Tag Archives: network security

Don’t Let Autorun Be Autoinfect

AutoRun has presented such a problem in recent years. There is a wide range of malware families that install or modify autorun.inf files in order to infect systems. In recent years, Microsoft has taken steps to address this loophole: First, by turning off AutoRun by default in Windows 7, then by making patches available for XP, Vista and Windows Server, and finally by pushing the changes out through

Windows Update so that many more systems would then be updated automatically. Better late than never, some would say.

Still, that change has greatly reduced the volume of malware infections exploiting the AutoRun facility, though it hasn’t (and can’t) make the problem disappear completely. Microsoft tells us that it saw infections on XP and Vista reduced by 1.3 million in the first few months after the changes to Windows update, but there are still high volumes of AutoRun infection attempts, indicating that there are other factors at play.

Consider, for instance, the fact that XP SP2 is out of support, so that the figures for machines that aren’t updated beyond that show only a small drop. But that doesn’t, of course, mean that they aren’t a channel for infection attempts. Don’t assume, either, that this single precaution will save you from every example of this type of threat. Most malware uses more than one technique to infect targeted systems.

Removable devices are useful and very popular. Of course, malware authors are well aware of this, as INF/AutoRun’s frequent return to the number one spot clearly indicates. Here’s why it’s a problem.

The default AutoRun setting in an unpatched version of Windows (apart from Windows 7) will automatically run a program listed in the autorun.inf file when you access many kinds of removable media.

There are many types of malware that copy themselves to removable storage devices. While this isn’t always the program’s primary distribution mechanism, malware authors are always ready to build in a little extra “value” by including an additional infection technique.

As always, if you are unfortunate enough to be running an infected PC, contact your local virus removal experts, TRA Consulting: info@traconsulting.us or 562-225-4222


Does my file server need antivirus?

A good question that gets a lot of lively discussion in network administration circles.

If your server is exposed to the internet in any way except through the connected workstations, it needs to be protected with some sort of anti-virus solution.  There is a serious misconception borne out of the belief that if the computers connected to a file server are all running some sort of endpoint protection, the server cannot get infected; yet how many times does a new virus, worm or malware package slip through the application meant to protect it and infect the workstation?  We see it too often.  And if the workstation does get infected, what is the status of the files contained on that workstation?

Furthermore, how many SMBs use their file servers for more than just file sharing?  How many have insecure file-transfer programs like Dropbox?  How many are hosting an FTP server?  How many are opening up port 3389 for remote access without the use of a VPN or firewall?  Even more reason to get protected.

We have been using different file server antivirus solutions over the years.  Everything from Symantec and McAfee to Avast and Avira.  And whatever your personal preference, one thing is certain, your file server needs it, and it needs it now.  Please make sure that the type of antivirus you install has an engine capable of running on a file server with the least amount of drag.  Contact your local VAR for an assessment of your particular needs – TRA Consulting, Inc., 562-225-4222


Virus Removal

You have a virus on your computer.  You are not an IT professional, but you know just enough to be considered "dangerous".  Do you dare go it alone?

Removing viruses can be a dangerous ordeal for the end user.  Depending on how sophisticated the virus you are dealing with actually is, you may wind up doing more damage than the virus has already caused.  In the early stages of an attack there is an opportunity for the end user to identify the infection, save and close out all programs, and turn off the computer.  All too often, however, a user will begin to tamper with the attacker, edit the registry, and cause further damage; which can result in data loss, corrupted file systems, and bulk spam being generated unknowingly.

Choosing to live with an attacker on the host machine can cause severe damage to critical system files, destroy the reputation of an IP address as perceived by external spam blacklists, compromise bank accounts and passwords, and open the machine up to keystroke loggers, and the list goes on.

The best advice I can give the end user is this:  when you think your computer has been affected by a virus infection, save what you are doing, turn off your computer, and call the professionals – TRA Consulting, Inc., serving all of Los Angeles and Orange Counties.  We have seen it all – malware, viruses, corrupted data, spam blacklists, compromised email accounts.  Let us get your computer back on track and give you back your piece of mind!


Office 365 Migration Planning

Choosing to leverage the cloud and move to Office 365 Exchange for small businesses can be one of the best decisions your organization ever makes.  Office 365 is so much more than email.  It is freedom.  It is reliability of service.  It is the freedom to move between platforms.  And most of all it is full exchange!

Many prospective new Office 365 users are simply not aware that with the service comes a leveraged piece of Microsoft's .cloud datacenter.  And full exchange configurability via powershell.  That virtualized server in Microsoft's cloud is dedicated to your organization.  So there are no cookie-cutter, one-size-fits-all levels of service across your organization.  No, you receive the freedom to choose who sees what, whther you want a public calendar shared between employees, whether you want to use conference rooms, distribution groups, security groups, shared mailboxes, and the list goes on.  And for the price, this kind of power really does come on the cheap.  Take advantage of these services!

A big pitfall I see with choosing how to approach Office 365 is this:  Many SMBs opt to go through a third party reseller of Office 365 cloud services.  Some of these providers severely scale down the functionality of the service.  I have seen Office 365 resold in a form that resembles a POP email account.  There was no configurability, there was no freedom, no shared calendars, distribution groups, etc.  The only benefit I saw to the user was the ability to sync contacts between Outlook and the mobile device.  And to make matters worse, the service ran far and above the base price of Office 365 when purchased directly from Microsoft.  The provider will remain nameless.

Choosing the right VAR to manage your migration is critical.  You want an organization with experience, professionalism, and attention to detail.  I say this – if your provider can't make the switch happen between the time you shut your doors on Friday, and the time you open them Monday, move along.  Make sure your VAR provides you with a timeline for your transition – a plan of action.

Last of all, make sure your VAR is planning on sticking around for the long-haul.  Moving to exchange means that there will be questions.  You will need a resource to assist you in configuring the new service day to day.  Office 365, like any exchange product is not a one-size-fits-all solution.  It needs to be mended and tailored to the needs of the organization.  This process takes time; and unless you are technically savvy, you will want someone on your side who is familiar with powershell script configuration of exchange.

Feel out a prospective VAR.  Make sure they are the right fit for oyour organization.  Align your business goals with theirs.

TRA Consulting is in the business of helping our clients make money, not the business of disrupting business.  Contact us today about planning your migration to the cloud with Microsoft Office 365!


Gearing Up For CompTIA Breakaway

What a month it has been!  We are tying up a lot of loose ends these last two weeks of July in preparation for our first tech conference of the year – CompTIA Breakaway, Las Vegas.  Last year we managed to make it to HDI and Breakaway.  This year has been so busy, that there has been hardly a day to spare.   But there really isn't an excuse to miss conferences like these –  I can't think of a better way to stay on top of emerging trends in my field and have fun doing it!  I will have to write back next month about the contacts I make and the impressions I have of the conference.

The most challenging, yet rewarding task I have in my work is that of staying relevant.  The field changes so rapidly – the tools and methods we use to manage information, technology, and deliver service.  The opportunities we get to receive in-depth lectures on emerging threats and trends; as well as mix and mingle with our fellow techs and service providers are invaluable.

I hope to see some of you out there this year!


IT Consulting      |       Managed IT       |      Cloud       |       Desktop Support         |       Privacy        |       Term of Use         |       Contact Us