Tag Archives: Buena park

Good Password Practices

Use different passwords for your computer and online services. And it is good to segment your online service passwords, or keep them altogether different.  I have seen a number of systems for doing this; some bad, some mediocre, and some extremely sophisticated.  My favorite involves a root password that varies depending on the year, and whether the online account is email, social media, banking, low security, etc.

It is good practice to change passwords on a regular basis and to avoid simple passwords; especially those that are easily guessed. It’s debatable whether enforced, frequent changes of complicated passwords are always constructive (making you trade a security vulnerability for a social engineering vulnerability if you have a tendency to write your passwords down and hide them under the keyboard).

If a criminal guesses or cracks one of your passwords, using different passwords for other services and for your system passwords considerably limits the damage that he or she can do. If, on the other hand, you use the same password for all of your accounts, you run the risk that one lucky guess will give the criminal the keys to the kingdom. One of the reasons that trivial accounts are sometimes phished is that they give a cracker a head start on guessing the password for other, more profitable accounts.

You may find this SANS newsletter on keeping your passwords safe, interesting, and useful: http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201105_en.pdf.

TRA Consulting, Inc.
375 Redondo Avenue #153
Long Beach, CA 90814


Do you need administrative privileges?

Use an account on your computer that doesn’t have administrative privileges to reduce the likelihood of installing malware; and to reduce the likelihood of making severe and catastrophic changes to your system.  Password protect the “administrator” account, and create a “limited” user account for daily use.

Most system administrators adhere to the principle of “least privilege”.  That is, users should only be given the least amount of access and privilege necessary to perform their duties.  The more privilege you have, the more damage a user can do; intentionally or unwittingly.
If you happen to run a small business with a file server or a workstation acting as a file server and you have not limited access to critical data from your users, you have a ticking time-bomb waiting to go off.  Run through a scenario of what would happen if all of your data was wiped out.  Is your data backed up?  Do you have redundancy? In this scenario, some organization would cease to operate; in other cases an organization’s operations would be severely crippled.  Don’t be that organization.  Contact TRA for a free consultation and analysis.
TRA Consulting, Inc.
375 Redondo Avenue #153
Long Beach, CA 90814

Catch The Patch Batch

Keep your OS and applications up to date with automated updates and patches and by regularly reviewing the vendors’ product update sections on their websites.

Sometimes it seems that the whole world assumes that the only vendor that suffers from vulnerabilities is Microsoft. To see how misleading claims like this can be, check out the weekly “Consensus Security Vulnerability Alert” published by SANS (see http://portal.sans.org). In recent years, vulnerabilities in applications have become a serious threat (arguably more so than OS vulnerabilities).

Unfortunately, users are far less savvy about patching third-party applications than they are about patching the operating system. However, this vector will also decline in impact as application vendors learn to tighten their quality control and patching methodologies.

Ericka Chickowski goes into some more detail on the vulnerabilities of 5 third-party vendor applications and equipment and the urgent need to patch these applications and devices – namely, Java-enabled devices, Printers, Routers, ERP Software, and Databases; all of which suffer from neglect when it comes to patch management – in her article, “5 Systems You’re Forgetting To Patch”, http://www.darkreading.com/vulnerability-management/167901026/security/news/240005971/5-systems-you-re-forgetting-to-patch.html?cid=nl_DR_daily_2012-08-22_html&elq=f3f56ae21c164ea09473836b2a6c4394. This reading is highly recommended.


TRA Consulting, Inc.
375 Redondo Avenue #153
Long Beach, CA 90814


Don’t Let Autorun Be Autoinfect

AutoRun has presented such a problem in recent years. There is a wide range of malware families that install or modify autorun.inf files in order to infect systems. In recent years, Microsoft has taken steps to address this loophole: First, by turning off AutoRun by default in Windows 7, then by making patches available for XP, Vista and Windows Server, and finally by pushing the changes out through

Windows Update so that many more systems would then be updated automatically. Better late than never, some would say.

Still, that change has greatly reduced the volume of malware infections exploiting the AutoRun facility, though it hasn’t (and can’t) make the problem disappear completely. Microsoft tells us that it saw infections on XP and Vista reduced by 1.3 million in the first few months after the changes to Windows update, but there are still high volumes of AutoRun infection attempts, indicating that there are other factors at play.

Consider, for instance, the fact that XP SP2 is out of support, so that the figures for machines that aren’t updated beyond that show only a small drop. But that doesn’t, of course, mean that they aren’t a channel for infection attempts. Don’t assume, either, that this single precaution will save you from every example of this type of threat. Most malware uses more than one technique to infect targeted systems.

Removable devices are useful and very popular. Of course, malware authors are well aware of this, as INF/AutoRun’s frequent return to the number one spot clearly indicates. Here’s why it’s a problem.

The default AutoRun setting in an unpatched version of Windows (apart from Windows 7) will automatically run a program listed in the autorun.inf file when you access many kinds of removable media.

There are many types of malware that copy themselves to removable storage devices. While this isn’t always the program’s primary distribution mechanism, malware authors are always ready to build in a little extra “value” by including an additional infection technique.

As always, if you are unfortunate enough to be running an infected PC, contact your local virus removal experts, TRA Consulting: info@traconsulting.us or 562-225-4222


Does my file server need antivirus?

A good question that gets a lot of lively discussion in network administration circles.

If your server is exposed to the internet in any way except through the connected workstations, it needs to be protected with some sort of anti-virus solution.  There is a serious misconception borne out of the belief that if the computers connected to a file server are all running some sort of endpoint protection, the server cannot get infected; yet how many times does a new virus, worm or malware package slip through the application meant to protect it and infect the workstation?  We see it too often.  And if the workstation does get infected, what is the status of the files contained on that workstation?

Furthermore, how many SMBs use their file servers for more than just file sharing?  How many have insecure file-transfer programs like Dropbox?  How many are hosting an FTP server?  How many are opening up port 3389 for remote access without the use of a VPN or firewall?  Even more reason to get protected.

We have been using different file server antivirus solutions over the years.  Everything from Symantec and McAfee to Avast and Avira.  And whatever your personal preference, one thing is certain, your file server needs it, and it needs it now.  Please make sure that the type of antivirus you install has an engine capable of running on a file server with the least amount of drag.  Contact your local VAR for an assessment of your particular needs – TRA Consulting, Inc., 562-225-4222


IT Consulting      |       Managed IT       |      Cloud       |       Desktop Support         |       Privacy        |       Term of Use         |       Contact Us