System Administration

Posted on April 27, 2011 by dgs

System Administration

by
David Schlecht

One aspect of keeping your computers and networks secure is the need to administer the systems. System Administration is, sadly, a task that is overlooked until after disaster has struck. Then, not only is it unnecessarily expensive to recover from the losses associated with the disaster but the cost of bringing the machines up to date is added to the costs.

This experience can destroy a company that is just starting out or one that is hanging on by a thread during tough times.

So what is involved in System Administration and why does it matter? It depends, of course, what types of machines you have at your company.

OS and Windows Updates

If you have nothing but business machines, or workstations, you still need to ensure the integrity of them to be sure they are secure. You’ll want to have someone check the Windows Updates to ensure that they are automated correctly and that the updates are up to date.

Administrator Group Access

It is common for technical support technicians to escalate the user account of the computer when doing technical support operations only to forget to return the account to the unprivileged state when done.

Workstations should never ever be run as a member of the Administrator group during regular business. If the machine is accidentally configured like this, then the machine is an easy target to any of the common viruses and Trojan Horses you get from websites and emails.

Disabled Anti-Virus

When installing software it is commonly required to disable the anti-virus software. It is a common mistake to accidentally leave this disabled after the install.

Periodic Audits

It is important that you have your machines audited periodically to ensure that they are configured safely. It’s important to be ahead of the ball when considering computer vulnerabilities.

Contact Access Technologies for scheduling regular audits of your company’s computers. Access Technologies is a Nevada based Computer Services company.

 

Posted in Internet Security, Technology | Comments Off

Network Design and Setup

Posted on April 24, 2011 by dgs

Network Design and Setup
by
David Schlecht

So you’re setting up a new office. Whether it’s an office in a commercial building or a home office, you’ll want to make sure you get it right.

For information on securing your network, visit Network Security Technology for security related articles and security case studies.

What’s Required

Obviously, the first thing that is required is a plan and you can’t have a plan without knowing exactly what your requirements are. Don’t just start running wires, but think ahead to how you want it to look when you’re done and how you want it to look in the future. You don’t want to put the time and money into creating a network that you have to completely rebuild in a year or two.

These are some things to consider:

  • Will you eventually need a local server for things like a local wiki or a file server or a caching-only Domain Name server?
  • Will you want static or dynamic IP addresses or a combination of both? If you’re planning on having internal servers, they’ll need static IP addresses.
  • If you’re using a combination of static and dynamic, you’ll need to decide on the IP ranges for each.
  • How will you serve up your dynamic (DHCP) IP addresses?
  • Will you need Internet access? (Of course you will!)
  • What type of Firewall do you need and what types of rules? Will you allow everyone inside the network to access everything on the Internet or will you eventually want to limit what people can do and see?
  • Will you need a VPN (Virtual Private Network) to allow secure access to your network from the outside?
  • Will you have wireless access? If so, what type of encryption and what ACLs (Access Control Lists) do you need?

This isn’t a complete list of everything to consider but it’s a good start.

Avoiding the Pitfalls

A Windows computer connected incorrectly to the Internet can get infected in just a matter of minutes.  This can’t be emphasized enough. It only takes a few minutes before your mistakes start costing you money.

Know your firewall syntax and set up your firewall immediately. And, now what you need in a firewall. You don’t necessarily need a dedicated, expensive machine to perform as your firewall. For most small business and home offices, the Internet router can fulfill the firewall needs if set up properly.

If you are going to allow wireless access to your internal network, put considerable thought into how you want to secure it. Remember, most encryption schemes last only a year or two before they need to be retooled or replaced. This may require constantly upgrading and replacing your wireless routers and updating your firewall rules.

If you’re using a wired network, make sure you have planned for future expansion.

Looking Ahead

No one can foresee the future but it’s important to think how you might want to see things change and plan for those changes. You can also know that certain technologies will become obsolete, such as modes of encryption.

It’s also important to think of how your company will change over time. If you bring in more employees, where will they sit? If you bring in some servers, where will they go?

Follow up

A very important part of network administration is the need for review. No network is stationary and the constant changes can degrade the security that was part of the initial network design.

Your network security should be reviewed on a regular basis. Here are some things that should be reviewed:

  1. Check to make sure your anti-virus protection is up to date on all machines,
  2. Make sure you have a good security policy and that everyone is following it,
  3. Make sure your firewall rules are up to date,
  4. Make sure your firewall hardware (ie: router) is up to date,
  5. Make sure your firewall’s firmware is up to date.
  6. Monitor for breakins,

 

Posted in Internet Security, Technology, Web Technology | Tagged , , | Comments Off

Disclosures from Domain Name registration

Posted on March 19, 2011 by dgs

Disclosures from Domain Name registration
by
David Schlecht

When registering a domain name, a company or individual can disclose a lot of information. When doing a WHOIS lookup, an attacker can see a lot of information about the company and people registering the domain.

As an example, let’s see what we can find about the topic of “pet fish”. A quick google search shows the following domains:

  • www.aquariumfish.net
  • www.thatpetplace.com
  • www.petfish.net

By checking on the first domain name, I find the IP address, the company that hosts the IP address (godaddy.com), the physical location of the server (Huston, Tx).

Though I don’t recommend using Godaddy.com, this is  a rather safe domain registration.

Looking at the second example, we see that this is registered through network solutions and uses Gary Henery, gbo*@systemax.com Harbor Drive, Port Washington, NY as a contact person.

And, finally, the last example shows the domain registered through godaday, hosted at hostmonster.com and is registered by Clint Norwood fron Scarlet Oaks. You can also find articles by him at the site.

In each of these examples, there are varying amounts of information available to the hacker. Social engineering is an important approach to hacking and knowing names of companies and people allows an impersonator to pull off a pretty convincing part.

For help in finding the amount of personal disclosure from Domain Name registration and your risk from disclosure, as well as other Internet Security services, contact Access Technologies.

Posted in Internet Security, Web Technology | 1 Comment

Internet Security Network Security and Computer Security

Posted on March 9, 2011 by dgs

When seeking out a competent and professional IT security solution, it’s important to understand the differences between Internet Security, Network Security, and Computer Security an know what your needs are in each area.

Furthermore, many companies providing one type of security well may be completely inadequate in the other areas.

Let’s start by looking at them one at a time:

Internet Security

It is easy to confuse Internet Security with Network Security because there is a certain amount of overlap between them. Looking at things that are primarily Internet Security you find issues such as:

For more detail on these Internet Security issues, check out the Network Security Technology web site or talk to someone at Access Technologies.

Network Security

As stated above, there is a certain overlap between Network Security and Internet Security and it’s important to know how these two issues interplay to affect security.

When considering Network Security, it’s common to consider things that are already inside your firewall. You will typically want one network, or subnet for your DMZ and then one or more internal networks or subnets.

Important issues concerning Network Security include:

  • Network traffic control inside the network and traffic going our through or to the DMZ.
  • Traffic monitoring for suspicious data packets
  • Firewall designs and reviews
  • Wireless Network Access Points
  • Wireless Security
  • Mobile devices such as flash drives, phones, laptops and handheld computers.

As one can see, Network Security is not a simple or unimportant aspect, but is rife with risk. For further information on Network Security including some interesting case studies, go to the Network Security Technology website. For assistance in designing and implementing a reliable Network Security policy, contact Access Technologies.

Computer Security

The issue of Computer Security is as important as any of the rest of the issues.  Having computers inside your network that are infected with viruses and Trojan Horses renders all the rest of your security ineffective.

Important things to watch for when considering your Computer Security include:

  • Computer Security training
  • Up to date and effective virus software
  • Security Audits
  • Flash Drives
  • Save Internet Browsing
  • Email and spam filtering
  • Choosing a safe Operating System and platform

You’ve probably already guessed by now, but if you want further information on computer security, including case studies on these issues and many more, visit the Network Security Technology website. If you’re looking for a company to help with training or implementing and auditing a reliable security policy, contact Access Technologies.

Posted in Internet Security, Web Technology | Tagged , , | Comments Off

The Need for Custom Software

Posted on February 11, 2011 by dgs

So you have an application that you use in your daily business activities such as office software like QuickBooks or Quicken or maybe something more specific to you particular needs such as a website that provides your company with contact information on likely customers.

What do you do when you decide to change the way you use the data? Do you hunt for a new application or perhaps hire someone to extract the data and create the new data formats?

Well, there are better alternatives. You can get custom software that is designed exactly for your specific needs. It makes more sense to pay a one time investment in the software tailored to your specific needs than to hire people and pay the cost over and over every time you need the data extracted.

In today’s world of mobile networking, your phone can become you mobile computer with you being able to use your phone to score or grade your company’s progress while out in the field.

Access Technologies is a company that understands the need for custom software and is available to help with any solution.

Remember, the one time cost of custom software is almost always a better investment than paying employees to get the information manually and repeatedly.

These sorts of small and relatively inexpensive software projects can save a company a lot of money, especially when looking at the long term savings. But small projects aren’t the only way custom software can save your company money.

Even large scale custom applications can provide huge return on investment. Environmental monitoring can save companies huge losses when things go wrong. A relatively small investment in a custom monitoring application can save big buck down the road.

Are you a software company needing a short term or long term team to finish up an existing project? Check out Access Technologies. They can help.

Posted in Software | Comments Off

New Website

Posted on February 7, 2011 by admin

As you’ve probably noticed already, we have released the new website for DGS Consulting, Inc. Please note that this computer consulting company has been bought by Access Technologies, a Nevada based Computer Consulting company.

Please enjoy the new site and be sure to leave any comments and suggestions you have.

Posted in Web Technology | 1 Comment