GFI Cloud Based Network Monitoring eBook

Are you in a Small to Medium Business and overwhelmed with trying to manage your network and run your business?

Are your computer support personnel over-tasked with trying to support your users and keep your servers up and running too? Then GFI’s Cloud Based Network Monitoring might be for you.

With this free eBook from GFI you will learn how to:

  • Remotely manage and monitor all your workstations and servers
  • Identify and solve system issues before they become a problem
  • Free up IT resources to focus on strategic projects instead of break-fix
  • Easily scale your IT infrastructure to grow with your needs

Check it out!

Windows Small Business Server Moving to the Cloud

Very interesting article in the October issue of Redmond Channel Partner magazine. It looks like the next version of Small Business Server will come in two distinct flavors.

Windows Small Business Server 2011 Standard (SBS 7) will be the standard brick and mortar version of Small Business Server that many companies have come to know and love.

But Microsoft will also release Windows Small Business Server 2011 Essentials (SBS “Aurora”) to offer a Cloud based solution to small businesses.

Aurora will handle Active Directory, print services and storage locally, while going to the cloud for everything else.

Traditionally, SBS server was for small businesses, ranging from 5 to 25 users. Microsoft realized that these companies usually do not have the time or resources to devote full time IT support to keep all of the features up and running.  Their solution, use the cloud.

Features like Exchange, SharePoint, Office Live Meeting and Office Communications Online will be available through the cloud. Also Microsoft is releasing a Software Development Kit to encourage third party vendors to create additional cloud applications for SBS users.

This will definitely be worth keeping an eye on. Microsoft does offer a beta of SBS Aurora. The only problem is that RCP Magazine reports that the beta requires 160 GB of hard drive space! That is pretty extreme when most virtual machines run in 5GB to 20 GB space.

I have never been a fan of Cloud Computing due to the security issues, but it will be interesting to see if Microsoft can pull off merging SBS and the cloud.

Cyber Arms Intelligence Report for October 11th

I have always been concerned with small businesses being protected against modern threats. With the majority of my experience supporting small businesses, I have seen first-hand how devastating malware attacks can be.

If a server goes down in a large company that has thousands of servers, it becomes a priority call to the Data Center to get it back up. Many corporate Data Centers have a time limit to get systems back up and running. A standard policy might be to respond within the hour, and the server has to be back up in four. It is an inconvenience, but not always a really big deal.

If a server in a small business goes down that has a grand total of one or two servers, it could be detrimental to the business. The same is true if confidential or proprietary information gets siphoned from a small business by a botnet or other type of malware.

Small businesses also do not have large IT support centers to install updates and patches. Many times IT support is one or two people who have other jobs to perform in addition to running the servers.

Small businesses are victims of cyber-crime, and sometimes are critical to US infrastructure. According to a recent Fox Small Business Center article, Symantec found in an earlier survey that 60% to 80% of security issues could be resolved by a patch released six months or more ago, and also that 80% to 85% of critical infrastructure is in the private sector and a good portion of it is small businesses.

Small businesses need to become more aware of current security threats. In most small businesses the whole system defense scheme centers around firewalls and anti-virus. Most modern threats easily bypass firewalls and anti-virus. So, what can small businesses do?

“According to Symantec, the first step is to develop and enforce IT polices. The policies need to be clearly defined and implemented across all locations of a business. That way, threats can be identified and taken care of regardless of what office it happens in.”

And also to make sure that software patches and updates are installed. Zero day exploits, which are previously unidentified software exploits that allow hackers complete remote access to your system, are found constantly. Keeping up with these can be a chore, but is a critical step in protecting your network.

Along with security policies and update patching, I also believe that it is critical for small businesses to have some level of network monitoring installed. A full blown intrusion detection system may be overkill, but just turning logging on in firewalls, routers and network devices may help track down attackers in case the worst happens. 

Other Top Stories from Around the Web:

Inside DHS’ Classified Cyber Coordination Headquarters
The Department of Homeland Security recently brought its classified National Cybersecurity and Communications Integration Center down to an unclassified level for one day only, and InformationWeek Government was there to take photos. * Screenshot of Einstein!

Inside the Pentagon’s cyber war games
Under a constant canopy of low-flying nuclear-capable B-52s, the brand new Cyber-Innovation Center in the shadow of Barksdale Air Force Base in Bossier City, La., provided the perfect setting for the Pentagon’s latest cyber challenge — a public- and private-sector exchange focused on leveraging “the art of the possible” in a cyber war game setting.

Stuxnet ‘a game changer for malware defence’ – EU agency warning
The Stuxnet malware is a game changer for critical information infrastructure protection, an EU security agency has warned. ENISA (European Network and Information Security Agency) warns that a similar attack of malware capable of sabotaging industrial control systems as Stuxnet may occur in future.

Stuxnet Worm Reveals Default Password Vulnerabilities
On the other hand, I have many security concerns which stem from the “default” nature of their configuration. After all, an appliance usually runs on top of a general-purpose operating system combined with commonly available software such as databases. After reading an article which identified the primary attack vector as a default password on a programmable logic controller (PLC), I cringed

Libya Not Taking the Internet Light.LY
Could Muammar al-Qaddafi shut down your website for violating Libya’s religious laws? If your domain name ends in .ly — it appears so. The Libyan government removed the URL-shortening service from the Web for hosting content the country found offensive — in this case, showing bare arms.

Top 10 Ways Parents Can Protect Kids From Cyberbullying
Cyberbullying is particularly scary for parents; it goes beyond simply keeping your kids off certain websites, and it requires a deeper understanding of what’s appropriate — and what to do when the line has been crossed.

Spammers Using SHY Character to Hide Malicious URLs
Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers at Symantec Corp., spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore.

BIOS password cracking
People are bound to forget their passwords, so when you enter a wrong one three times in a row you get a message similar to the one above that locks you out until all power is removed from the system (then you get three more tries). But check out that five-digit number in the picture. That’s a checksum of the password.

Inside Phoenix Exploit’s Kit v2.3
PEK (Phoenix Exploit’s Kit) has become one of the most used by those who flood the Internet every day with different types of malicious code. * Screenshot of PEK! 

Five Famous Hacker Profiles: White and Black Hats
Hackers, like the cowboy heroes in classic Westerns, come with either a white or a black hat. Some wear both, but most can be distinctly classified according to the way they use their abilities: for good or for evil.

When High Tech Security Fails

State of the art security system defeated by – Chocolate?

We hear so much now about hackers breaking into systems, social networking sites being compromised and global distributed denial of service attacks that we tend to forget about the human factor.

You may have the newest Cisco router, intrusion detection systems and security software available, but what if the hacker simply sneaks into your office and walks away with your whole server? On more than one occasion, a hacker, unable to penetrate a server from the outside, broke into the company and walked out the door with the server in hand.

People tend to forget the human factor in hacking. One of the largest diamond heists in history was not due to the firewall being penetrated and web server cracked. The suspect simply walked in the front door and over time won the employees over with… Chocolate. Once he earned their trust, they gave him a key to a special area that he then used to steal about $28 Million in diamonds. Attacks like these are called “Social Engineering”. A social engineering attack is when hackers manipulate people to get information or access that they want. The quickest way into a high security locked area? Tailgate in with a group.

Many times a CEO will not give out his password to anyone, but his secretary might, if asked by a hacker posing as a tech support representative. Personnel need to be on the lookout for these types of attacks and question people who they don’t recognize. I have provided onsite computer support in small to large companies for over 15 years and have only been asked for credentials 3 times.

One last point, don’t just focus on computer security when defending your system. Make sure that your building is physically secure. Not just the first floor either, many times thieves have gained access to a building from an unsecured second floor.

Daniel W. Dieterle