LAN Systems
 
May/June 2012

 

 
At our Earth Day event, we collected 3,131 pounds of e-waste raising $175 for the Norcross Cluster School Partnership

 

You are cordially invited to our annual Independence Day Cookout! Mark your calendar for Monday, July 2nd 11-2.  We will have another e-waste collection benefiting the Norcross Cluster School Partnership.

 

Please practice safe computing whether on your PC or mobile device and subscribe to our blog for the latest updates - http://lansystems.com/blog.

 

Mary
Are you infected?  DNSChanger Overview
  Computer Threats
Malware is a constant source of anxiety to any computer user. Not only can it slow down your computer, but it can fool you into giving away personal data or purchasing phony products with your credit card.
 

In today's world, most computer users are non-technical consumers. This is similar to how we are all electricity consumers. We use power but don't necessarily worry about the details of how power is generated and distributed. We just know that it works and leave the details to the experts. Since electricity is so dangerous, there are mandatory safeguards that have to be followed.

 

Much like power utilities, regulated industries like financial and medical are required to safeguard your data or be fined severely. Personally, you don't have to protect your computer, but if you don't hackers and identity thieves can ruin your life. Your best protection is to be an educated consumer so that you are aware of threats and put in the proper safeguards. Computer safeguards are spam and content filtering, virus and malware protection and most importantly, knowledge.

 

If you are not trained in computers, much of the terminology is confusing. Regardless of the discipline, when you simplify a complex topic to make it understandable to a general audience some of the essence will be lost. This is unavoidable. So when you read something that is written for universal consumption, experts will argue and take exception over the details and still the audience may be confused. This is exactly what is happening in the DNSChanger discussion. If you read about DNS malware and still don't know how to check for an infection, please contact an IT expert. Although the effects of DNSChanger can now be easily fixed, you may unsuspectingly have other infections.

 

When the FBI discovered the computer fraud ring in Operation Ghost Click, the number of compromised computers was so great they replaced the scam servers with legitimate servers. This was to give users a chance to remove the infection before the FBI removed the DNS addresses. The replacement servers are set to be retired on July 9, 2012.

 

Since DNSChanger hijacked your PC and pointed your computer to fake sites meant to steal from you and further infect your computer, you have to take action to ensure that your computer is clean.  DNSChanger is a particularly obstinate infection, but it can be removed.

 

The first step is to see if you are infected. Go to www.fbi.gov or www.dcwg.org. If you have any concerns, ask an expert before proceeding.

 

If you are infected, you need to fix your computer. There is a list of free tools available at www.dcwg.org.

 

Still need advice, feel free to email me at mary@lansystems.com.

 

__________________________________________________________
 

DCWG - DNS Changer Working Group was created to help remediate Rove Digital's malicious DNS servers. Go to: www.dcwg.org

 

DNS - Domain Name System is what converts the number addresses for computers to named addresses for humans. For instance, 50.116.97.70 is lansystems.com.

 

Here is a little more detail on how the FBI busted them in Operation Ghost Click. Excerpted from www.fbi.gov.

11/09/11 Six Estonian nationals have been arrested and charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry. Users of infected machines were unaware that their computers had been compromised-or that the malicious software rendered their machines vulnerable to a host of other viruses.

 

Details of the two-year FBI investigation called Operation Ghost Click were announced today in New York when a federal indictment was unsealed. Officials also described their efforts to make sure infected users' Internet access would not be disrupted as a result of the operation.

...

As part of a federal court order, the rogue DNS servers have been replaced with legitimate servers in the hopes that users who were infected will not have their Internet access disrupted.

It is important to note that the replacement servers will not remove the DNSChanger malware-or other viruses it may have facilitated-from infected computers. Users who believe their computers may be infected should contact a computer professional. They can also find additional information in the links on this page, including how to register as a victim of the DNSChanger malware. And the FBI's Office for Victim Assistance will provide case updates periodically at 877-236-8947.

Does your computer need a backdoor?

 

BackdoorEven the most experienced system administrator will occasionally forget their password or get locked out of the system. It is not uncommon for admin or super users to create a backdoor so that they can quickly access the system without a password reset. Computer equipment manufacturers and vendors also quietly implement this backdoor method, but backdoors have consequences on system security that may leave you at risk.

 

Whether you call it a backdoor, trapdoor or Trojan horse, these methods should be known to only a trusted few.  When equipment vendors put something in place so that they can gain system access, especially when they make it permanent, they will be criticized for sacrificing security for convenience. 

 

On any system, security and convenience have an inverse relationship.  The more secure a system, the harder to access.  The more accessible, the lower the security. Somewhere between the two extremes are systems that are easy for the users with a good element of safety.

 

If you are in an industry with regulations, standards and requirements, you have to follow them no matter how inconvenient they may seem.  You cannot implement backdoor methods that put your customers at risk, give hackers an edge or make your understanding of security suspect. 

 

The following article is about equipment used on control systems, but the implementation of a backdoor is not unique to this industry. It is, however, a reminder that we must find ways to balance convenience and security. A couple of suggestions would be to notify the customer, allow the customer to disable the backdoor and use a login/password pair that is not tied to something like the MAC address. The first two are easy. Modifying the login/password is more challenging and still susceptible to hacking, but stronger authentication is needed.

 

Equipment Maker Caught Installing Backdoor Account in Control System Code

 

  eNewsletter 
Join Our Mailing List
In This Issue
Are you infected?
Does your computer need a backdoor?
Making IT work for your business

Solutions and Services to help you grow your business

System and Network
Design & Installation

Microsoft, Linux and Unix
Servers and desktops
vCIO Strategy
Architecture review
System installation
Network security
Storage solutions
Virtualization
 
Service and Support
Support  agreements
Onsite services
HelpDesk support
System maintenance
Emergency services
Data recovery
 
Managed Services
24/7 system monitoring
Real-time notification
Automatic updates
Quickly fix problems
Alarming for critical events
System health reports
Follow up action plan
 
Data Backup Plans
Online combined with local or offsite storage
Easy to manage
Restore individual files or entire system
Safe and affordable
 



Get into the Cloud