for those looking to exploit holes in their defense. While it’s possible in some cases to restore data post-hack, it can be difficult if not impossible to fully recover after a security breach. In addition to security concerns, Microsoft will no longer provide technical support or warranty claims for Windows Server 2003 users, and many applications, including modern 64-bit standards, will no longer support the dead OS.
Perhaps the gravest consequence will affect users in industries which are regulated or handle regulated data, as they may fall out of industry compliance. In this case, Windows Server 2003 users may be legally required to migrate. For a more in depth analysis, this International Data Center white paper provides an excellent summation of the situation as a whole.
In light of the announcement, many commentators are suggesting Windows Server 2003 users migrate directly to Windows Server 2012 R2. In addition to a host of improvements and added features, 2003 users will appreciate 2012 R2’s high application compatibility, meaning the migration will be relatively straightforward. And for those considering taking the interim leap to Windows Server 2008, you may want to note that Microsoft ended mainstream support in January of 2015, and extended support is slated to end just five years from now in January of 2020.
All in all, when faced with the end of a product lifecycle, it’s always a good idea to take a step back and evaluate our use of technology. While it may be tempting to write off this announcement solely as a tech giant’s latest money-grubbing scheme, it’s important to remember that technology drives innovation just as much as innovation drives technology. If Microsoft continued to hold the hand of an aged software until the last user replaced it, who would be working to improve and expound upon it, to pioneer new technology solutions far beyond what anyone thought was possible? Windows Server 2003 had a good run after all. Twelve years ago, Chicago won 6 Academy Awards and Harry Potter and the Order of the Phoenix was published. Twelve years from now, there’s no telling how far technology will have advanced, and so we continue moving forward right along with it.
If you’re still using Windows Server 2003, Feynman Group would like to help you through your migration. Contact us to learn more and discuss your options.
by Feynman Group
Posted on 2014-12-26 22:56:19
With the New Year upon us, now is a great time to consider your business’ collaboration needs going forward. From video conferencing, to instant messaging, to paging and beyond, you’ve got a lot to consider! Here at Feynman Group, we are happy to introduce Cisco’s new Business Edition 6000S (BE6000S) Packaged Collaboration Solution! The BE6000S is purpose-built to deliver core collaboration capabilities along with integrated routing and gateway functionality in one small form-factor platform. The package is a complete, affordable collaboration solution, which makes it a great choice for small businesses. Here are some key features and highlights:
- This solution delivers essential collaboration for up to 150 users and 300 devices.
- It’s an easy to manage, all-in-one platform with 5 fixed, preconfigured core applications:
- Cisco Unified Communications Manager
- Cisco Unity Connection
- Cisco Unified Instant Messaging and Presence Service
- Cisco Prime Collaboration Provisioning
- Cisco Paging Server
- Supports point-to-point video collaboration
- The industry’s first “office in a box” solution based on the Cisco ISR 2921V and UCS E160D M2 blade server, with routing, gateway, wireless, security, and collaboration services all together in a single chassis
The BE6000S is a simple and scalable solution with seamless migration path to higher-end platforms. What does all this mean? Your business can act with greater efficiency, clearer communication internally as well as externally, and you can rest assured knowing your service is supported by Feynman Group’s most knowledgeable techs!
For more information, head to Cisco’s official website or call us at (541) 342-5531. Start the new year off right.
by Feynman Group
Posted on 2012-06-15 23:00:39
Jonathan Brandt, owner Journey Tree, Inc., decided to move his offices in November of 2011 to the Citizens Building in downtown Eugene. He also decided it was time for a new phone system after 15 years of the old one. “It was an easy decision as a business owner” to invest in the new Cisco UC Platform said the Financial Planner.
After the successful move Jonathan will use Feynman Group for their IT support too. “I found Feynman Group is valuable because they are a one-stop solution” says Jonathan and “I need to focus on what I’m good at and what I enjoy which will benefit my clients.” He names a couple technicians he has noticed to be very “knowledgeable and “pleasant.” He emphasizes that he doesn’t want to have to think about the IT for his company, but feels good he can trust in FG. “It’s great to have one source for all these things they do and if they weren’t exceptional it wouldn’t be valuable.”Read More
by Feynman Group
Posted on 2012-05-21 22:11:48
Symantec took home the 2012 CRN (www.crn.com) award in the Backup & Recovery Software category, with decisive wins in technical satisfaction and financial factions, and a tie with Microsoft in support satisfactions. Success was attributed to improving the products features based on feedback from the VAR channel according to John Eldh, VP of Americas channel at Symantec. “Symantec consistently looks for ways to enable our partners to increase revenue and differentiate from the competition. “ Eldh said.
In the survey, Symantec’s most decisive score occurred in scalability in the technical satisfaction rating. Symantec also outscored all competition in presales and postsales support. Altogether the company finished 1st place in 9 of the 14 criteria scored in the completion. Later this month, Symantec plans to launch Backup Exec 2012 and also a small business edition.
As a Symantec Partner we at Feynman Group are very pleased to see the success of their products. We utilize their tools with several clients on daily basis. To learn more about Symantec solutions contact your Feynman representative or go to: http://www.symantec.com/solutions/smallbusiness/