RSA Computer Consulting

Wi-Fi Security: Protect yourself in public

rsacc — Wed, 23 Jul 2008 06:02:35 +0000

Wi-Fi security is a hot topic these days and , there are many options that you can take to help protect you and your computer when you connect to public Wi-Fi hot-spots. Below is a list of things you can do:

Firewall-Microsoft Windows XP w/SP2 and Windows Vista both have a software firewall included with the operating system. By default they are enabled and provide somewhat good protection. There are a number of free and pay software firewalls available on the Internet that have more features and some provide better protection.
Disable File and printer sharing- This feature in Windows, by default, is disabled. However many people will enable this feature to allow them to share files and printers at home or the office. When you have this turned on and you connect to a wi-fi hot-spot, anyone who is also connected to that wi-fi hot-spot has access to your files and folders. You can disable file and printer sharing by visiting the Microsoft knowledge base article .
Check your SSID- Verify with the Hot-Spot operator what the SSID is for their locations. Its possible that a scammer or other criminal type may set up a rouge access point or even ad-hoc connections to trick users into connecting to them. This will allow the scammer to capture all the data that is sent or received by the user.
Browse with caution-Any time you are in a public location connected to a public Wi-Fi hot-spot you are at a potential risk. I would strongly suggest not conducting any type of secure or sensitive transactions, such as those that involve credit card or banking information
Disable your Wi-Fi adaptor-If you are not using your wi-fi connection, disable the adaptor. This will prevent Windows from automatically connecting to a wireless network, and prevent your computer from being vulnerable to penetration attacks.
Update your computer-Always have the latest updates for your operating system as well as the latest updates to your virus and spyware protection software.
VPN-A VPN is a virtual private network and is typically used by users to connect to their office network. This allows all traffic to pass between the users laptop and the users work network securely and encrypted. So in the event the data is intercepted it will be useless to the scammer.
Remote Access-If you don’t have access to a VPN connection, there are a number of services online to protect you as you browse. LogMeIn is one service that allows 128bit encrypted connections to your home or work computer securely over the Internet. Once connected, it is just as if you were sitting at your remote computer.

Grande Communications Hijacks Browser Traffic

rsacc — Sun, 04 May 2008 17:32:28 +0000

I currently have services with Grande Communications, here in San Marcos. And I have been a happy customer from the 1st day they offered service…some 7 or 8 years ago. I enjoy the speed of their service, the speed of their customer service, and the quality of their service. This is not a bad review of their overall service but a bad review on a not well thought out service.

As with any service there are times when something occurs that causes grief, such as outages, lost static IP addresses…things like that. Things that I can understand that happen. This however is not one of them…

I noticed a few days ago, when I mis-typed a web address and landed on .
this screen.

I was not sure what it was…where it came from or even how I got there.

After doing a little research I discovered what they are doing and why. I also discovered that allot of big name ISPs are doing the same thing and or testing similar services. Basically what they are doing is using their DNS servers to redirect nonexistent web addresses to their ad supported search portal. This is a direct violation of the DNS standard, which requires that a query for a nonexistent domain must return the “NXDOMAIN” error response.

As of this writing I have not found out what software Grande Communications uses to redirect the traffic, but hopefully when I write a follow up I will have additional information on that.

Now what does this mean to the average user? Well late last month a bug in the software that EarthLink uses to redirect customer mistyped domains may have allowed attackers to launch undetectable phishing attacks against any Internet site and get the pages to run the hackers own JavaScript code. With the browser treating this code as if it were from a legitimate domain, hackers were able to steal users’ cookies, create fake Web sites that appeared to be hosted on legitimate domains, and even log into certain Web sites without authorization. “This”, According to Dan Kaminsky, director of penetration testing with IOActive, a security consulting firm, “underscores a fundamental security risk in the way that some ISPs are attempting to generate advertising revenue from mistyped Web addresses.”

Please contact Grande Communications today and file a complaint. Tell them you don’t like the service, you don’t want the service, and you don’t like the fact that Grande Communications is hijacking YOUR web traffic.

Call 512-878-4600

WHY HOST MICROSOFT EXCHANGE WITH US?

rsacc — Sun, 04 May 2008 04:05:59 +0000

WHY HOST MICROSOFT EXCHANGE WITH US?

When looking to implement or outsource Microsoft Exchange, there are several key factors to consider. Is the service reliable? Are there engineers on standby 24×7 in case a server goes down? And does the service offer the full benefits of Exchange?

RELIABILITY AND UPTIME

Our service operates out of a tier-four datacenter, with state-of-the-art cooling, power supply, backup generator and fire suppressants. For you this means that your email is constantly running. Your Exchange service will run on clustered servers and an EMC storage area network – so if one server or disk drive stops working, your email keeps working.

As well as offering the highest-quality IT infrastructure, we do nightly backups to protect your data. For your peace of mind, we offer a 99.9% service-level agreement (SLA) which allows for just a few minutes of email downtime each month.

24/7 monitoring and management

To further ensure reliability, we employ a team of Microsoft Exchange engineers and administrators 24/7. So if a server problem occurs at 3am on a Sunday morning, we will be there to solve it – in a matter of minutes. This same team installs Microsoft software patches immediately, as well as anti-virus and anti-spam updates, for full protection.

Add-on features

We offer a complete range of add-on features including hosted BlackBerry, ActiveSync for Windows mobile devices and Good Mobile Messaging for Treos and other smartphones, so you can instantly activate email service for your handheld. Rather than spending thousands of dollars on your own server, you can use our managed service for just a few dollars a month.

You can also add archiving – from simple message journaling, to keep an exact copy of all your message, to compliant archiving, which fulfils regulatory requirements from the SEC, NASD, HIPAA and so on. Also available is fax via email, which gives you a local fax number and emails your faxes to you as PDFs.

PC or MAC

Many Exchange hosting companies do not offer both Outlook 2007 (for PC) and Entourage (for Mac) support. We offer a free download of both, so your staff can use either PCs and Macs, or both.

Our Microsoft Exchange hosting service is fully-managed, with constant uptime and instant add-ons like BlackBerry or archiving. All this, plus a significantly lower total cost of ownership than managing an Exchange server in-house.

Free Anti-Virus Protection

rsacc — Sat, 03 May 2008 23:17:23 +0000

Free Anti-Virus Protection

Yup! Its true I am going to tell you how to get your hands on free anti-virus AND FREE anti-spyware software. Unfortunately too many people are running computers with no protection and their computer and privacy are in jeopardy. If you follow these simples steps you can help protect yourself against virus and spyware infections.

1. GET PROTECTION

Free Software-These programs offer protection for free

(You will need to right click on these links and choose open in a new window or tab)

AVG Antivirus
Clamwin
SpyBot Search and Destroy
Windows Defender
AdAware

2. DON’T USE P2P FILE SHARING PROGRAMS That’s right stop stealing music and programs, allot of the times the programs and files you download are infected.

3. DON’T INSTALL FREE SOFTWARE Yes a few lines above I said download these free programs to protect yourself from potential infections….I can guarantee those files are safe, spyware and virus free. But allot of times software that is offered for free on the Internet is bundled with spyware and other malware. Do your research, Google the software that is being offered free and find out what others have to say about it…Protect yourself

4. DON’T OPEN ATTACHEMNTS IN EMAIL MESSAGES Back in the day the safe adage was, “don’t open attachments from people you don’t know”, but the spammers have gotten sophisticated and are able to spoof email messages and have them appear to be from someone in your contact list. Now it is best to always save the attachments and let your Anti-Virus software scan the attachment before opening it. of course if you use a free mail account from GMail, Hotmail or Yahoo, they scan all attachments prior to you opening them so most of the time you are safe with them.

5. BE CAUTIOUS OF WEB SITES WANTING TO INSTALL OR DOWNLOAD SOFTWARE TO YOUR COMPUTER Run Windows Updater on your computer and make sure you have the latest updates installed. Download IE 7 or FireFox 2 to help protect your computer from illicit web sites trying to infect your computer. These are just a few tips to help protect you as travel the Internet, if you find your self infected and unable to clean your computer, give us a call or visit us on the web. We gurantee 100% virus/spyware removal, or you don’t pay. Http://www.rsacc.net

512-757-1894