services_vpn

Do you want the option to work from home and access all of your office computer’s files and applications?  Let’s cover some options.

LogMeIn was the go to option for remote access software in the past before they started charging for their software.  Fortunately, there are free applications that will allow you to remotely connect to your office computer from home.

1.) TeamViewer

TeamViewer, available for Windows, Apple, Linux, or Mobile installs without much fuss and is easy to use.

team_viewer_console

As you see, the TeamViewer window is divided into the Remote Control and Meeting tabs.  In the Remote Control tab, Your ID and Password have to be shared with the computer that connects to yours. The Personal Password allows you to access your computer from anywhere at any time provided, of course, it is left on.

In the Meeting tab under Control Remote Computer, you can control a remote computer by entering the Partner ID generated on the remote computer’s TeamViewer window under the Remote Control tab.

2.) Chrome Remote Desktop

Easier to use than TeamViewer, Chrome Remote Desktop does not have as many features. However, the good news is you do not need to have the web browser running to use the app.  You will need to have the Chrome browser installed, which we recommend using as your main web browser.

To download Chrome Remote Desktop, go the app page in the Chrome Web Store.

Chrome_Web_Store

Click the blue +Free button to download the app, and click Add when it asks you to confirm. If you are not signed into Google, it will prompt you to do so.

Once installed, click the Apps button under the Chrome search bar, and open the Chrome Remote Desktop App.

chrome_remote_desktop_app

Click the Get Started button if it appears.

To share your computer with another, click the green Share button.

share

You will be given a unique access code that the other party will use to access your computer.

access_code

It is recommended that you read the code aloud to the other party rather than type it. Click Allow access to enable the other party’s remote desktop session on your computer.

allow_access

To access a computer available for sharing, open a new tab in Chrome and click the gray Access button instead of the green Share button. Enter the access code provided by your partner whose computer is to be shared.

access-code-connect

Click Connect. You can also access your own remote computer you have previously made available for sharing with these latter steps. Just be sure to keep the Access code in a safe, handy place.

The downside of Chrome Remote Desktop is that you cannot perform file transfer with it. Instead you have to upload files to and download them from the cloud.

3.) Join.me

Join.me offers an extremely lightweight remote desktop app that is simple to use. If you opt for their basic plan, it’s free.  To share your desktop, go to their homepage and click start meeting.

screen-sharing-join-me-start-meeting

A number will be generated for your sharing session. It should be near the top of the screen in orange.

join.me

Give this number to the party on the other side. They will be able to use this when they connect to your computer by clicking join. Like TeamViewer, join.me is capable of file transfer, and you do not need to register or create an account to use it.

Which should you use?

Because of its inability to do file transfers and the Google account login requirement, Chrome Remote Desktop offers fewer comparative advantages than the other two remote desktop apps.

Between TeamViewer and join.me, the latter is slightly easier to use.  However, TeamViewer offers more features that the free version of join.me. These include co- browsing, whiteboard, and video/ webcam capabilities These extra features more than offset the streamlined, ergonomic interface of join.me and warrant TeamViewer as the recommended free application for remote access.

For more information about remote access or other issues concerning your home or office computers, consult your local IT professional.

Read More


TL-WR1043ND-01

TP-Link is among the vendors affected by the SOHO pharming campaign.

Recently, it was discovered that several hundred thousand routers fell victim to a hijacking scheme that could become a prevalent problem to many internet users worldwide.  The attack, dubbed as a ‘small office/home office (SOHO) pharming campaign,’ was targeting Vietnam, but according to a report by Team Cymru, the SOHO pharming campaign also made its way into regions like the US and Italy.

The criminals behind the pharming campaign took advantage of exploitable security holes in various consumer-grade routers, and from there they were able to redirect users to malicious websites to steal login credentials and/or dropped malware onto the users’ computer.  The scary part about this SOHO campaign is that more than one type of routers are affected.  According to Team Cymru, the compromised routers could be a brand name like D-Link or and off-brand like TP-Link.

soho-hijack

A diagram depicting the ‘man-in-the-middle’ hijacking scheme from Team Cymru.

Cyber security experts found that once the attackers had control of their targeted routers, they changed the devices’ Domain Name System (DNS) settings to force users to send out requests to the 5.45.75.11 and 5.45.75.36 IP addresses.  The new DNS settings then acts as a ‘middle-man’ and redirect users to malicious sites instead of legitimate ones.

While it is easy to point the fingers directly at the people manufacturing the routers, it’s not completely their fault.  There’s no such thing as a ‘hands-off’ policy when it comes to protecting yourself from intrusions by cyber criminals.  That said, there are a few things many router owners can do to lessen their chances of becoming victims to the router hijacking scheme.

  1. Disable router’s remote user-mode and graphical user interface. Disabling remote access will help keep users who aren’t directly connected to your network from accessing your routers’ admin properties.  Disabling the GUI will, reportedly, mitigate the likelihood that someone can find a hole in the routers’ software.  Instead of making changes to the routers’ setting via a graphical interface, try to change the settings via command lines.
  2. Corporate networks may want deploy tracking systems (i.e. an HTML code on the externally facing servers) to detect possibly malicious IP addresses.
  3. All SOHO router settings (especially DNS) should be controlled at the host level.
  4. Admins must proactively monitor router settings periodically to ensure that the router’s DNS is pointing at those that belong to their internet service providers (ISP).

These are just a few of the basic security measures you must consider if you or your organization is using a SOHO router.  Should you have any questions or concerns regarding the recent SOHO pharming campaign or what you should do tighten up your network security, contact our IT professionals.

Read More


wdfWDSentine6l

What a NAS typically looks like.

NAS (not to be confused with NOS) is an essential tool for sharing files, doing backups and many other common functions between computers in your home or office.  Network Attached Storage, or ‘NAS’, isn’t the first thing you will think of when you’re shopping around for a computer.  As your home or office PC’s, tablets and smartphones build up, the term NAS will likely come up somewhere.

How can you use a NAS for your Home or Office?

Once you have several computers in your home or office, you’ll realize that it’s an inefficient use of time to constantly duplicate files from one hard drive to the next just so you can access them from all your devices.  That’s where NAS come in.  It’s an external hard drive with a light operating system (OS) to help make ‘sharing’ easier.

Western-Digital-Red-3TB-Synology-DS1812

Another look at a different NAS model.

Most of us pull information directly from the cloud, or huge datacenters scattered all over the world, but the issue with this is many people are not yet connected to a high speed connection.  A typical image (i.e. JPG or PNG) will download in just a few seconds if you’re retrieving it from a server, but large files like HD videos will require several hours.  The proximity to a server and the connection quality become limiting factors when we want to share any type of digital content.

So instead of uploading huge video files to the cloud (i.e. DropBox) and then sharing them via this route, people on the same network can share information using a NAS.  The biggest benefit of having a NAS for your home or office network is that you don’t need to run a dedicated PC at all times for people to access files.  As we already pointed out, the NAS is a computer on its own, with the exception that it possess just enough horsepower to carry out what it’s intended for.

More features already built in

Most NAS devices also have built-in printer sharing, so a single household can have access to the printer’s feature at all time from any supported devices.

You may also notice that your computer has a ‘back-up’ feature, which allows you to restore or retrieve lost files should there be some sort of software complications down the line.  While this method is completely acceptable for most cases, people who are even more concerned about their data should find a secondary source to back up their files to, such as a NAS.

Lastly, NAS is also extremely useful for pulling up information on-the-go.  If configured correctly, a NAS can act like a server so any user can pull up whatever is stored on the server from any location with an internet connection.  Just keep in mind that once you’re out of range of your own network, how fast you can retrieve these files from the NAS will depend on the connection you’re currently using.

To learn how your office can benefit from a NAS device, contact your local IT support.

Read More


DLink_Router

An easy hack that affects D-Link routers has recently been discussed in this article from devttys0.com. The writer of the article, Craig, goes through the steps of how the exploit works in great detail. If you are running a D-Link router in your home or office, should you be worried? We will go over a summary of the exploit here.

What’s the problem?

In a nutshell, if someone is connected to your home or office network they can change the user agent, which tells the website a little bit of information about your computer, giving them access to change the main settings of your D-Link router. The user agent needs to be set to “xmlset_roodkcableoj28840ybtide” which is backwards for “Edit by 04882 Joel Backdoor”, further pointing to this being originally used as a backdoor to the D-Link settings.

dlink-admin-page

Once an attacker is connected to your D-Link settings they can change passwords, network settings and wireless settings. A hardware reset should fix you right up if you are attacked.

How can I check my home/office wifi?

The first thing you want to do is to flip your D-Link router over and check if the model matches any of the following:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240

Several Planex routers also use the same firmware:

BRL-04UR
BRL-04CW

Even if your model number is not listed, there is no guarantee the D-Link or Planex router you are running will not have the same or similar problem. The exploit was tested on a specific version of the D-Link router software but there is no note of it being fixed. The only way to be 100% sure your D-Link device is not affected is to try the exploit explained in the above article yourself, or ask your office/home IT support staff.

What to do if I am running an affected router?

You do have a few options if you are running a D-Link router that could be vulnerable.

1. Make sure the settings of your router are not accessible from the internet. This will help prevent attackers from the internet, but if someone is connected to your wifi or network in your home or office you are still vulnerable.

2. Replace your D-Link router with a model that is not affected. This may be the only guaranteed way to avoid becoming a victim.

Onsite PC Solution is based in San Jose California and provides small and medium sized business IT support.

Read More


 

Network_Cables

In this article from Information Weekly, Brian Barnier explains some steps businesses can take to make sure they aren’t making costly mistakes when it comes to social media and how internal data is handled.  He goes into specific details in the article, but the main points he emphasizes are:

1. Decide what data is important to you

For example private customer information, the details given out on social media websites, and data gathered from your various sales, marketing and accounting departments.

2. Look for all in one packages

Make managing the above data as easy as possible with programs or solutions that handle everything.  An all in one solution will save time and in the end money.

3. Automate

Taking the all in one packages one step further and automating how your business data is managed will avoid possible breaches and problems in the future.  You can do this through office policies or through a set of processes.

Check out the article here!

Read More