Tag Archives: Buena park

Bash Full of Surprises

Bash full of surprises


Just when you thought that vulnerabilities could not get worse than the Heartbleed bug, (a serious vulnerability in the OpenSSL implementation of SSL cryptography, which can render a computer connected to the internet susceptible to have its communication intercepted by a third party, even when using a VPN) Shellshock bash rears its ugly head.

Bash is a command shell program that runs in UNIX and Linux devices. It’s been around long before the internet became what it is today, and currently it is inside more that 70% of devices that are connected to internet. Servers, computer, network devices, and android mobile devices all a form of Unix/Linux that uses Bash at its core. How bad can this vulnerability be, compared to Heartbleed? With the Heartbleed bug, OpenSSL was used by about two thirds of the webservers all over the world. That made them vulnerable to have their communications snooped on, which means an attacker could look at the data transmitted and steal passwords and other data. With the Bash ‘Shellshock’, it’s a whole ‘nother beast. In this case, an attacker could actually take over any device running Bash. Not just snoop and get data from it, but actually control it from afar.

This vulnerability affects UNIX and Linux systems, which includes Macintosh computers, Android devices, and many webservers around the world. This does not mean that your Mac computer or your Android Tablet can be easily hacked and taken over from anywhere. It would be necessary for the device to be in a public network and the attacker would have to know which network you are on in order to be able to take over your network connected device. The most likely targets of this exploit would be web servers.

The bug is estimated to have been created in 1992, 22 years ago, by an open-source enthusiast who maintained Bash after its original creator, Brian J. Fox, moved on to other things. Open source software has the advantage of having many knowledgeable programmers look over the same code and make sure that it is safe. If there is a bug, they report it and it gets patched. However, all the programmers are doing it as a hobby in their spare time. This does not mean that they cannot create new secure and quality code. It just means that some of the old code might go unchecked because the glory is in creating new and innovative software, rather than the difficult task of debugging older code.

TRA focuses on Medium size and SOHO (Small Office/Home Office) security. Our goal is to provide full IT support to growing small businesses who are too small to have a full time IT staff, yet big enough that they need one on a recurring basis. We have many highly satisfied customers in the Long Beach, Orange County, Southbay, and Los Angeles area. Contact us today, and let us take care of all of your computer and network security needs. Our prices are reasonable and our services are top notch. Call us today!

The New Normal

The New Normal


Target, Kmart, Staples and Home Depot. What do these four retailers have in common (besides their killer Black Friday deals)? The answer is: they have all been hacked in the past 12 months.

Staples is the last major retailer that has reported a data breach in their systems, in which potentially millions of customers’ credit card information might have been illegally accessed. This breach happened fairly recent, so the extent of the information stolen is not yet known. There is one thing for certain, I will not do my Christmas shopping there. If I do, I will only pay cash.

There have been many data breaches recently in the news, creating what some security experts call “breach fatigue”. Target was one of the first big data breach victims of the year. The corporate giant showed a 46% drop in profits the quarter following the breach became public. Recently, a survey revealed that 45% of consumers will “probably not’ do their Holiday shopping at a store that has suffered a data breach.

One of the latest giant chain stores that has suffered a data breach is Home Depot. Unlike target, Home Depot did not see much of a loss in profit following the news of the data breach. In fact, their stock value went slightly up. Similarly with JP Morgan Chase. This is the phenomenon of ‘breach fatigue” As more and more data breaches occur, the more consumers become numb to it. Especially if they themselves don’t end up becoming a victim of identity fraud.

An ounce of prevention is worth a pound of cure. That well know saying is as true in everyday life as in network security. There are many ways to protect your computers and network, but do you know the right way? At TRA Consulting, we specialize in, among other things, network security. Small and medium size businesses are just as vulnerable as big corporations. Sure, they don’t have such a big target on their back, but since they are less likely to have a robust security as multi-million and multi-billion dollar corporation, they are easier to penetrate.

Recently, the details of the Home Depot breach have come out and they are very similar to the ones from Target. Customers are not punishing Home Depot the same way as the punished Target. Seeing as the trend of more and more breaches are coming to light, it will not be surprising to see consumers still shop at retailers known to have been hacked, and just keep their metaphorical fingers crossed that their credit card info will stay safe.

TRA focuses on Medium size and SOHO(Small Office/Home Office) security. Our goal is to provide full IT support to growing small businesses who are too small to have a full time IT staff, yet big enough that they need one on a semi-daily basis. We have many highly satisfied customers in the Long Beach, Orange County, Southbay, and Los Angeles area. Contact us today, and let us take care of all of your computer and network security needs. Our prices are reasonable and our services are top notch.

Time Is Money

~~As if keeping your computer secure from viruses is not hard enough, finding the tools to do so can be just as hard. For someone with little or no knowledge of computers, keeping a computer safe from viruses and malware, or cleaning a computer of viruses and malware, can be a daunting task. There are many different types of software to keep your computer clean and safe, some of them free, and some of them are paid. I’ve found out that the free software can be as good as or even better than some of the paid programs.
TRA Consulting is more than a place like Geek squad or a corner computer store that will clean your computer of viruses and fix your laptop. We focus on taking different types of measures that will prevent your computers from getting infected or breaking. Nowadays Offices rely on having connectivity to the internet as well as to internal resources, such as shared drives and printers. Having unplanned downtime can be costly to a business, so having more than a backup plan is necessary for keeping things running smoothly. Our Philosophy is to provide you with more than a backup plan, but to actually work on preventing issues that will cause downtime in the future. Being security minded, planning for future growth, and making sure you upgrade to newer technology when needed are some of the things we do to keep your business running smoothly 24/7.
Home users have less to worry about than office and enterprise users. Their network and layout are simpler, but their security is just as important. In fact, it might be even more important since they might be more vulnerable than enterprise computers. That is why it’s so important that they have the proper security software at all times. That is why a website such as ninite.com are very useful and time savers for home users. Ninite is a website that allows you to download different types of free software, including antivirus and malware cleaning programs, all at once and package them into a single installed file. All you have to do is run it and it will install the programs you chose to your computer without prompting you for anything. After it’s done, you’ll see the icons in your desktop or in the taskbar. Some of the security programs that you can get from there are Avira, Avast, Microsoft Security Essentials, Malwarebytes, Spybot, and Super Anti Spyware. But those are just a few of the overall programs that you can bundle in a ninite installer. Other programs it includes are messaging programs like Skype, Google talk, and Aim; Media programs like iTunes, VLC, Audacity; Imaging programs like Picasa and GIMP; Document readers like Open Office and Adobe reader; assortment of other things ranging from online storage software like dropbox and Google drive, to Web browsers like Firefox, to miscellaneous ones like Evernote, Google Earth, and Steam.
TRA Consulting services the Long Beach area, as well as the Orange County Area, Southbay Area, and the Greater Los Angeles Area. Call us today

Sharing Is Caring!

~~In this day and age of Social Media, where people share things everyday with people they barely know, what about sharing with the people closest to you; the people in your private home network. There are multiple ways for the average home user to share files with other people in their home network
The easiest and fastest way to share file with people in your home network is to use Windows 7 newest built in Homegroup feature. The Homegroup feature allows for files in your computers public folders to be shared with other people in your private network. Starting a Homegroup is fairly easy. In the network section in control panel, you’ll be given the option to create one (if you’re not already a member of another homegroup or a Domain). Next, you’ll be asked what public folders you want to share, and lastly you’ll be given a password that you need to give to other members who you want to join your homegroup.
Every windows 7 (and windows 8) computer has both a private and public folders. The private folders you can see in the start menu and in the Libraries links. However, when you click on those links, it’ll open the public version of those folders. All you have to do now is to drop any file you want to share in the public folders and Presto!, you’re sharing with your Homegroup members.
The drawback of Homegroups is that the computer has to be on to access the shared files. The workaround that is to instead have a dedicated device that is connected to the network and holds all the shared file; that device is called a Network Attached Storage (aka. NAS). NAS are relatively inexpensive and come with many different storage sizes and features. NAS are basically small computers that come with software to allow it to be seen by the network and to customize sharing permissions. This is something that the average home user might have some trouble configuring, but that is something TRA Consulting can help you with. We not only specialize on PC and Network security, but also in customizing your home and work network to meet your needs. Having proper setup, security, and sharing between your devices makes your network both secure and efficient.
If you were lucky enough to have bought a Windows Home Server Device, or even just the Operating System, that means you have an easy way to share all your files with everyone in your network with minimal work. Unfortunately, Microsoft has shelved that Operating system since 2012, so you cannot longer get it, and no computer company makes those home servers anymore. More than just file sharing, the Windows Home Server could also be a centralized backup for all the computers in your network, it could do media streaming, printer sharing, track the health of the PC’s in the network, and be a gateway to have remote access to your home computer from anywhere on the internet.
At TRA Consulting we have many years’ experience dealing with network and PC security. We service the Long Beach area, as well as the OC, SouthBay, and the Los Angeles Area. Contact us today! 

Et Tu SSL?

~~Et tu SSL?
Last month the tech world was filled with stories about the Heartbleed bug. The Heartleed bug was called one of the more serious breaches in security in recent times. What makes is scarier is that the breadth of its impact won’t be exactly known since it went undetected for such a long time and it was in a form of encryption that was thought to be safe and unbreakable: SSL and TLS
At TRA Consulting, we stay on top of the latest Technology trends and security news to help and serve our customers the best we can. Whether you have a big or small office, or are just a home user, we help all our customers achieve peace of mind knowing that their computer and private data is safe from prying eyes. At TRA Consulting we server the Long Beach area, as well as the Southbay, Orange County, and the Greater Los Angeles Area.
SSL Stands for Secure Socket Layer. TLS stands for Transport Layer Security. Most people might not be familiar with this, but if you’ve ever bought something online, you’ve used SSL/TLS. SSL/TLS is used to encrypt websites, such as online stores, email accounts, online banking sites, and government websites. The way that you know if you are in an encrypted website using SSL would be to look at the address bar and notice that the URL (Usually starts with an http://) will now start with an https://. Seeing that was a subconscious sigh of relief in a world full of cyber hacking data breaches. The Heartbleed bug was not a problem in SSL, but in fact, it was in the implementation of it in the OpenSSL Project.
With a bug like this that it completely out of your hands, you might think that there is no way to prevent your computer from being vulnerable, and you might be mostly right. However, there are a few things you can do to neutralize the damage wrought by the heartbleed bug.
First of all, change all of your passwords. If your passwords were compromised, the first thing you should do is to replace them and get new ones. This will neutralize most of the damage the bug could have caused you. Even though the bug has been known for some time, there are still websites out there that haven’t patched it and if you are using them, you are exposing yourself to a security risk. One thing you can do to prevent that is to use the Chrome extension called Chromebleed. It lets you know if the site that you are visiting is still being afflicted by the heartbleed bug.
There are many security risks out there, many that you can prevent, others that are out of your hands. The best way to keep your private data private is to never connect to the internet. But in this day and age that is nearly impossible. Next to that, the best way is taking preventative measures to bolster your computer and network security. At TRA Consulting we pride ourselves in doing just that, helping you keep your data secure. Contact us today.

IT Consulting      |       Managed IT       |      Cloud       |       Desktop Support         |       Privacy        |       Term of Use         |       Contact Us