GEEKNOTE: The news that the bad guys have once again compromised millions of additional credit cards is a stark reminder that computer systems are under continuous attack. You may have seen articles about how the Chinese government is promoting computer attacks against major US companies. These news reports are only the tip of the iceberg.
We see daily attacks against our servers. They frequently originate from China, Vietnam, and various parts of the former Soviet Union. They also come from compromised machines in the US, so called "zombies". Most of the time, these attacks are the electronic equivalent of twisting the door knob to see if anything is unlocked. Sometimes though, we see extended attacks that can run for days.
There are a number of steps you can take to keep your computers safe:
1. Place a firewall between you and the Internet and change the default password to a strong password. Likewise, if it has wireless built in, either secure it or turn the radio off. Both Verizon and Brighthouse have gotten better about providing modems and routers with at least some security turned on. As Ronald Reagan liked to say though "Trust, but verify".
2. If you have any ports that are "passed through" your router to an internal machine, be sure that you are using a strong login / password on that machine and that you are fanatical about keeping all updates current.
3. There is a reason our mail servers don't run Exchange. Consider isolating any server running Exchange completely away from the Internet. Exchange servers are a popular target and a misconfiguration here can compromise your entire network, especially if Exchange is running on your primary server. If you absolutely, positively must have an Exchange server handling Internet mail, consider having an outside mail service send and receive all of your mail and forward it to your Exchange server. That way, you can block everything from everywhere EXCEPT the single server that feeds your Exchange server.
4. Upgrade your router from a residential class router to one that is intended for business use. A $35 router is a poor investment if it leaves you exposed. There are good business class routers starting at a couple hundred bucks and going up from there, depending on features. The better routers can log attacks and provide SNMP data to track what is going on.
5. Keep business machines exclusively for business use. Casual web surfing and opening personal emails at work are a major risk for the entire network.
6. Keep unauthorized software off of your computers. Hacked, "free" copies of various programs often arrive with extra "bonuses" in the form of trojans and viruses.
7. Do a periodic audit of your network to see exactly what is connecting to your network and what software is installed on your computers. Again, "Trust, but Verify" is the operative phrase here. This is actually a good idea from an insurance standpoint as well. It lets you show your insurance company exactly what you've got if you suffer a loss.
8. Keep your antivirus and antimalware software up to date and scan everything on a regular basis.
9. Keep credit card information secure. Quite a few of our business customers use Quickbooks. It has credit card security built in and we recommend that you turn it on and take advantage of it if you use Quickbooks. Needless to say, paper copies of card numbers need to be protected as well. If you don't have a shredder that turns sheets of paper into little bitty pieces, go buy one now before you forget.
10. And finally, don't use the same password for everything. If you do, you simply make it that much easier for the bad guys if they figure out what it is.
I'll try to come up with something a little more upbeat for next week.
Feel free to drop me an email at firstname.lastname@example.org or leave a comment here if you have any questions. I love to talk about the cool stuff I get to see and play with.
Rob Marlowe, Senior Geek, Gulfcoast Networking, Inc.
(Rob also serves as deputy mayor of the City of New Port Richey. Opinions expressed here are his own and do not necessarily represent the position of the city.)