Chip Technology, Cellphone Payment Tech and not getting Hacked.

Chip technology is a passive circuit in a card. It waits to be energized by a signal generated by the pinpad or payment device. Similarly this technology applies with the tap and pay. When the circuit is energized it transmits a response with all of your payment information. Criminal hackers will roam around carrying equipment that energizes and retrieves the payment responses into their databases or record files. Then they can duplicate your chip. So get a wallet or purse or pouch that provides radio frequency and electromagnetic shielding to prevent both the energizing of the chip and the transmission of your information.

Keep in mind, these attacks must take place in very closes proximity.

Also it may be a good idea to put your phone in a similar container. While its in there you may not receive data, texts, however you also will not be susceptible to any sort of attack or reconnoitering.

GPS is also affected. A simple lining of tinfoil does the trick if you do not feel like spending a lot of money. But its not ideal. I recommend looking for an affordable option.

Changes in 2020

I moved my private office to Marion. I am enjoying the new space. Marion appears to have more reliable internet, water, power, roads and is right by the interstate.

Already it has been a busy year with a HP aio, wiring job at a school, and a few smaller calls for printers and of upgrades.

We are here to help whenever you need it.

Foreign Ransomware Attacks

This year has been big. The attackers are gaining access email accounts and collecting information on what you prefer to look at, purchase, and do. They are not stealing credit card information. Instead, they get a very good idea about who you are, who you email, and what about. Then they deliver a message that is very realistic to trick you into installing their cryptography software. They also send mail out to all of your contacts to begin the process with them.

Way back in 2012 I mentioned this behavior and it falls into a category called social engineering. If you watch the news you will hear mention of several cyber attacks that originate from outside the us.

These attacks are being waged against corporations that have the money to pay the ransom. It is big. Companies end up paying in bitcoin. Normally decryption software is delivered if the demands are met. Would it not be easier however to educate yourself and your employees to prevent such an attack?

First Baptist Church Website

Time to make some changes. Http://www.firstbaptustcarterville.org is going to receive a face lift. I intend on moving it into a worpress format using a reactive template. This means that the same page content will display and conform to any screen on any device. The update is badly needed. The only drawback to the change is that the additional overhead will cause it to load a tad slower.

5/24/18

Update: I have decided to make a wordpress template based upon and purchased template.  The beauty of this is that I will have provided a medium that is also a content management system.  As it is a template I will have complete control over the look and feel of the site so no one can easily break it with a post. I can also omit comments as I have done on my site.  Or atleast, require you have an account that is validated by administration first, before any comment made is posted.

https://livedemo00.template-help.com/wt_62320/

If you have a comment about this please mention it here.

 

Technology is Beautiful

 

Albert Einstein: “Computers are incredibly fast, accurate, and stupid. Human beings are incredibly slow, inaccurate, and brilliant. Together they are powerful beyond imagination. ”

See it from my point of view.  Who can’t love something like this?  Love what you do, never work a day in your life.

Mobile Vs. Reactive

I decided to go ahead and change the website template again. Recently I mentioned that I added a mobile interface. That was not a lot of work and it was just an adjustment to keep the site functioning.  People are doing way more on their phones these days. I wanted the main website to work without having to send mobile users to a special page of their own. Reactive is the property of a web page that allows it to re-organize itself on the fly to fit a different screen size. I purchased a template that I liked which had this property and several other features that I found intriguing. I have been busy converting the site into this new template for the last few weeks.

This may seem simple. Copy and paste. I assure you that it is not since my website is tied to a database I designed in 2003. At that time I had the entire site coded in ASP and was running a simple access database. Currently it has been re-coded for the Microsoft .NET Razor engine. It is still backward compatible with ASP. One of my goals is to allow my customer base to be able to log in and manage their accounts. I have the framework all set for that. I just have not enabled them to access their records yet.

The other interesting thing about my website is this blog. Built upon WordPress it is using PHP and a MYSQL database. The challenge here was to display both CSHTML and PHP content using the same template. I started Friday evening and completed the conversion Saturday morning.  I had to develop my own WordPress template.  It was my first.  It is a little rough.  But I am happy to say it appears to be doing fine.

I still have have small amounts of tidying up to do before I make the landing pages display the new template.  Some of the “Copy” is needing TLC.  I am not sure I am entirely happy with the new index page either. When it goes to a mobile phone view the content under the headings simply dissapears.  I have considered creating child pages from the headers but then I am opening a can of worms because I have to then build content pages for each heading. Again, for whatever reason, simple clear writing is not my strong suit. I get to wordy and technical for the average person. So I need a translator to make it easier to read basically. Reading all of this you probably understand now.

I do plan on selling products on line and soon. However, I think I will sell to people who are willing to pay with pay-pal or in person with cash or check. My issue is that Payment Card Industry requires an annual audit of pci compliancy.  I remember getting fined because I simply was late. I realize the importance of PCI complaince but it seemed out of my price range then and now. The audit has a fee of $150 or more depending on your situation. Additionally, processing cards from the site directly requires a payment gateway.  They cost roughly $50 / month plus a percentage of sales.

A good start to 2018

Yesterday I picked up a system with a bad hard drive at 6pm just after it was called in. It was fixed and delivered today by 5pm with an incremental backup system.  I also have a website preview done for an important customer.  I am also planning two more websites. I am so excited to see the reactions when they view them.  It is so wonderful to take something old and make it new again!

Secure your technology.

Staying on top of security is not good enough these days. Phishing, deceptive online marketing, and social engineering attacks are on the rise. Protect yourselves. Keep all of your devices patched and current, make sure you have antivirus and verify that it is updating. Get a backup routine in place. Review your social network account(s) privacy settings. Run your systems from limited permission accounts. If you would like help please call 618 985-5455 or visit our contact page. We can work remotely and we work all around Southern Illinois. Midnight Tech is here for you. We are helping improve things for our customers every day. Let us help you too.

Website Modification Made – Is your site mobile ready?

I spent about 2 hours and easily made my site mobile compliant. A little tweaking is still needed on the menu for the mobile site. I want to spend some time and make that more reactive. This is another big win. I learned that google is now basing some of its search rankings based upon your websites mobile readiness and optimization. If you are unsure about your site give me a call. I would love to help you with your websites if you need it.

Moved our server platform – again

Our Microsoft trial of server 2016 Beta 2 has ended. Initially we were lead to believe it was an unlimited license by the Microsoft website classification of the beta product and were excited to get moving. After two or three days of configuration a year a go we migrated everything from our trusty server 2003 standard platform on the new beta platform. It seemed very good until a few months ago when logging in it suddenly popped up with a notification that we needed to install a new version of the operating system. That it would be rebooted at random intervals even… Funny Microsoft folks! How kind.

So we have migrated away from all of that and scuttled the server 2014 environment in favor of hosting our website and mail on the windows 10 professional. platform. I am excited to say all is well. Doing this has also saved about 4gb of memory resources that would otherwise have been used by the heavier server platform.

I still feel having a very solid “Private Cloud” is a benefit where performance is concerned. If your on the same network as your mail service it tends to run a lot faster. Same with your website. For those out there in the world our web may be slow. But we do not require a screaming fast website. So having it inside cuts down on external dependencies. I see no reason to change at this point. I will continue saving the money that would have been spent monthly on those types of things and re-invest it into the infrastructure I have built up.

Here is to a good 2017 everyone!

Is your Mail Server Still Getting Spam?

[SMTP Error] 554 5.7.1 Blocked IP-Country XX (YYYYY UNICOM ZZZZZZZ) .

Previously I picked on one area of the world and decided to retract this because in all reality, spam comes from everywhere including inside the US. It’s like mold or cancer. It moves around and spreads. But now there is a cure.

I am not receiving any more spam, thank goodness! “They” are still trying to send it. Everyone has an Idea about what spam is. I had a look at the items being blocked and found that 95% of mail that is sent toward our mail server was an attempt to deliver malicious content intended to compromise our systems. Each peice of spam is an attempts to plant malware. Despite all of this it appears that the only mail I receive now is valid mail originating from inside the U.S.

This is one of those moments when you have accomplished something huge that no one else really knows or wants to know about. It also means that if I can prevent 95% of truly malicious spam from reaching the servers here, I can accomplish it for your business as well. That is a huge win because I like helping out!

I have been running mail servers since 2003 when we opened this business. I have administered mail servers for several organizations along the way but I always come back to my own server with a sense of pride. I have the cost way down on the spam filtration. It costs nothing to maintain once it is in place as it does not use any third party service that charges. No office365 or google office accounts. No spamassasin or other spam filtration services. To clarify, there are a huge groups of individuals that actually donate their efforts to identify catalog and block spam from servers that should not have sent it. I do hope I can use my knowledge at some point to lower your mail service costs, reduce your spam intake, and further secure your Information Technology Infrastructure. Businesses are busy enough. Information overload is a common problem for people running businesses everywhere.  Why not isolate all of that to non spam items. Having a clearer view of your inbox is a great way to start.

 

God Bless You – Happy Holidays

I am wishing everyone a happy healthy holiday season from my family to yours. God bless you, Buh ti žehnej, Gud velsign dig, God zegen u, Jumala siunaa, Dieu vous bénit, Gott segnen sie, Allah ya sa muku albarka, Isten áldjon, Dio la benedice, Gud velsign deg, Bóg blogoslawil pan, O deus abençoa, Dumnezeu sa va binecuvinteze, Dios le, bendice, Neka vas bog blagoslovi, Gud välsigna dig, Berhudar.

Happy Holidays! Below is a nice picture of a manger construction that I really like and music to match.  Enjoy!

Patirick

Joy To The World (link)

Vintage manger from TJ’s youth

Save money at the office and at home on technology expenses

I believe everyone would prefer to save their money if at all possible. Rent based services and products are not smart investments. Examples I can think of are Office 365, web hosting, password vaults, antivirus, virtual fax systems, accounting systems… The list goes on. Over time your expense continues to increase.  If at all possible steer clear of rent.  

  1. Buy office or convert over to open office. It is free and very similar.  Most of your existing documents still work.  With small touches your doc is the way you had it before.  

  2. Talk to your ISP and get a static ip. Then self host your website.

  3. Trend, Comodo and panda all have free antivirus products.  Also keep in mind windows 10 is already protected with windows defender out of the box.

  4. Fax is necessary?  If not get rid of it.

  5. Lots of accounting cloud services are out there these days.  That is a business decision.  For the home buy the software and run it on a computer that has backups.

These seem like common sense ideas.  Those $30/month fees add up over time and multiply per user. Are you really running efficiently?  I hope this helped.


I save people money with the technical service I provide.

  1. I stand behind every hour of labor charged.  If there was an issue because of a mistake or your original issue was not addressed completely the labor warranty goes into effect.  It provides you the labor to work on the problem free up to the hours you have paid for during the last month.  

  2. I do not charge for failure to deliver.

  3. I charge less and will do on site repairs, pickups and deliveries. If you are located over 30 miles from my starting location there is a small $0.55 / mile fee.

  4. No bench fee.  I do not charge to look at your system.  I will evaluate it for free and try to convince you to allow me to help. There is no charge if you just take it back.


I want to be the one to help you next time you have a technology question.  Please set up an appointment with me.


1. Leave a message at: 618 985-5455
2. Send an email to patrick_barnes@midnighttech.com
3. Use the contact form at http://www.midnighttech.com.


Please suggest times after 5pm during the week or anytime during weekends and specify your meeting location.  I will add you to my calendar. Then confirm with you that the appointment is good.


I hope this post finds you in a good place.  I look forward to helping and hope to hear from you soon.

Patrick

Screen Repairs on all mobile devices, laptops, tablets, and touch screens.

Did you drop your device and break the screen? We will fix that for you charging only the cost for components and 1 hour of labor. Most phones cost over $400 when you buy them new. Some used are easily close to that figure. The repairs can be done for between $100 – $250 depending on your device because. The price is affected only by the screen components. If you don’t have a warranty please contact us, even if you are not local to southern Illinois. Email us: sales@midnighttech.com. Tell us what device you have, send a picture, and we will get you a firm repair price. If you will be mailing it please include the city and state where you are sending it from so we may estimate the return shipping charges.

Our Custom Builds Never Die

7 years ago a customer needed help. The system had a bad motherboard. We replaced it with an intel board. We did a backup as always, provided a recovery system and they went away happy like all of our customers do. Since then they have had two upgrades. All the while we maintained their desktop settings and files where they were. Never losing a single byte of data. We use quality motherboards from Intel. At that time we were still an Intel Provider. Now Intel has moved its operations into NUC systems, Servers and some mobile platforms. They no longer offer desktop motherboards. Yet, the systems we installed are still out there and we support them.

This customer’s system came in not posting or booting up. They pressed the power, the fans came on but it would not boot the operating system. Once we had it in our office we did the usual quick checks with memory and power. When these did not work we took the motherboard out of the case. The case was blown out with compressor air, the standoffs checked and tightened. The power supply was blown out and tested. The motherboard passed the bench test. After re-assembly we checked the operating system for security and performance issues. After modifying a few startup items to make it boot to the desktop more quickly we tested and delivered the system at no extra charge.

Interestingly, this customer runs windows vista. It was an upgrade from windows xp,  which was an upgrade from windows 98. I do expect they will want to move on to windows 10 and a newer system when this one gets too old? 3 more years? For that matter, my mother in law also has an intel build. She will not give up windows xp. It still runs like a top. Verified still running on 2/18/17.

 

Cleaning up a compromised Edge Browser

The Edge browser is from Microsoft for windows 10 and server 2016. They advertise that it is more secure and that it has improved performance. You can hit the blogs and learn that everyone Edge-Elipsesis having the issues. But what if you do? If your edge browser gets compromised start by going to the top right and hit he ellipsis.Then click the settings

 

.edge-settings

“Choose what to clear”

edge-what-to-clear

Now select “show more”

edge-show-more

After you show more check all  the boxes and click clear. This will reset everything when your run edge the next time.

edge-clearing-data

You also want to make sure your popup blocker is on. To get there Ellipsis>Settings>View Advanced Settings.

edge-advanced-settings

Here is the top half of the advanced settings

edge-advanced-top-halfAnd the bottom half.
edge-advanced-bottom-halfAd the last little bit.

advanced-settings-very-bottom

So turn on the popup blocker and make decisions on the rest. Each setting plays a role in the security. I like the default settings.

At this point you still need to restart the edge browser. You cleared everything, and set the popup blocker.  Closing and opening edge will save the settings. It will also indicate if this procedure helped your situation. If you are still having issues contact us. We do provide remote support services by appointment.

Microsoft Edge – Bulletproof?

Microsoft Edge is the lightweight browser integrated into windows 10 and the new server 2016 platforms. It is supposed to be fast and bulletproof right?  No. It can be compromised.

I tested a few questionable search sites for non existent hardware drivers to see it would stand up or be hijacked. My test system was a dell laptop running as an administrative user.  It is also loaded with Webroot corporate antivirus. After choosing a site and the suggested driver I viewed the detail webpage and chose to download.  The anticipated popups arrived.  They were peddling an updated media player. I was certain it would deliver a virus.  Alt F4 closed edge. Then I rebooted. When I re-opened edge the popups were back. Webroot did not see a virus because there was none. The point is that edge was altered and the cleanup did require some work. In a future post I will look closer to see what plugins can be used  what approaches to taken to secure edge from the same test. Please leave your comments and questions.

Upgrades

We have successfully moved to server 2016 and migrated our website and blog. There are more posts to come.  The mass of silence was due to a busy year and lots of changes. We look forward to a very active 2016. Your questions and comments are requested.

Antivirus: DO YOU HAVE IT

Make sure you do have antivirus and that it is up to date. Also verify you have a backup plan and that you have a current backup. There is a new virus out and it is Nasty. Besides stealing your information, it also encrypts your files. They ask you to pay to decrypt. That apparently does not work. Either prevent the infection, or have a good disaster recovery plan. Read more below.

http://www.bleepingcomputer.com/virus-removal/cryptodefense-ransomware-information

ID Theft and Your Security

Holidays come with a price. Don’t let your guard down. You need to protect yourself and your identity.

Let’s start by keeping track of your personal documents. Try not to dismiss simple things like credit card offers and or bills. Don’t just throw them away. Shred or destroy them. In the wrong hands they can be used to hurt you. Buy a safe or use the safety deposit box to store birth certificates, passports, insurance, financial and social security documents.

Keep track of your credit score. Experian, Trans Union and Equifax are the three major credit agencies. Experian has a great program to help you monitor things. It’s program includes training materials to help you expand your knowledge of credit security. Getting informed about credit is a good place to start.

Place a hold on your credit with all three agencies. It serves the purpose of preventing new credit from being taken in your name without your knowledge. You will pay a small fee when placing or releasing credit holds. Did you know that when a company runs your credit it actually lowers your credit score?

Stay on top of your personal electronic security. Most new computers sold today come with antivirus already loaded. If you want more security or you have an older computer I recommend Comodo internet security professional. In the event that you get a virus while it is installed and you pay for a repair, your Comodo Internet Security Pro subscription provides up to a $500 warranty. Comodo Internet Security Pro runs 40 dollars and it covers three computers. Pricing is tiered based on the subscription term you choose. Comodo Internet Security Pro has built in free technical support. The support system is called geek buddy.  Comodo does offer an upgrade to have technical support for issues not related to their product.

Avoid getting a virus. When checking e-mail, social networking or shopping online scrutinize everything before you open it.

1. Does the senders email address match the name or company?
2. Do you know who it is?
3. Is it something they would normally send?
4. Is the website properly secured?

If you have any doubts do not open it. Avoid marketing content unless you are absolutely sure it is safe. This is where most attacks are occurring. The hacker will impersonate and trick you into installing his virus on your computer. He will then have your address book and logins to the sites you frequent. Please be careful.

On the business front there is a lot more to worry about. The payment card industry isn’t the only industry that needs to be aware of electronic identity theft.  All businesses that store demographic information for their customers should be concerned about its security. Up-to-date systems with Antivirus should be maintained and regular security audits should be performed.

If you have questions or would like some help please don’t hesitate to contact us.

A year in review

I have maintained a lot of business this year all in the face of new and abounding opportunities for growth. It has been busy and exciting. For those of you I did help maybe I will hear back in a few years? It seems odd to say that. I have noticed that I don’t hear from people I help for quite a while. I used to worry about it. Later someone told me not to. They said, “The work held up and that’s all that matters.”

I believe that hard work will pay off. I feel that if I work smart, work hard, and put the customer first someone is going to notice. Things here are done right every time. I absolutely want people to post to the customer reviews section. If you are a previous customer and you do leave a customer review I will take $25 off your next purchase of $65 or more. Happy holidays in advance. Have a good year to come!

Patrick

Drawing for 1 free hour of support. Offer expires October 1, 2013.

Get 1 hour of free service on any project that can be done remotely. To enter into the contest please visit our blog, click “Ask Questions”, and post your question. You will receive extra points for:

1. Really good stump the chump questions
2. Questions that contain good spelling and grammar
3. If your question has a happy tone.

The offer is good for anyone anywhere that has an internet connection. We are willing to provide the winner help with computer tweaks, network adjustments, and / or website needs.

All posts are moderated.

UBUNTU

I have to hand it to UBUNTU for coming out with a decent operating environment.

I am ever the pessimist but take it lightly.

1. When it finished installing the screen was dimmed all of the way off.
2. Had to run a bunch of terminal commands to edit 2 separate config files just so windows networking would work.
3. Huge security issue, the firewall is off by default and you have to install a gui to manage it when you figure out how to get the firewall turned on unless you want to do everything via a command prompt (terminal session).
4. So I turned on the firewall, made the appropriate adjustments for windows file sharing – terminal style. This however broke the printer. A problem for another time. The day is old.

All in all it is power for the course. Still a tech junkies OS. UBUNTU is much smoother than it ever was. UBUNTU One is a platform where you have a single log in for every device to access your stuff. It uses cloud storage. Ubuntu also has a music store. The combination of these two features has me Jazzed. They also are now including STEAM for all of your gaming aspirations.

Right off the bat it works better. For instance, it boots fast. I had email, facebook, printer, background, and remote desktop set up in 5 minutes. Its stock with lots of tech so I could ftp, ftps, sftp, telnet, ping, etc.

I am not an amazing Linux guy. I know enough to really customize a solution. I could not write a module for it. Most of the UBUNTU world is geared toward avoiding that step. They have built in the UBUNTU Software Center. Ubuntu is open source. So if you have coding skill you can write something to work with it (and everyone does) you do and add it to the millions of other applications out there for UBUNTU. The point is, if there is something you can think of that you want UBUNTU to do it probably already exists. You hit the Ubuntu software center and search for something in the general arena. Pick what you like and click install. It takes care of everything else. You might have to type your password.

The feature I find most useful is the search function. You click a button and type something. Remote finds remote desktop. Word finds a word processor. You get the idea. True its new but with ease of use with the search function it will be simple to get moving. Did I mention UBUNTU is free? I have it loaded on a very new Laptop running a core i5, lots of ram, camera, cd burner, Bluetooth. Somehow, they figured out the hardware independence and everything just works. So I guess the point is – easy. The installer also set up a dual boot so I can revert back to my crusty windows anytime I like. Bill Gates eat your heart out.

Check it out some time.  http://www.ubuntu.com

Permanent Mail Rejection List for 5/12

All spam comes from some where.  If you have access to the servers logs you can identify exactly where. If you do not I can set you up so that you do.  The phrase, “Knowing is half the battle”, rings true here.

Of the many subnets below 3 are from the US.  I can get more into US business spam – which isn’t “opposed” by the spam-can act.  Regardless – it is unsolicited and I feel no shame in sharing the information with the public.

The below networks are very broad. But I can assure you blocking mail from them will only help your situation. If you would like details on each network and why let me know.

75.102.0.0/255.255.192.0
72.30.0.0/255.255.0.0
111.93.0.0/255.255.0.0
114.200.0.0/255.248.0.0
117.192.0.0/255.192.0.0
122.136.0.0/255.248.0.0
189.192.0.0/255.248.0.0
58.148.0.0/255.252.0.0
59.0.0.0/255.224.0.0
64.12.0.0/255.255.0.0
77.54.0.0/255.255.0.0

Administrators View of Spam

The actual definition of spam (electronic) by wikipedia:

“Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam. It is named for Spam, a luncheon meat, by way of a Monty Python sketch in which Spam is included in almost every dish.

Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. In the year 2011, the estimated figure for spam messages is around seven trillion. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming has been the subject of legislation in many jurisdictions.[1]

My definition is:

Email messages sent as marketing from a company (real or not) that you did not authorize to market to you. The personal messages from people you don’t know are also spam. Most of these are attempts at Phishing. Phishing is any approach used to trick or coerce a person into giving up information they normally would not.  Most times it is personal in nature – a password, ssn, address or something similar.

Required for outgoing mail service:

1. Mail server is domain registered to a static IP address.
2. There is a valid reverse dns record (at the isp) for the mail server.
3. MX records point to your mail server.
4. SPF record you create athorizes your mail server to send mail.
5. Your server is configured to dissallow open relay attacks.
6. Server is not listed on any Block List Provider Services.

Email Marketing Rules.

1. Mail should include a method for users to remove themselves from your mail list and it needs to work.

Does your orgainzation still get a ton of spam?

Mail administrators should consider using SPF in addition to reverse dns lookups and other ip validations. Also employ mail delaying for new “conversations” into your organization. Configure the server to reference block list providers such as cbl.abuseat.org or dnsbl.njabl.org. spammonkey.com has very fast turn around and can identify the type of internet service for the originating IP address.  If it is not a true static set up properly then the mail will be rejected if you use their RBL list.  There are many others. Purchase mail server enabled anti-spam software such as trend micro messaging security. It directs otherwise un-blocked Greyware to the users junk folders cutting down on your work trying to find blocked mail that should have come in. Greyware is spam originates from a mail server that appears to meet all of the requirements for a valid outgoing mail server. However, the messages you recieve are unsolicited. Which ever solution you choose make sure of the following.

  • There is temporary storage of blocked mail.
  • It is possible to create reports on blocked messages.
  • It provides message recovery options for blocked mail.
  • White Lists for keywords, domains, email addresses and IP locations to guarantee delivery from known locations (with badly configured mail services!).
  • Black Lists for keywords, domains, email addresses and IP locations to filter out previously seen examples of spam.

So you ask – how the heck did they get my email address.  I never shared it…  Some hackers actually poll the mail server via telnet with hidden commands to the mail sevice. If you have a lot of unsecured mail traffic going to your server they could packet sniff you without too much effort.

Have a look at the image below.  This is grey ware.  The sending server of this spam passes spf, and appears to be valid.  My user tried to unsubscribe but it still keeps coming in.  So I have looked up the ip and found it inside the US.

My options are to block the IP (prefereably at my servers firewall), filter the keywords in the subject, and add the domain to a black list.

I like to go one step further. If I see that the mail originated outside the country I use subnet blocking which blocks that entire network. I prefer to do this using the CIDR notation. Subnet blocking covers millions of addresses all in one shot. This network is stateside so I did not block it.

What about webmail (gmail or hotmail)?

From a  personal standpoint, say with gmail or windows live, use strict mail filtering allowing only mail from your contact list to email you. Then monitor the junk folder for everything else. Skim the junk folder for important items. If you find something move it to the inbox and add the sender to your contact list. When your done empty the junk folder.

If you are tech savvy use an anti-spam proxy to go between your mail client and your mail provider. You configure your mail provider to allow pop and smtp mail access.  Then you configure the proxy to check the mail for you. Finally set your mail client to check the proxy. Let it do the work. If a bad peice comes through you send it back to the proxy “spam” address to report the situation. It takes care of that problem. If a good email gets blocked you might look at the reports and recover it. Then reclassify the message to the white list.

With spam there is no magic cure. You can spend thousands on spam prevention. But dont.  Be smart and vigillant.

Midnightech.

Spoof from USPS

Spam is a huge issue these days and is fully intended to either plant a virus on your computer to get information (personal and financial) or to get you to click a link (known as phishing) to get your information. Here is a text example of such an email that was just reported to me.  I removed the links for your safety.  In the body of the message the spammer was asking the recipient to log in. That was the trap. It actually lead to a different website that looks a lot like the usps. The website had a malicious script that loaded spyware into the browser and it had a form for the user to log in with their current paypal credentials. That form was designed to fail and redirect to a reset password page.  There the user would be asked for more information to “verify their identity”.

I see these attacks all the time. Just letting you know its not a great idea to believe everything you get in your email.  Today I received a similar one from Paypal.com.  Instead I opened a browser – and logged directly into paypal.com.  I got them on the phone to verify the security of my account and review recent transactions.  Then I sent them the mail server logs and message for the spoof email I received by forwarding that message to spoof@paypal.com where they will research the attack further.

Have a great day!

Midnightech

————————— Body of Spoof mail with phishing links —————-

Subject: USPS postage invoice.

Acct #: 9641389

Dear client:

This is an email confirmation for your order of 5 online shipping label(s) with postage. Your credit card will be charged the following amount:

Transaction Number: #1225992
Print Date/Time: 03/11/2012 02:30 PM CST Postage Amount: $20.06 Credit Card Number: XXXX XXXX XXXX XXXX

Priority Mail Regional Rate Box B # 6256 7825 6297 3496 7698 (Sequence Number 1 of 1)

For further information, please log on to www.usps.com/clicknshipand go to your Shipping Historyor visit our Frequently Asked Questions.

You can refund your unused postage labels up to 10 days after the issue date by logging on to your Click-N-Ship Account.

Thank you for choosing the United States Postal Service

Click-N-Ship: The Online Shipping Solution

Click-N-Ship has just made on line shipping with the USPS even better.

New Enhanced International Label and Customs Form: Updated Look and Easy to Use!

* * * * * * * *

This is an automatically generated message. Please do not respond

 

The Human Threat? Social Engineering

Kevin Mitnick  wrote the book, Ghost In the Wires. I purchased it in audio format and recently finished listening to it. He was very good at Social Engineering but ended up in prison for it. In his book he tells about how he used social engineering to hack telephone companies switchboards  and other systems to get what he was after. Social engineering is a tool used by hackers and others to get something from you that you would not normally give. It is a really dangerous tool when someone very skilled uses it. Even scarier, a majority of people would never suspect it. They just roll over and give up whatever information or thing is asked of them. This article explains the concept of social engineering and how it is being used to steal identities – and so much more. To be able to protect yourself or your business from the social engineering approach you first need to understand it. This article does a really great job.

Spiceworks on Social Engineering

What is a Virtual Operating System?

VM stands for Virtual Machine. It is really just software that runs inside another operating system to run another operating system(s). If you have a large amount of memory an hard drive space you can run several “virtual machines” simultaneously.  You are limited also by your operating system capabilities. For instance, a 32 bit OS may not be able to run an instance of a 64bit operating system. I am hooked on VMWare. I like to use VMWare to run important services because It makes hardware portability a problem of the past.  There is an easy to use conversion tool if you want to move a physical machine into a virtual environment. The desktop version I am using allows me to run the vm’s I have created. That is a huge plus because all I have to do is turn on the computer and whatever I have virtualized just runs. Like this web server that hosts my site.

From free versions to enterprise, every solution vmware provides is efficient and easy to use.

The question for many people is, “Why would I care to use virtual OS?”. The answer is different for everyone. It really does depend on who you are. GAMER, HOME USER, SOFTWARE SPECIALIST, and IT GURU.  These people all have different uses for virtual operating systems.  Then there are packaged VM’s that are designed and distributed freely for specific purposes so diverse and many I cant mention them all.  You just go shopping for it and find something you think is cool! You will find everything from games to VPN solutions.

So here is the plan. We will cover each individuals possible needs.  Then move on to other explanations.

The GAMER: Most gaming situations do not run well in VM if it involves a 3 dimensional environment requiring a large GPU, tons of memory, and processing.  If it is a strategy game or an older game (2 years or more) you can probably swing running it in a VMWare instance.  But why would you???  Several years ago you spent all of this money on your computer just to play these games on a 32bit OS.  Then you decided to do upgrades and now you have a bigger motherboard, video card, tons of memory and a newer operating system.  Unfortunately, the windows 98 games you were running from XP in compatibility mode now do not work because you are runing windows 7!  So – load vmware, install the windows 98 OS, and a windows XP OS. and load the respective games on each instance.  Run only the OS required for the game you are playing.

Business Owner:

The Business Owner with an ancient laptop and NO install discs for that “all too important” application that makes some vital part of their business run  got a virus and I think the laptop was about to go anyway. It seemed like the hard drive was about to give out.

He had just bought a new office full of computers and so I virtualized the laptop and had it running in his workstation. It ran well!  Better in fact. Since it would not be possible to re-install the OS without losing that software this solution was a god send. It allowed him to still access the software on the now stable “virtualized” version of the laptop. I also reloaded the OS on the physical laptop and gave him a clean, fast and secure operating system so he could keep up with his mobile world. I am pretty sure he gave that to his daughter.

THE HOME USER:

I always run across someone with one of those old ancestry programs that is obsolete and out of production.  Yep.  windows 98 only or XP only.  Same deal.  Load the appropriate operating system into vmware – transfer the files in and wala.  Your up and running again.

SOFTWARE SPECIALIST:

Its a no brainer.  If you are developing software for a user community you have multiple different types of operating systems to address.  If its web development you also have several versions of browsers. In that each OS has service packs (or lack there of) as well as different versions of JVM, flash, and so on.  There is no real way to see if it is going to work until you try it in as many different possible environments as possible.  So get cooking.  Build the major operating system releases into vmware.  Make copies.  And differentiate each copy 3 different ways from Sunday. Now you can test your software on any possible environment your brain can conceive!

THE IT GURU

Does it matter what platform you choose?  Unless its apple no it doesn’t.  You can run anything under the sun (almost) in vmware (Not APPLES STUFF).  If it is apple or the exception to this rule – then the platform you choose will probably have a Virtual environment you can leverage.  But do your homework to make sure it has duplication and redundancy.

WHY?? Just take a mail server for example.  It received the messages sent to your organization and passes the information to mobile devices, web interfaces, and your mail clients.  Lets go back a few years.  Everything you have is running inside the server in the closet.  Lighting strikes, there is a fire, and where are we?  In disaster recovery.

So you grab your tape backups from the bank vault (YUCK) and spend days streaming the files and data back out to that $5K  – 10k server you just bought to replace the toasted one.  Now you have to get your mail configuration running, bind it back to the public ip, set up secure certificates, on and on and on…. Maybe a week later you guys are running on your server again.  I’m sure you redirected all the mail to a fail-over service for a time.  But lets face it – if that wasn’t expensive – it just isn’t as fast, your folders and OLD mail is missing, and you cant send out those 30MB email attachments now. Your also gambling that the 3rd party provider isn’t quietly watching your messaging for good nuggets of usable information. Did I mention that phone call to Microsoft or whoever to recover your data you just pulled off those crusty old tapes?

Surprisingly enough – for this very reason a lot of companies would rather pay 28 to 50 per month per user to resolve this issue!  But some just cant afford that.  For the ones who refuse to pay out that money they are either still running like they were 10 years ago or they moved into a virtual environment (SCORE!).

The ones who moved their mail server into a virtual environment have some of the normal things they had before like – big TB storage volumes built on SAS raid arrays that could never fail because of that hot swap sitting their ready to take over. Or the dual power supplies on the server so that if the power goes out there is always one that will for 4 hours while the power is down (just enough time to grab the generator!).

In the enterprise virtual machine world there are new redundancy tools…  Yep!

My optimal situation.  Here is where you grab a seat belt and a Klingon Translator.

This company bought three or more servers with 64Gigs of ram, 9 2TB 15K spin SAS Hard Drives with huge cache, 2 or more 2.6GHZ 4 Core Zeon Processors (current Intel chipset).  Loaded each with vmware esxi. They took one of these monsters and virtualized every possible server environment running in their company that would fit.  Then they shut down all ten of the old servers and turned on this single network connected esxi server.  The company is running on vmware and the energy footprint went down by about 1500 watts per decommissioned server!

They bought a 3 10GB fibre optic switches and 3 10GB fiber-optic transceiver and NICS (outfitting each esxi server).  They ran 10g long range fiber between 3 different buildings as far across campus as they could get. Then the loaded vmotion on a monster of an I.T. workstation that, yes, has a 10G NIC tied into the same 10G network the other 3 servers are on. Lets go a little further and pretend the budget was really good and add some high speed esata 10 drive raid devices to each of the 3 servers.  Lets use DROBO enterprise products and also place one unit in the CEO’s home on a big fiber-optic ISP connection.

They have two or 3 hardware servers running in 3 separate locations.

The loaded server esxi server a has: 1 edge mail, 1 mail hub, 1 mailbox db, 3 dns, 3 dhcp, 3 data, 1 accounting services, 1 payment system, 1 medical record, fax system, phone system, Contact management, thin client server, 3 terminal services servers, and 3 web servers.

In the grand scheme of things the resources on the one server loaded is less than 1 quarter utilized! The other two servers are just waiting for data…

Your IT GURU goes to his workstation.  He visits the web interface of the esxi server and loads vmotion.  Then he logs in.  He can see all 3 servers. All he has to do is set up replication and fail-over. The software does the rest.  Live copies of everything running on the first server populate out to the other two in perhaps a day. The first copy is the longest. After that live changes stream real-time.

Day 2.  Your IT GURU goes to his workstation and decides what applications really need to run where. Building 1 – Administration, building 2 Accounting, building 3, operations.  So he marks the appropriate resources to run from these appropriate locations.  And then goes to lunch.

Day 3.  Drunk driver runs into the power pole outside building 2.  well, the servers in building 1 and 3 takeover – dynamically splitting the load for best performance.  Now there is a maintenance issue on server 1.  For some reason the boss decided to turn off the ac and the heat kicked on in the server room.  The Intel board sensed the temperature increase and safely shut down to prevent any damage. Server 3 is holding down the fort.  Amaren came out and restored power to building 2 and its like – nothing ever happened.

Day4. It GURU gets busy setting up automated snapshots and having them copied out to the drobo in the respective locations.

Day5.  It GURU uses Drobo replication to securely copy everything out to the CEO’s drobo in his home.

Small note: The drives are encrypted.  They are massive paperweights unless you have the correct apps, and passwords to access them.  We are ARMY strong with our encryption here!  LOL. Some of you security freaks know exactly what application I am talking about don’t you. Plausible Deni-ability?

Day 6.  Who cares. Its a Saturday.  Lets take the wife and kid out on the town and have some fun!

What are you going to do when your Exchange Server running on bare metal bytes the dust because of some board failure??  You have to replace the hardware (expensive and time consuming).  Then you have a 48 hour build ahead of you and a 24 hour data recovery if your mail stores are nearly as large as the average ones I manage.  If your not Microsoft certified it will probably include some grueling phone time.

VMWare Vmotion is cool technology I really would like to apply.  It leverages a second or third vmserver running in the back that is an actual live copy of the first – with every guest operating system it hosts running and intact to the second. If you dump vmserver 1 and your webserver is being visited by a guest vmserver 2 picks up where 1 left off.  The webserver which is now running on vmserver 2 picks up where it left off. If you ask me – this seamless recovery is the way to go when it could take hours or even days any other way.

If you do not use vmotion then you have to turn down a guest os and copy its files out to direct attached storage (fast) or over the network (slow) as a backup solution.  This method of redundancy is common and effective but backups are only as current as the last time you performed the backup. Automating this type of task can be tricky.

A lot of companies us virtual environments to test software on different platforms – or to run obsolete software packages. Having an xp workstation, a windows 2000 system, and linux running on the same workstation is a great help for a developer like myself. Virtualizing your operations will open many doors.

I am not advocating you use just VM Ware specifically.  I am suggesting it because I use esxi as well as the older vmware server (a desktop product).  Microsoft has a virtual platform, Ubuntu 11’s server platform has os virtualization and so does Apple.  There are a myriad of other companies who are trying to virtualize operating systems for various reasons. In the world of data backups, redundancy, and disaster recovery. Paragon now has an excellent solution to deal with many of the above mentioned vm formats. One of their products even allows you to boot the backup image. Its affordable too!!  Who knew..

Hacks

So I found a few comment entries on the blog being posted over the last few days that were spam. Go Figure. It appears that someone with international leverage of resources had found a way to get past the CAPTCHA and decided to pick on my server. So I have blocked those country subnets from the web services security control panel and updated the CAPTCHA plugin. That should do the trick. Unfortunately my action has limited some international users from being able to view this site.

My story, SELF DEFENSE!

Strong Passwords? What’s the fuss?

This says it best. Seriously – how hard is it to protect yourself with a password? Lets go one step further on the subject and ask how many user names do you really have? Bank, Email, Another Email, Your School, Your Job, Instant Messenger, and .. and .. and .. How many of them are the same? LOL! right! If your really easy password gets hacked what could they get from you? Scary?

I am an Administrator. I rotate my passwords constantly. It goes without saying – you won’t ever catch me throwing caution to the wind and you should not either.

For my users I use a password randomiser. When I get a new user I will set up their email and password using the randomiser to create a 7 or 8 character alpha numeric password. I cut out that little sliver with the information and have the user slide it in front of their drivers license. This way they can safely look at their password if they need to, they will put it away when they are done, they wont lose it, and no one is going to be rummaging through their purse or wallet without having to answer some very direct questions.

The human mind needs 5 consecutive days to build up a habit. Typing that password will become very natural by the 5th day. Muscle memory is a neat thing. Most people will find themself jabbering the password verbally in their mind as they type their password.

I agree that strong passwords from a randomiser are not for the personal user. So I agree that coming up with a phrase no one would know that includes a number here or there is a great idea for generating a strong password.

A very cool way to apply a random password to every log in you have is to make small adjustments to a strong password you do know. Let me emphasize know. Make sure you got it first! Only when you do go around and update everything. Just add something to it. Take letters from the domain name or numbers from a phone number and append them to the beginning or the end of your strong password.

Wrpt27rz is a very random odd password no one I know has ever used including me. I just made it up. So for the hotmail account the password then is Wrpt27rzhot.

What if you think someone has figured it out. Just rotate the password.  It is easy. Go back to your base password and change a character. This simple change is easy to pickup and remember around all of your passwords because they are so similar! I call this organized Chaos! It is a beautiful thing!

Have a good week!

Midnight Tech

Browser Performance Basics

Browser Optimization

 Left unchecked your browser can become crippled and start to cost you more time than it should. It does not matter what browser or operating system you use. Most of these suggestions will help because they are designed to cause your browser to use resources more efficiently. Lets continue with the understanding that you are working from your personal computer and using your private profile. Please don’t do any of this from someone else’s computer or profile. You might remove their personal settings and give them access to your personal information and that’s never good!

Lets get started with Menu Bars, Plug-ins, Add-ons, and Accelerators. They all perform the same general function, which is to give a 3rd party some advantage and possibly give you better access to that third party’s services. Most of the time it is not necessary and it slows things down. If you really want performance make the browser run as light as possible just like it did when you first installed or used it. Because when you open your browser it has to load into memory, request and load your home page, and then load any extras. The extras you do run need to be worth it because each one may cost you seconds every time you open a browser. Flash and Java plug-ins are necessary. Toolbars, browser skins, plug-ins etc. are the fat that you can trim to allow your browser run as quickly as possible.

If your plan is to get online and get right down to business ask yourself, what business do you do the most of? Is it email? Is it reading the news? Are you a developer? Is it social networking? Do you blog? Decide what that is and set your home page appropriately so when you open it you are ready to roll. Here is a good example. I suggest for people that are all about webmail to let the browser save your credentials for your web mail. Then set your webmail inbox as your home page. Now when you launch your browser your email is ready to read. I prefer using google as my home page or I type urls directly into an address or search bar. Because when I open a browser window I just want it ready so I can move. The point is try to get your home page to load the content your trying to get for you as soon as you launch it.

Tab vs New Browser Windows.  As a rule I suggest limiting the number of browser windows that are open and instead use more browser tabs.  Each time you open a browser window it reloads the entire browser in memory (for every window you open). Tabs are more efficient.

Your browser got hijacked – Yikes! If you read my last post about drive by banner advertising you already know where I am going next.  When you fall victim to a banner advertisement hack the settings in your browser get changed. Your hijacked browser fulfills the goals of the attacker. It starts innocently with a new tool bar, a home page that changes on its own, or some pop-up windows that could display just about anything. If you see this happening stop and fix it. This behaviour of your browser is commonly miss-construed and even trusted by some people. Just stop and have a good look. Pay attention to the details. Ask yourself if the pop-up is from your antivirus software or your operating system. If not then ask if it is another software on your computer that you know about. If not again then ask yourself, are you are really going to believe a third party that says you need their help? NO! Try and identify them. Who is putting that message on your screen? If you don’t know then it is most likely an attempt to hijack you.

Don’t click on the window or the x to close it. Find another way to get out.  Log out, restart, use a finder or task manager to kill that process. windows Alt-f4 combination closes active processes without any mouse clicks. Ask for some help. Once your out disconnect your network / wireless and then go into the advanced settings of your browser and reset it back to its defaults. This removes the settings that were hijacking your browser and the browser runs like it did new. If it does not you may have another problem. If that is the case post a reply on this thread and tell me whats going on.  Or call us for a free consultation at 618 985-5455. We do remote support after 5PM CST and are happy to help you out.

Drive By Banner Ads – An Effective Way to Give You a Virus. Who Knew?

image

Today I am taking some time to touch on a topic that never gets any press.  No major companies who have advertisers want to say anything about it. That would make them responsible!

Here it is.  The people who write malicious viruses that damage computers and steal identities are making a lot of money these days. They are buying up advertising and using it to perform browser hijacks so they can plant more viruses on the un-suspecting viewers computers.

Advertising on websites is a lucrative business. Websites that can attract a lot of viewers also attract advertisers. Advertisers want to pay for the right to place their advertisements. Price depends on size, length in time displayed, number of times displayed, targeted time of day, and targeted geographical location.

Most advertisements are now presented using active content. Advertisements are authored in the form of flash movies, windows media streaming content, quick-time videos, animated layered dhtml with live embedded graphics, and so many others I just don’t have time to mention. Active content is worth its salt because it is able to provide an interactive interface to the viewer. People click on anything that attracts their attention or interest. The advertisement could be a duck hunt banner where you “shoot” as many ducks as you like. It could be a nice car from Ford driving across your screen. The point is human nature urges you to click on that! And this user interaction is just the the thing needed to allow malicious code to run.

Most active content authoring software can be used to produce content that performs functions such as opening a new window, recording specific information about the viewers computer, browser, and location. Even reading and writing files to the hard drive for later use. Microsoft has been aware of these periphery type attacks and has been publishing service packs left and right to prevent anything from going through without the users consent.

Then there is human nature. The best place to get a feel for what I am talking about is a casino. Go in and look at people go after the slots. They are driven by want, hope for a better tomorrow, and an un-spoken need to ignore something bad. This is best done mindlessly playing that slot machine. The same is true online. Your dangerous attacker knows you better than you think! There in lies the punch line. He uses your human nature against you in the craftiest ways. You have no idea how sneaky these guys are. So if it pops up and you just “HAVE” to click it, stop! Ask who’s asking, what for, and why! My rule is I need to know who and completely respect that entity. It should be a process I started on purpose (i needed to download a file), and why (downloading the file so I can install that driver). Are you freaked out yet? Don’t be. Just raise your awareness up a notch. Be mindful of where you are going online and pay attention to alerts. They tell you that active content on a page is trying to perform a task that is, well, sort of crossing a line. It is necessary for downloading content.  And only you can determine who is doing what and why. Ultimately – you have to allow it.

At first a lot of these attacks were popping up on Face book. They also occur on less than desirable websites. Now these malicious authors are boldly buying up advertising space from big companies you trust.  The companies have no idea – for the most part how the authoring is coded. Only that it fits in the purchased space.

Recently, I was called by the Comodo Security Company as a business to buy and sell their software to my customers.  That relationship is still in the air.  However, during my initial look at this company I ran across a very good video blog with regards to this subject.  Here is a link.  Sit back and have a listen to this guy!

http://www.comodo.tv/home-computing/hackers-spending-money-to-make-money/

Regards!

Midnight Tech

 

 

The Small Things Matter

image

I am using my phone for this one so I need to keep it simple. A lot of small needs came through the door this week. The devil is in the details. One browser hijack, one “lost” app,  an email client imap issue,  and a computer tweak over a remote support session. There were many others but I simply can’t talk about all of them.

It is so important to take the time to concentrate completely on one task. I make sure when I am done there is nothing more I could do. This way whatever I do is efficiently done right.

The trouble shooting on the browser hijack is easy.  The cure is even more important.   When the normal methods of recovery from something like this fail I take a radical approach that saves every piece of data.  I build a gorgeous new os with all available updates and performance enhancements.   I put the data back on and deliver the finished product to the customer.  While on site I make sure printers,  networks,  and software are working.   When I am done that 30 day warranty is the furthest worry from my mind!

Lost app was unique.   Businesses come across smaller applications and sometimes lose the cd and the  registration key! This time they had that one system with a working copy.  So their decision was either pay me 1 hour to hack that software so it ran on all of the computers or pay $300 per license to buy it again?  That is not a traditional request but guess what?   Piece of cake!

A customer called in stating his inbox items just dissapeared from outlook.   Wierd right?   Webmail works perfectly though.   It took 30 minutes to repair the outlook account during the remote support session.   It was a simple miscommunication between the client and the IMAP server.

I was asked to solve some issues on another computer remotely.   During that remote session I found the processor maxed and the memory completely used.  It was slow going.  I used my favorite performance tweak and rebooted.   As soon as I was re-connected I loaded antivirus and upgraded the fiirefox browser (per the customer request) .  Lastly,  I performed an eicar test.  As I finished the computer was all secure and running fast!

Midnight Tech

Drafting Division

One of my business customers called today with a printer issue. It simply was not working. The printer was located in the drafting department. These guys are some of the highest paid in the company because their work generates bids on work that enterprise customers of the company will hopefully accept.

I try to keep network configurations as simple as possible. KISS – Keep It Simple Stupid – applies most of the time. If you don’t run as simple as you can there is always something else to break and the more complex it is the harder it is to fix it.  Downtime equals bad PR!

When I was first introduced to the drafting department the company was moving onto Panda Managed Office Protection. The drafting guru is very particular. He is a super type A individual which is important if your a drafter.  He was running AVAST and SPYBOT Search and Destroy and MCAFFEE and .. and .. and .. and … at  a time I was working on the corporate antivirus solution. His computer was not accessible to me and I was trying to get access. I had seen how his security software was set up and was gently trying to explain that if one solution from panda were installed, removing all others, his performance and security would be greatly improved. The product runs mostly in the cloud and can be managed from anywhere. It is very efficient and powerful.  It was a tense moment when he rejected the idea for me. I respected his choice and view and moved on.

Previously the drafting person had only his own needs to worry about. This Guru’s workload had increased a great deal. He needed to take on some help. The company called inquiring on how to set up a secure network just for the drafting department. The company as a whole is running off of a Cisco RV016 multi wan vpn router with multi-homing and a good firewall that allows you to set up very specific traffic rules. It is a really cool and very affordable piece of equipment that I could have used to provide the solution they wanted. It has the ability to separate the drafting department from the rest of the company and even put them on a separate sub-net.  But it was also very important that I give the guru something physical to place his trust in because virtual network security measures cant be seen or quantified. Its a pretty big deal for someone like that to be able to see the protection. It is a a peace of mind thing. He wanted to make sure no one from the company could access his computer except for members of his department. I took a wireless router the office manager had in a closet and placed it in the drafting office. The uplink on wireless router grabs a dynamic IP on the existing corporate network.  I configured its lan interface to provide a unique private network subnet that is far different from the norm.

The drafting office is surrounded by equipment. There are plotters and printers all over the place. Some of them have network interfaces and some do not. Since the Guru had always used USB connections to the printers I just shared all of them from his computer and mapped them for the other user.  This has worked well for quite some time.  It is a very simple solution.  But today the Xerox Phaser Solid Media Printer was not working.

I spoke with them over the phone and had them check that it was not operating in offline mode. It had been. However, changing the device to an online status had no effect.  They quickly set up an appointment. I went out and discovered that the USB interface was partially blown on the printer. It did not allow the connecting computer to properly detect the model. I plugged the Phaser into the network and mapped directly to it from both computers. Problem solved.

It was good to be able to go out and see the drafting team. I was very happy to be able to help them and I look forward to the next time.

Midnight Tech

The Friend of a Friend I.T. Situation

I need to emphasize that as a business owner and an information technology person the friend situation is always brutal. It never seems to matter how good your intentions are – someone always seems to get hurt.  But when I am asked to do something for a friend I still do my best.  Some get it.  Some don’t.  I always hope they see the glass half full.

A friend of mine said he had a friend who was getting involved in a new venture.  The software they purchased had been installed on a single computer.  It was slow and undependable.  I was asked to provide a solution that would guarantee a solid future for this company’s operations on the software front. I needed to reduce the probability of a system failure. So I verbally quoted out a server and a network for around 5k. I was assuming the “customer” would buy everything else that was needed.  A week went by and more interest was shown.  A formal quote was needed.

Big hardware quotes are hard because you need to have a system to quote, sell, report shipping, record notes and record payments from start to finish.  Some companies have multiple systems that overlap and require dual entry.  Mine does not.  For instance – the POS system I did last week. It handles inventory, sales, ordering, payroll, tax, statistical analysis, and lots of other things.  But, at the end of the day the numbers are duplicated into quick books by accountants. This duplication of effort costs a lot of time and money.

Every point of sale system needs to have the product you are selling in its database. I designed my system in the form of an online store. It handles marketing, communication, payroll, tax, quoting, sales, payments, delivery, notes, and credit card processing.  None of that changes the fact that I had to manually enter every single product.  A time consuming task at the least.  I guess that’s the point. You always have to work to earn a living honestly.

The products I had to enter in addition to the server involved four boxes of cable because the customer needed the ability to run four cables at a time.  He needed equipment to terminate the cables on both ends. He needed a server rack to house the equipment neatly, and lots of patch cables to tie everything into the switch. The formal quote came out to 4k or so. I felt I had done very well considering the verbal quote was higher.

Here is where it gets interesting. This customer presented an American Express and to my surprise my system would not accept it. I had to go get a check which hurt the customers cash flow and caused frustration and embarrassment. I scrambled to get American Express set up. Later when the check cleared I did a quality control check before ordering the equipment. I discovered that the server had no operating system (my supplier said it had one but was mistaken).  I also realized I needed to have another hard drive for data redundancy on the server.

There were inexpensive options available. I could run an operating system I owned on that server. The software vendor requested server 2003 and I have a copy that I use hosting my systems.  Server 2003 can’t be purchased right now. It is more important that the customer own the operating system. I had to quote a copy of server 2008 and another hard drive for a combined total of $1100.

I see a lot of tech companies fix computers using operating systems that are not provided by or paid for by their customers.  This practice forces the customer to come back whenever there are problems.  Without the operating system disk or a valid software license where else can they go?  For this reason I think it is unethical to place software the customer does not own on their system.  Several years back I vowed I would never do that to anyone.  I have held true to that standard.  Most customers don’t realize that situation exists.  So when I sell them an operating system they think they are paying too much and I am giving them a bad deal.  In reality – I am really doing them a favor.

Unfortunately for me and my customer server operating systems go for $800 and up.  Server hard drives go for $250.  After successfully setting up American Express I ran the additional purchase on the customers American Express Card.  When the payment clears the bank the order will go out.  2 days later the product will be delivered.  Then I will go on site to install. That is quality time with the customer. Time with the customer is a priceless opportunity to delivery the best customer service and experience humanely possible.

Midnight Tech

POS – Slow credit card processing is no more

Last week, I think on Thursday after I had dropped a big email, I was looking for an more permanent solution.  The issue we had with credit cards that were taking 80 seconds to process was old. The stand alone card machine on the counter was working fine but the owner wanted the POS to work.  I had sent an email to the store owner, the reseller, and the merchant that sold the POS.  The gist was that we were going to make a big change the next week because of the performance issue we had been experiencing.

The reseller, Linda, really came through again.  Separated, neither Linda or the merchant had the whole story so no one could solve the issue. Linda wanted to get the merchant on the phone. The back story here is the merchant, a nice lady who will remain nameless, was very involved in the initial install.  It just did not go well and at times seemed to place her in a bad light. So she was not extremely happy about the situation and probably blamed Linda. You can probably imagine two frustrated women and me on a phone call. It was a tense call. But luckily, I was able to lead the conversation to the big question. “What other networks do you suggest we use with the third party software?”.  The question behind that was, “Which ones might Linda have the ability to resell?”.  Of course the merchant wanted to sell the proprietary network because she knew it was going to work.  Also because she would get a percentage of the proceeds from every sale in the future.  But we needed the question answered. The difference in the discount rate and the other subtleties in the contract could cost the company millions. This is why you always want to avoid the proprietary world. Its expensive in ways you don’t often think about. My feeling? If we are now getting discount rates of less than 2% because Linda resold the network and she wants to cut a great deal on a network that isn’t slow then I am all about it. We were able to get a few answers and it was just enough information to move forward.

A day later Linda had looked at three other networks.  One was a broken relationship (interesting story and I still respect Linda).  A second one was a good pick because it was a network she did not know would work. She did her homework and found out it was fully certified by the third party software. The third network never got a chance.  I said go, a day passed and I had all the paperwork from linda and had forwarded it on to the CEO.  A day later the CEO responded with signed paperwork that linda received.  Another day went by and the new encryped pinpads came in. I was on site for most of the day setting up the third party software, installing new pin pads, and reprogramming the stand alone credit card machine for data-wire and dial up on the new network.  It had to accept credit, debit, and electronic checks.  Its all such a blur.  I had so many other things going on I could not give you a real timeline if I tried.  Not that it matters.

Today I was informed all is well.  The POS is fast and stable.  There are no problems.  Kudos to Linda for a job well done!  Thank you Linda for your hard work!

Midnight Tech

A couple new features

I was looking around and decided to add a share link and a voting link.  I am trying to get more traffic so please comment on everything.  Don’t be forgiving.  Just put it out there.  If it creates an issue I will “adjust” the comment …  like this … but, I will be sure to leave just enough so you can get an idea what was edited.

Midnight Tech

Another Happy Customer!

In a previous post I mentioned a customer with a Dell Mini Net Book that needed a virus removed.  That work was completed on Wednesday as planned.  Thursday I delivered to the customer.  It was a 36 mile ride to a farm setting.  They were lucky and did have high speed internet.

I always like to take my work in and talk through the problem, the repair, and what to do in the future.  A quality control thing is also making sure while I am there that they are oneline and can use their printer – etc.

I went to go onine and the wireless prompted for a key.  He did not know it so I got on his desktop system and logged into the Belkin router to extract the information. Things went very well I was done in about 10 minutes.

As I was leaving he shared with me the store on all of the cats roaming around.  I got the low down!  Don’t get me wrong though.  His home was clean and there was no signs of pets in the place.  But when you walk outside there were 6 young ones and 3 or 4 adults.  He recently retired and moved to the place.  When he and his wife arrived there were no cats.  After a week or so a stray came onto the property and they fed it.  She had 2 kittens.  One did not make it.  The other one just had a litter of 7 one was still born.  He said that there is a veterinary clinic close by that will have summer workers from the university.  He intends on taking all of the young cats and having them neutered.  The students charge $20 each which is a good deal.  And if you ask me a very good idea!

Slow Credit Card Processing Problem Back!

Wednesday at 6PM the store owner called me to to report that credit cards were taking 2 minutes to process again.  I went over to verify that and look things over for an easy solution.  Just as before nothing on site is to blame.

This time around I am going to get the store a new merchant account with a different company – who uses a different network.  The new network is compatible with the POS being employed at the store and does not require a 3rd party solution for the interface.  This puts me in that proprietary situation I mentioned in the last post I did regarding POS Credit Cards. However, after speaking with the sales staff I was re-assured that the deal would be geared toward matching a rate we currently have.

I have already informed all parties having a relationship with the current credit card system what the plan is.

The store owner said that he fears a year from now that they will just raise the rates. He also wants to correct the problem quickly and wondered if we could try something else with the current provider. I explained that I have exhausted all possibilities with the current credit card processor.  I have asked them for a different solution.  They have informed me there are no other solutions that they have.  I said the wise thing is to move to a different credit card processor.  He agreed but, he wanted me to verify that the sales for the last two days settled.  I checked and they had.  So today I will be negotiating with another credit card processing company to get the same deal or something better.  That will be hard to do because the current rates they have are very very good.

Midnight Tech

 

New POS Credit Card Solution

I get calls from local businesses all the time. Every call is about something broken or something that is needed. One of the nice things about providing a good solution is having a positive effect on people. If your working with a business your success impacts the staff and the people it serves. That’s a great experience!

Today I finished implementing a credit card processing solution for a new business in Marion IL.  This project has lasted a few weeks. Sometimes getting computer software to work well with credit card processing networks isn’t easy.

Let me explain how that works. Commonly a Point Of Sale (POS) system will be designed in a proprietary fashion. They brand it and build it in a way so there are controls in place on how their product is used and by whom. This sometimes forces a merchant to purchase credit card processing through the proprietary vendor who sold the POS system.  Proprietary vendors almost always charges higher rates on credit and debit card transactions than the market is offering. The vendor will have larger profits this way as long as they keep getting new customers on their contracts.  Most new business owners just don’t know the details and they get whatever they sign up for.  I think sometimes the programmer just picks one processor to limit the chaos of having to provide a payment interface to multiple different networks.

My processor reseller, Linda, is a free agent who I trust to offer credit card processing solutions to my customers. I normally have several suggestions on what POS software solutions will work well with each business. I provide that information to the owners and when they have had time to look at the options and make a choice I have them take their decision to Linda. Linda works out the CC processing accounts. She does a great job getting the best deals.

The POS software purchased at this new business uses a 3rd party software solution to interface with the “non-proprietary” credit card networks. The network Linda provided has discount rates that are less than 2%. Unfortunately, the first day we connected the POS system and programmed it to use that network there was a problem.  All of the credit card and debit transactions were taking 80 seconds. There is one stand-alone credit card machine on the counter that is also used to accept checks electronically. They were using it to process credit and debit cards since the POS card swipes were so slow.

During the troubleshoot I looked at the local network, the operating systems, the antivirus solutions, I tried using a different router, I ran the 3rd party app from a completely different system, and I tried running a different version of the 3rd party app.  No change that was made on site had any effect on the slow speed of these transactions. So I could prove the problem was not on site. It is important to do that. In situations such as this I am working through three degrees of separation from the credit card processor. Every vendor associated with the credit card system is blaming another vendors system. You have to be able to isolate who’s system is not performing. This was a bad configuration for the account the business had on credit card processors front end network.

As soon as the troubleshoot was done I ordered a pin pad for the stand-alone credit card machine so they could run debt transactions from there also.  A day later Linda and I set the 3rd party app to temporarily use a different network. The business needed to use that solution until a new permanent credit card processing account was ready. It takes about a week for a merchant credit card processing account to be created. They have a lot of security and regulations to take into consideration.  They have to interface directly with the merchants bank account.

Monday I received a call from the processor that the account was ready. This morning I went over to the store and spent an hour on the phone with the credit card processor and the support team for the 3rd party software.  We re-programmed the 3rd party software to use the new account that was built. I am excited to say it worked. Both credit and debit cards are running as fast as 2 seconds from the POS system. They are very happy and so am I!

Dell Netbook (Inspiron Mini) with a virus

I received a very interesting call today.  This customer called in from about an hour away and said that he had a Dell Net book that he purchased from a friend and it had a virus.  He wanted to know if I could fix that.  So I met him for lunch at a local restaurant and we spoke about the situation.

To me it is important to fully understand how a computer is used by its owner before I ever touch it. I have a name for that conversation.  It is a “Free 15 minute consultation” even when that talk takes longer. This individual is retired and used it to access email.  He has had the laptop for 2 years.  He said he was using windows mail and that he liked to use the FireFox browser and did not want to lose his bookmarks.  He was also considering writing a book.  So he needed the Open Office suite to get it all down and then convert it over to PDF.

A net book from Dell, at least this one, is a very small computer.  So small it doesn’t even have an optical drive. There is no recovery CD shipped with these systems.  It is loaded on the internal drive as a recovery partition.  For any individual with a net book the question becomes, “Is it trash? and “Do I just need to buy another one?”.  And if you answered yes then you probably lost everything on that computer that was near and dear to you. Thats the beauty of what I do. I restore lost data on a daily basis. Whatever the reason your computer has failed my number one goal is to get your files back.

Lets look at the price tags.  You can buy a net book for roughly $250.  He said he got this from a friend.  He did mention the Geek Squad visit that he backed out of.  I don’t know exactly what the problem was there but I think it was a miss-communication over the cost they would charge to provide the solution.  That was last Friday.

He thought no one was open over the weekend (Midnight Tech is but he did not know that).  So he wanted to call today.  He found my business in the Verizon super-pages telephone book.

This gentleman most likely wants to spend less than $200 and thats good because I would not have charged that much anyway.  I am glad to have had the opportunity to look this guy in the eye and know that I am really going to be helping him out.  It will take me 2 hours he should have it back by Wednesday unless this needs a new hard drive or something along those lines.  From what I can see it is in pretty good shape.